Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/NZwzvzUdumJZFTGEXlo_nHO9Y5Y.roa
File: NZwzvzUdumJZFTGEXlo_nHO9Y5Y.roa (raw, json)
Hash identifier: 7G+99EMEDM07WzoVMMGfyjgRfMmtqaPGyPRKxaFyJ+4=
Subject key identifier: 35:9C:33:BF:35:1D:BA:62:59:15:31:84:5E:5A:3F:9C:73:BD:63:96
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F28
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NZwzvzUdumJZFTGEXlo_nHO9Y5Y.roa
Signing time: Sun 31 Mar 2024 09:22:33 +0000
ROA not before: Sun 31 Mar 2024 09:22:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3880 (0xf28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 09:22:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=359C33BF351DBA62591531845E5A3F9C73BD6396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:05:a5:06:07:89:7a:04:42:42:57:38:14:11:
5e:2c:52:8a:2f:a6:d3:95:9e:81:95:ff:02:b4:c5:
ff:76:a9:d1:c7:cb:aa:07:02:c7:eb:de:6c:e8:23:
5f:1b:5e:c7:74:9a:10:b6:0d:05:e5:57:e8:b2:43:
9e:cb:de:83:e5:d1:c3:73:f5:f4:4d:fa:2a:b9:ec:
10:6f:e8:fb:df:e6:1c:84:a3:08:9f:75:15:ed:98:
cf:c8:cb:89:91:d1:8a:45:87:17:1e:06:eb:99:66:
21:64:99:ed:f1:e3:a5:8a:f2:a1:69:0f:7d:53:3b:
7f:7d:62:f6:42:85:27:51:2e:92:36:bb:a6:df:09:
5b:8c:e1:76:7c:2c:71:0f:36:d7:34:45:20:45:4a:
87:dd:b0:4b:27:ed:fc:30:c2:4b:c6:74:8c:2d:8e:
9d:df:4d:6f:d6:c0:98:6a:3b:03:63:d3:5d:7b:0e:
43:79:3b:98:51:cd:b1:51:0c:76:c1:61:fd:5c:98:
6d:46:6c:aa:89:5d:a3:9a:a9:c8:70:be:3d:a4:fd:
1f:64:09:a2:84:0c:1d:89:bd:ad:ed:e2:3d:3f:88:
7c:75:be:dc:6b:34:26:09:bb:2f:a1:8e:c9:ba:51:
90:a0:33:57:e0:25:20:24:9f:b3:0a:f8:3e:44:41:
47:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9C:33:BF:35:1D:BA:62:59:15:31:84:5E:5A:3F:9C:73:BD:63:96
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NZwzvzUdumJZFTGEXlo_nHO9Y5Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:c0:a6:cc:e1:86:42:c5:50:34:96:55:4e:2b:db:07:d7:46:
cb:11:8a:d2:aa:23:15:15:5a:ac:7f:10:64:b0:85:7b:65:7f:
2a:43:d3:f2:51:73:bc:60:1b:2d:7b:ca:49:95:85:83:48:ba:
0c:83:35:12:a3:b7:1e:71:c2:ae:f4:8f:a2:d4:78:1f:f2:3b:
31:4b:9e:5f:4c:47:c8:d3:93:77:08:9b:07:24:9a:36:dd:01:
75:64:c5:31:79:b3:e6:60:e1:68:d5:c8:8f:a6:50:e8:56:c9:
9f:13:9e:b7:d5:2b:a2:c9:fc:d3:cb:7d:7d:39:a5:09:b7:03:
ea:0b:46:4a:52:4f:cc:be:2f:ab:38:f2:21:aa:49:88:34:a0:
4a:73:fe:f4:26:32:2a:d4:6b:93:80:e5:bd:bb:82:e9:91:ca:
d5:05:69:ee:5a:3c:a9:c8:3c:57:db:be:ab:b7:49:d3:26:31:
01:2d:08:69:82:ea:0b:af:83:80:3f:91:64:06:f9:8d:83:93:
de:2f:da:0d:f8:1a:e1:cb:3d:2d:fd:01:e3:b2:14:78:90:ad:
b6:ae:e1:4e:e1:20:b7:31:3c:a5:fe:72:b5:ed:26:b5:20:7a:
43:33:47:78:20:7c:7f:9c:ba:93:00:10:61:94:f8:8f:de:e8:
86:12:15:12
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEw
OTIyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM1OUMzM0JGMzUxREJB
NjI1OTE1MzE4NDVFNUEzRjlDNzNCRDYzOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9BaUGB4l6BEJCVzgUEV4sUoovptOVnoGV/wK0xf92qdHHy6oH
Asfr3mzoI18bXsd0mhC2DQXlV+iyQ57L3oPl0cNz9fRN+iq57BBv6Pvf5hyEowif
dRXtmM/Iy4mR0YpFhxceBuuZZiFkme3x46WK8qFpD31TO399YvZChSdRLpI2u6bf
CVuM4XZ8LHEPNtc0RSBFSofdsEsn7fwwwkvGdIwtjp3fTW/WwJhqOwNj0117DkN5
O5hRzbFRDHbBYf1cmG1GbKqJXaOaqchwvj2k/R9kCaKEDB2Jva3t4j0/iHx1vtxr
NCYJuy+hjsm6UZCgM1fgJSAkn7MK+D5EQUcVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNZwzvzUdumJZFTGEXlo/nHO9Y5YwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL05ad3p2elVkdW1KWkZU
R0VYbG9fbkhPOVk1WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAt8CmzOGGQsVQNJZVTivbB9dGyxGK0qoj
FRVarH8QZLCFe2V/KkPT8lFzvGAbLXvKSZWFg0i6DIM1EqO3HnHCrvSPotR4H/I7
MUueX0xHyNOTdwibBySaNt0BdWTFMXmz5mDhaNXIj6ZQ6FbJnxOet9Urosn808t9
fTmlCbcD6gtGSlJPzL4vqzjyIapJiDSgSnP+9CYyKtRrk4DlvbuC6ZHK1QVp7lo8
qcg8V9u+q7dJ0yYxAS0IaYLqC6+DgD+RZAb5jYOT3i/aDfga4cs9Lf0B47IUeJCt
tq7hTuEgtzE8pf5yte0mtSB6QzNHeCB8f5y6kwAQYZT4j97ohhIVEg==
-----END CERTIFICATE-----
Generated at Sun Mar 31 11:16:12 2024 by rpki-client on console-fra.rpki-client.org