Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Mia7-fWIp5B4hrDG_39ea4oYUuI.roa
File: Mia7-fWIp5B4hrDG_39ea4oYUuI.roa (raw, json)
Hash identifier: Rkgz0gghlALHoLiJ1HhWVSW6UWNSJrXhqE0R9U+THDo=
Subject key identifier: 32:26:BB:F9:F5:88:A7:90:78:86:B0:C6:FF:7F:5E:6B:8A:18:52:E2
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16BA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Mia7-fWIp5B4hrDG_39ea4oYUuI.roa
Signing time: Sat 20 Apr 2024 13:53:32 +0000
ROA not before: Sat 20 Apr 2024 13:53:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5818 (0x16ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 13:53:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3226BBF9F588A7907886B0C6FF7F5E6B8A1852E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:81:3b:75:25:ac:c0:70:15:27:c3:bf:8a:ba:
45:3b:da:f3:c5:96:bd:69:66:e9:e7:74:80:3c:0c:
2c:ba:7a:56:fe:51:0b:69:26:98:76:08:64:6c:17:
70:3f:35:e6:67:67:23:13:04:29:38:5a:67:4e:ac:
b4:f1:5b:e6:6e:04:54:3e:e9:51:61:41:bd:a4:be:
95:1c:b9:b5:57:39:7c:b1:c7:55:79:7d:f9:93:45:
ef:67:52:49:eb:94:49:2b:2b:37:c2:e4:52:e1:86:
07:e4:bc:ba:d0:48:ac:2c:cf:22:15:20:9c:0d:19:
36:71:f0:94:c5:61:f7:a3:38:2a:8c:a0:5e:2d:2e:
a6:b7:d5:1f:d6:c9:c8:fe:3d:cc:f9:bb:2d:2c:84:
4b:76:c5:36:1e:39:09:73:18:b8:39:63:8e:cd:36:
48:87:4b:cc:c3:fc:0e:46:a9:fb:9d:44:96:ff:b5:
30:a6:e6:68:e5:f0:3d:65:61:f3:44:42:d1:f1:25:
07:e2:0c:a8:5f:95:a0:20:5d:dc:d0:67:23:36:66:
c4:96:a3:c6:5a:2d:06:92:c8:5b:bb:eb:c7:34:41:
d6:07:31:82:18:6a:79:b4:5c:5e:d6:84:c6:70:f6:
85:0e:a9:be:3d:8e:43:1c:7a:bf:95:b9:30:6d:f4:
0e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:26:BB:F9:F5:88:A7:90:78:86:B0:C6:FF:7F:5E:6B:8A:18:52:E2
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Mia7-fWIp5B4hrDG_39ea4oYUuI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:96:8e:6e:bb:dd:7a:aa:b0:94:28:3a:7b:73:b6:5c:b6:c3:
70:21:74:45:d4:1a:5d:c3:56:ed:a4:9f:f8:96:d4:3e:31:fe:
d0:c4:d2:0e:d1:30:7b:d4:2c:de:aa:5d:12:04:00:f0:55:95:
e9:72:35:5c:d8:bb:ba:23:dd:82:0c:7c:04:17:64:71:af:73:
61:00:b1:b5:16:b1:e7:5b:c8:32:f0:10:3c:0f:fe:aa:ef:e4:
e9:dd:3a:e2:6d:82:74:01:1a:bc:8a:d2:7d:c4:a1:47:22:4a:
7a:ba:44:22:15:17:a6:5f:52:dc:00:31:13:d2:f2:2a:be:0f:
22:23:18:51:f0:5b:bd:2d:c0:0a:12:9c:67:97:9c:e7:ae:1c:
12:b7:25:f9:a3:f1:d3:aa:3c:f2:40:a0:62:97:e5:49:16:a5:
e1:00:42:1f:d4:3b:e8:bb:65:a2:b3:81:ed:d1:9f:fd:2e:d1:
12:80:fe:c6:51:a4:4b:68:94:9e:c5:02:80:0a:fd:17:d4:f9:
82:ef:3f:c1:48:2d:c6:ea:09:71:e9:d0:88:90:6a:f6:d8:75:
8a:bb:80:00:a6:15:d2:c7:15:dd:2b:e4:9f:6a:be:88:b3:b1:
2c:74:72:4d:60:bb:6c:f1:f1:15:ba:a8:65:d4:df:2c:a8:34:
ca:32:78:86
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFrowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAx
MzUzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyMjZCQkY5RjU4OEE3
OTA3ODg2QjBDNkZGN0Y1RTZCOEExODUyRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAgTt1JazAcBUnw7+KukU72vPFlr1pZunndIA8DCy6elb+UQtp
Jph2CGRsF3A/NeZnZyMTBCk4WmdOrLTxW+ZuBFQ+6VFhQb2kvpUcubVXOXyxx1V5
ffmTRe9nUknrlEkrKzfC5FLhhgfkvLrQSKwszyIVIJwNGTZx8JTFYfejOCqMoF4t
Lqa31R/Wycj+Pcz5uy0shEt2xTYeOQlzGLg5Y47NNkiHS8zD/A5GqfudRJb/tTCm
5mjl8D1lYfNEQtHxJQfiDKhflaAgXdzQZyM2ZsSWo8ZaLQaSyFu768c0QdYHMYIY
anm0XF7WhMZw9oUOqb49jkMcer+VuTBt9A49AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMia7+fWIp5B4hrDG/39ea4oYUuIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL01pYTctZldJcDVCNGhy
REdfMzllYTRvWVV1SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAYpaObrvdeqqwlCg6e3O2XLbDcCF0RdQa
XcNW7aSf+JbUPjH+0MTSDtEwe9Qs3qpdEgQA8FWV6XI1XNi7uiPdggx8BBdkca9z
YQCxtRax51vIMvAQPA/+qu/k6d064m2CdAEavIrSfcShRyJKerpEIhUXpl9S3AAx
E9LyKr4PIiMYUfBbvS3AChKcZ5ec564cErcl+aPx06o88kCgYpflSRal4QBCH9Q7
6LtlorOB7dGf/S7REoD+xlGkS2iUnsUCgAr9F9T5gu8/wUgtxuoJcenQiJBq9th1
iruAAKYV0scV3Svkn2q+iLOxLHRyTWC7bPHxFbqoZdTfLKg0yjJ4hg==
-----END CERTIFICATE-----
Generated at Sat Apr 20 15:07:17 2024 by rpki-client on console-fra.rpki-client.org