Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/NvAjJSYdWxlZmr-17NwJHrJxHhs.roa
File: NvAjJSYdWxlZmr-17NwJHrJxHhs.roa (raw, json)
Hash identifier: XwyRoq55w9yfR75LssHHMBYOoMmtSpEudi71T/W1yMw=
Subject key identifier: 36:F0:23:25:26:1D:5B:19:59:9A:BF:B5:EC:DC:09:1E:B2:71:1E:1B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11AE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NvAjJSYdWxlZmr-17NwJHrJxHhs.roa
Signing time: Sun 07 Apr 2024 02:52:52 +0000
ROA not before: Sun 07 Apr 2024 02:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4526 (0x11ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 02:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=36F02325261D5B19599ABFB5ECDC091EB2711E1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bb:d2:a0:24:ab:22:d2:da:e7:a1:90:2c:69:
75:38:a4:d9:93:3e:b2:d8:13:e6:39:41:3f:99:6f:
cc:38:b4:d3:07:6c:2d:91:d3:d1:b3:67:1f:b2:eb:
d9:07:a7:1e:71:a7:90:13:93:96:d3:82:a2:10:b5:
26:78:5e:64:c6:ed:e2:d2:70:7d:c0:b9:1b:f8:cb:
1d:ea:31:19:d0:7d:53:02:4c:35:da:81:4c:3e:c3:
68:2d:91:45:84:29:c9:d4:fb:6b:7e:1e:4a:e0:67:
16:fe:47:0c:0b:a9:be:19:a1:e0:60:93:a2:d8:7e:
d5:8f:37:d7:88:bd:1d:0b:89:3d:dc:41:53:67:8a:
34:ea:20:f2:59:8a:84:db:d9:45:7f:6c:38:91:51:
e3:13:cb:fa:10:5e:16:ee:3c:23:cc:54:da:c5:0f:
f1:a7:6b:76:e0:e5:48:14:8c:6f:a1:d5:c6:de:cd:
40:d2:99:33:3a:a5:b7:2f:49:5a:31:34:e6:a8:d8:
d7:20:df:fa:ca:8b:d5:72:b8:42:78:e0:b5:89:62:
e0:c2:54:50:a4:44:0e:45:a3:38:38:ac:c8:8e:61:
c4:d6:f0:d2:7e:f5:20:91:20:0a:8c:c4:75:cd:5e:
9c:1a:a9:42:8d:c8:c5:ee:af:c7:64:07:43:28:19:
e7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F0:23:25:26:1D:5B:19:59:9A:BF:B5:EC:DC:09:1E:B2:71:1E:1B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NvAjJSYdWxlZmr-17NwJHrJxHhs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:be:d7:11:72:9d:7e:05:34:aa:a9:ca:40:2c:61:02:2f:26:
83:ce:9a:b8:a3:23:07:b8:cc:eb:8b:bf:83:53:8f:d6:31:d2:
35:17:3c:b9:68:6b:e2:79:21:65:ea:ee:41:f0:ac:98:d8:f3:
27:c5:c1:80:d1:43:96:bc:db:e0:0a:47:8e:3f:8b:6e:d3:50:
b4:11:75:09:58:25:1c:1a:0a:4e:3a:c0:e8:7b:0c:ea:68:99:
3b:eb:8a:9a:c6:5e:53:43:e8:3b:38:0e:47:c9:0c:e2:0b:da:
df:69:41:98:e6:d0:09:ac:85:12:2e:bd:e6:7d:b4:9e:e9:16:
79:46:69:76:b4:f2:85:08:94:fd:79:f1:b1:8d:28:85:7e:cf:
c8:b3:37:db:46:0d:75:5e:d9:00:76:53:8d:fe:7d:df:3f:63:
40:5d:1f:94:88:2b:ca:63:30:33:ee:00:3e:da:ed:7b:39:44:
ae:2e:c4:c7:57:d5:ce:fe:a1:ad:81:83:b9:31:70:c8:f4:30:
08:aa:55:aa:4f:cd:33:d4:18:be:6b:33:9e:23:6a:1d:2c:4b:
6b:c9:47:e2:16:bc:a9:a9:dc:0c:42:7b:e6:ce:47:d4:02:a7:
f3:23:d1:48:48:b1:8d:eb:a6:62:a1:b8:4d:33:f6:ed:52:e8:
29:d2:68:cd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcw
MjUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM2RjAyMzI1MjYxRDVC
MTk1OTlBQkZCNUVDREMwOTFFQjI3MTFFMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbu9KgJKsi0trnoZAsaXU4pNmTPrLYE+Y5QT+Zb8w4tNMHbC2R
09GzZx+y69kHpx5xp5ATk5bTgqIQtSZ4XmTG7eLScH3AuRv4yx3qMRnQfVMCTDXa
gUw+w2gtkUWEKcnU+2t+HkrgZxb+RwwLqb4ZoeBgk6LYftWPN9eIvR0LiT3cQVNn
ijTqIPJZioTb2UV/bDiRUeMTy/oQXhbuPCPMVNrFD/Gna3bg5UgUjG+h1cbezUDS
mTM6pbcvSVoxNOao2Ncg3/rKi9VyuEJ44LWJYuDCVFCkRA5Fozg4rMiOYcTW8NJ+
9SCRIAqMxHXNXpwaqUKNyMXur8dkB0MoGeffAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNvAjJSYdWxlZmr+17NwJHrJxHhswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL052QWpKU1lkV3hsWm1y
LTE3TndKSHJKeEhocy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAiL7XEXKdfgU0qqnKQCxhAi8mg86auKMj
B7jM64u/g1OP1jHSNRc8uWhr4nkhZeruQfCsmNjzJ8XBgNFDlrzb4ApHjj+LbtNQ
tBF1CVglHBoKTjrA6HsM6miZO+uKmsZeU0PoOzgOR8kM4gva32lBmObQCayFEi69
5n20nukWeUZpdrTyhQiU/XnxsY0ohX7PyLM320YNdV7ZAHZTjf593z9jQF0flIgr
ymMwM+4APtrtezlEri7Ex1fVzv6hrYGDuTFwyPQwCKpVqk/NM9QYvmszniNqHSxL
a8lH4ha8qancDEJ75s5H1AKn8yPRSEixjeumYqG4TTP27VLoKdJozQ==
-----END CERTIFICATE-----
Generated at Sun Apr 7 07:53:23 2024 by rpki-client on console-ams.rpki-client.org