Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/NovODtQuYLEwyui9JRi1DNCwucs.roa
File: NovODtQuYLEwyui9JRi1DNCwucs.roa (raw, json)
Hash identifier: zRN+Fo3LcXD7FAkZXMPuQeS54dEmFj30PsQOMccUg58=
Subject key identifier: 36:8B:CE:0E:D4:2E:60:B1:30:CA:E8:BD:25:18:B5:0C:D0:B0:B9:CB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 145E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NovODtQuYLEwyui9JRi1DNCwucs.roa
Signing time: Sun 14 Apr 2024 06:53:15 +0000
ROA not before: Sun 14 Apr 2024 06:53:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5214 (0x145e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 06:53:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=368BCE0ED42E60B130CAE8BD2518B50CD0B0B9CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:88:ee:bd:7b:e1:3f:3e:c6:ed:6f:3d:4c:4f:
ce:e6:55:f8:b8:9b:b5:3d:e6:a4:26:fe:1c:0d:ba:
5e:cc:2c:b1:e4:c8:2c:e1:55:a4:f4:d8:4e:1a:d5:
e4:7a:cd:f7:6c:c5:1d:d0:9e:c3:9a:69:01:1e:8a:
21:21:ea:7c:61:85:5a:f5:bb:86:c9:3b:de:cb:5c:
8f:b9:b2:ee:f0:37:ac:15:4e:3e:26:c9:c1:4e:0f:
55:af:62:7b:00:96:bd:06:ff:d8:97:0c:ca:ef:aa:
ad:01:c6:9c:ec:72:36:65:36:a2:f6:62:e9:ad:73:
b9:a2:fa:2a:a7:34:08:7f:3e:65:07:ec:36:0c:f2:
ae:d8:f5:81:ea:1e:fc:b1:3f:a0:25:df:cb:f7:d2:
9b:1f:12:53:aa:38:70:de:56:61:1b:d0:23:1e:22:
f8:de:85:d0:82:2d:47:62:3c:4c:6c:95:56:cc:40:
3f:f5:04:c3:87:ec:6f:42:7b:9e:2f:4a:38:e5:79:
3c:af:5a:62:68:d6:5c:95:c0:ca:d6:5e:77:2d:33:
64:cc:e1:c4:37:df:03:de:7d:b4:8b:46:94:1b:f7:
26:34:d1:c4:b4:c1:47:e6:b6:41:3e:b3:87:90:6c:
86:33:56:91:98:9b:3e:3d:d1:74:5b:08:6a:75:81:
74:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8B:CE:0E:D4:2E:60:B1:30:CA:E8:BD:25:18:B5:0C:D0:B0:B9:CB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NovODtQuYLEwyui9JRi1DNCwucs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:45:29:46:01:61:e3:0f:5c:3d:d3:c7:a1:5f:c4:cd:b6:32:
e4:38:71:f6:4d:f9:d1:0d:9f:81:e3:7a:60:dd:b5:7e:e9:ef:
4e:53:ac:a0:84:67:83:30:fb:e3:92:97:68:54:00:5d:2b:7a:
cb:f4:3d:00:29:a8:b1:df:a8:13:04:07:2e:03:6a:02:31:29:
cd:d2:d8:bc:75:d5:a4:11:df:71:a7:af:58:11:89:a4:c9:2c:
34:ac:d7:99:67:33:20:c3:c9:23:b6:24:40:59:bd:ac:cc:4b:
8f:b6:7c:f6:f3:04:40:56:92:49:37:f3:ee:bc:c1:c0:2e:8f:
0c:a7:00:99:ef:2d:f9:dc:f9:0f:60:e1:da:ee:06:39:b7:11:
36:86:de:21:05:ae:0c:be:1f:a1:5e:99:ef:65:20:be:19:0d:
3f:e0:f5:a0:a4:69:e6:ac:62:8f:aa:6f:05:a8:92:c5:56:ee:
26:c8:68:bc:23:10:bb:20:1c:e4:f7:d6:fa:03:b5:17:56:83:
ed:92:6c:4f:0a:8c:4a:8f:ea:18:f1:f4:20:c1:51:8e:77:50:
fa:c0:e3:c5:41:69:66:4d:c2:41:30:5d:f8:4f:97:a4:df:67:
41:ff:33:c7:ac:f3:3d:8e:68:26:3f:5b:fc:77:30:84:be:db:
57:1b:61:fc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQw
NjUzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM2OEJDRTBFRDQyRTYw
QjEzMENBRThCRDI1MThCNTBDRDBCMEI5Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5iO69e+E/Psbtbz1MT87mVfi4m7U95qQm/hwNul7MLLHkyCzh
VaT02E4a1eR6zfdsxR3QnsOaaQEeiiEh6nxhhVr1u4bJO97LXI+5su7wN6wVTj4m
ycFOD1WvYnsAlr0G/9iXDMrvqq0BxpzscjZlNqL2Yumtc7mi+iqnNAh/PmUH7DYM
8q7Y9YHqHvyxP6Al38v30psfElOqOHDeVmEb0CMeIvjehdCCLUdiPExslVbMQD/1
BMOH7G9Ce54vSjjleTyvWmJo1lyVwMrWXnctM2TM4cQ33wPefbSLRpQb9yY00cS0
wUfmtkE+s4eQbIYzVpGYmz490XRbCGp1gXT/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNovODtQuYLEwyui9JRi1DNCwucswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL05vdk9EdFF1WUxFd3l1
aTlKUmkxRE5Dd3Vjcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXEUpRgFh4w9cPdPHoV/EzbYy5Dhx9k35
0Q2fgeN6YN21funvTlOsoIRngzD745KXaFQAXSt6y/Q9ACmosd+oEwQHLgNqAjEp
zdLYvHXVpBHfcaevWBGJpMksNKzXmWczIMPJI7YkQFm9rMxLj7Z89vMEQFaSSTfz
7rzBwC6PDKcAme8t+dz5D2Dh2u4GObcRNobeIQWuDL4foV6Z72UgvhkNP+D1oKRp
5qxij6pvBaiSxVbuJshovCMQuyAc5PfW+gO1F1aD7ZJsTwqMSo/qGPH0IMFRjndQ
+sDjxUFpZk3CQTBd+E+XpN9nQf8zx6zzPY5oJj9b/HcwhL7bVxth/A==
-----END CERTIFICATE-----
Generated at Sun Apr 14 10:28:09 2024 by rpki-client on console-ams.rpki-client.org