Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/OYWVcfTKnpIjeRX45In1x4uXhKU.roa
File: OYWVcfTKnpIjeRX45In1x4uXhKU.roa (raw, json)
Hash identifier: KiYk/kph17HO5Px9aqWcaBwapJqyrNfQFGui5Ios2wc=
Subject key identifier: 39:85:95:71:F4:CA:9E:92:23:79:15:F8:E4:89:F5:C7:8B:97:84:A5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 131E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/OYWVcfTKnpIjeRX45In1x4uXhKU.roa
Signing time: Wed 10 Apr 2024 22:53:09 +0000
ROA not before: Wed 10 Apr 2024 22:53:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4894 (0x131e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 22:53:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=39859571F4CA9E92237915F8E489F5C78B9784A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8c:c3:b1:52:e3:54:85:f6:54:01:c7:e0:db:
44:36:cb:e7:a7:69:57:ea:7a:cd:a6:58:0d:87:d7:
48:41:bd:2c:70:e6:4d:56:ef:17:38:4e:4c:8d:1b:
5f:d3:af:da:ae:e1:a5:bf:fd:88:ce:11:a0:b7:a9:
15:75:78:cb:c7:d2:16:70:f8:a2:50:0d:95:9c:7e:
5c:93:0d:de:2f:b9:85:c1:01:25:1f:b0:db:fe:bb:
98:00:57:fb:80:32:42:98:d8:79:db:a5:f2:cf:0a:
3b:f0:b5:77:bb:43:d2:0c:e7:26:0c:c0:db:f1:ee:
a7:37:4b:b9:5f:34:09:e1:a1:c8:09:83:57:f3:c7:
59:06:ab:47:47:6f:ef:9f:53:de:2e:ac:19:1b:be:
cd:88:45:3b:da:69:04:03:ce:08:56:8f:02:a4:ce:
ea:75:bd:eb:29:7b:93:11:d2:54:99:1f:67:0d:7f:
d1:3f:ba:52:4e:90:ce:72:a3:31:3e:f0:55:96:ff:
74:d5:36:ee:a0:7f:93:7a:3f:7f:4b:e4:f2:21:16:
6f:34:87:ab:91:d6:a4:c3:4c:86:03:bd:6e:01:12:
e4:d3:4a:35:7b:44:46:43:a0:d8:ac:d0:bb:f2:f1:
fc:f2:de:c0:80:e8:7a:b3:a7:f9:d7:f1:84:91:15:
b5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:85:95:71:F4:CA:9E:92:23:79:15:F8:E4:89:F5:C7:8B:97:84:A5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/OYWVcfTKnpIjeRX45In1x4uXhKU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:9b:55:7f:b0:b3:8d:fc:65:7f:74:42:7e:8d:3d:37:8b:df:
e0:69:e2:4a:7a:a2:02:7a:58:03:30:00:f2:23:1b:aa:8d:b4:
a7:3a:01:42:98:1d:ad:fd:36:9d:d2:59:d4:8b:b3:25:70:56:
51:af:65:8f:d0:17:6a:25:e6:69:38:6f:75:b5:1c:ff:86:07:
9b:14:ee:d5:50:bd:97:d8:3c:72:00:10:90:d9:82:ac:71:74:
c7:e2:96:fa:5a:21:ff:8d:9d:31:c9:a0:6b:cf:28:90:38:7b:
9f:6d:a7:9c:b5:34:c6:c0:15:07:d4:7a:0b:d5:01:48:71:e3:
7d:a3:82:c7:a1:6a:7f:27:11:73:9e:0e:70:ea:c7:b5:db:c8:
2a:f9:f8:6a:fa:90:eb:5b:ba:af:22:27:f8:7f:88:21:ff:e9:
8f:a8:72:e5:f4:e5:9e:ab:cb:c6:c7:de:c5:82:f8:8d:3a:86:
ee:ac:7c:07:0d:5e:50:3f:56:cc:d9:40:6b:e9:fd:8d:dd:0c:
3c:c3:74:b7:75:f9:1c:01:34:1b:05:a3:a0:c2:4e:06:9c:9a:
3c:f9:24:9d:68:f6:d4:06:65:3a:b3:df:7c:51:54:c0:df:9f:
c8:27:7c:f4:d5:2b:f2:fb:60:a9:fb:d5:fb:ce:ca:0f:ae:b9:
65:fa:61:a0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAy
MjUzMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5ODU5NTcxRjRDQTlF
OTIyMzc5MTVGOEU0ODlGNUM3OEI5Nzg0QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDojMOxUuNUhfZUAcfg20Q2y+enaVfqes2mWA2H10hBvSxw5k1W
7xc4TkyNG1/Tr9qu4aW//YjOEaC3qRV1eMvH0hZw+KJQDZWcflyTDd4vuYXBASUf
sNv+u5gAV/uAMkKY2HnbpfLPCjvwtXe7Q9IM5yYMwNvx7qc3S7lfNAnhocgJg1fz
x1kGq0dHb++fU94urBkbvs2IRTvaaQQDzghWjwKkzup1vespe5MR0lSZH2cNf9E/
ulJOkM5yozE+8FWW/3TVNu6gf5N6P39L5PIhFm80h6uR1qTDTIYDvW4BEuTTSjV7
REZDoNis0Lvy8fzy3sCA6Hqzp/nX8YSRFbWJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOYWVcfTKnpIjeRX45In1x4uXhKUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL09ZV1ZjZlRLbnBJamVS
WDQ1SW4xeDR1WGhLVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAZZtVf7Czjfxlf3RCfo09N4vf4GniSnqi
AnpYAzAA8iMbqo20pzoBQpgdrf02ndJZ1IuzJXBWUa9lj9AXaiXmaThvdbUc/4YH
mxTu1VC9l9g8cgAQkNmCrHF0x+KW+loh/42dMcmga88okDh7n22nnLU0xsAVB9R6
C9UBSHHjfaOCx6FqfycRc54OcOrHtdvIKvn4avqQ61u6ryIn+H+IIf/pj6hy5fTl
nqvLxsfexYL4jTqG7qx8Bw1eUD9WzNlAa+n9jd0MPMN0t3X5HAE0GwWjoMJOBpya
PPkknWj21AZlOrPffFFUwN+fyCd89NUr8vtgqfvV+87KD665ZfphoA==
-----END CERTIFICATE-----
Generated at Thu Apr 11 00:13:34 2024 by rpki-client on console-fra.rpki-client.org