Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/OcFxncyHle0BtAr1triFs-hpyUw.roa
File: OcFxncyHle0BtAr1triFs-hpyUw.roa (raw, json)
Hash identifier: d2ydpUYR2pihvxDq++ns05rUD24J0tv3Y4K9o/hjfnw=
Subject key identifier: 39:C1:71:9D:CC:87:95:ED:01:B4:0A:F5:B6:B8:85:B3:E8:69:C9:4C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16B0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/OcFxncyHle0BtAr1triFs-hpyUw.roa
Signing time: Sat 20 Apr 2024 11:23:30 +0000
ROA not before: Sat 20 Apr 2024 11:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5808 (0x16b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 11:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=39C1719DCC8795ED01B40AF5B6B885B3E869C94C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bc:ce:35:e5:8f:ff:47:f6:6c:c8:f6:a9:68:
5a:8e:23:d9:53:d7:1d:38:11:b0:c1:33:ce:e4:ba:
41:aa:51:d0:56:c6:ce:08:18:fc:76:a3:f3:75:16:
16:4f:07:32:be:1e:12:b9:93:13:83:7a:19:a0:96:
57:07:ca:48:f8:75:1f:1c:cb:09:3d:1e:9c:17:7e:
bc:ee:06:d6:d3:74:7e:91:6b:ac:d2:2c:e0:f4:a5:
63:54:a5:81:85:2b:f3:b1:cd:d7:6d:ad:44:c4:87:
eb:8a:5d:54:a3:e4:b3:bc:ff:d3:71:33:9b:13:cf:
fd:54:eb:2e:8e:20:0a:be:53:6d:e1:03:bb:a6:d7:
63:80:2a:11:a3:9b:43:eb:bc:7d:0b:63:39:7c:80:
84:84:7e:bd:3e:7a:28:db:9f:87:c6:c2:6b:1e:1d:
13:3b:9b:65:c3:01:37:32:21:64:bc:ed:49:6e:22:
65:d6:72:ab:f9:5f:b5:87:17:c0:10:f4:75:45:12:
24:37:9f:71:f2:7a:3f:d3:9e:28:7e:21:c7:4c:c4:
e6:8d:8f:a2:8a:d4:ba:58:55:1d:a2:6f:60:46:72:
d6:ef:38:11:69:fb:4d:33:9b:34:dc:2d:92:d1:aa:
95:2a:ad:0f:17:94:e4:bd:c6:86:22:ec:23:8a:c1:
50:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C1:71:9D:CC:87:95:ED:01:B4:0A:F5:B6:B8:85:B3:E8:69:C9:4C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/OcFxncyHle0BtAr1triFs-hpyUw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:ae:ca:f5:ab:ba:08:38:44:97:92:65:53:7b:66:02:0e:31:
82:84:da:7e:be:ce:aa:15:4b:69:02:4f:43:b6:35:1c:e5:ba:
fb:ee:8d:a8:1e:2c:5a:26:37:4b:70:8e:0c:a7:64:8d:60:00:
1a:81:c4:64:3d:49:2e:df:82:34:06:69:cd:28:bb:24:c8:48:
ca:6a:ae:07:1c:6c:36:9c:04:c6:28:30:f2:e8:76:ff:a8:db:
13:a7:21:29:a1:e4:29:81:31:66:38:30:1e:8d:a4:d2:37:f2:
12:6e:a2:64:a9:21:c9:58:ad:cf:07:3a:02:e2:17:fc:8c:1a:
38:e4:b5:7b:af:87:2d:ab:e5:28:af:73:e9:47:47:e9:9f:48:
d4:6d:4e:1f:20:5d:85:e2:a0:42:99:4a:65:38:53:f9:4c:cc:
b7:ba:54:6d:4c:dd:96:85:77:c0:87:29:91:e9:29:9b:ba:22:
d4:20:a0:51:14:72:7a:50:66:8b:20:69:6e:6d:17:23:88:99:
a5:0c:0c:5e:aa:5e:ab:d0:73:a0:5d:1a:c0:6f:56:7b:d6:1e:
35:6f:47:b4:ed:ae:75:6d:53:3c:e6:31:40:f4:47:73:e8:26:
8c:02:4f:5f:f2:e6:ad:ae:77:9c:ed:b2:09:e6:a3:38:ef:cf:
45:06:21:d1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFrAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAx
MTIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5QzE3MTlEQ0M4Nzk1
RUQwMUI0MEFGNUI2Qjg4NUIzRTg2OUM5NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCevM415Y//R/ZsyPapaFqOI9lT1x04EbDBM87kukGqUdBWxs4I
GPx2o/N1FhZPBzK+HhK5kxODehmgllcHykj4dR8cywk9HpwXfrzuBtbTdH6Ra6zS
LOD0pWNUpYGFK/OxzddtrUTEh+uKXVSj5LO8/9NxM5sTz/1U6y6OIAq+U23hA7um
12OAKhGjm0PrvH0LYzl8gISEfr0+eijbn4fGwmseHRM7m2XDATcyIWS87UluImXW
cqv5X7WHF8AQ9HVFEiQ3n3Hyej/Tnih+IcdMxOaNj6KK1LpYVR2ib2BGctbvOBFp
+00zmzTcLZLRqpUqrQ8XlOS9xoYi7COKwVAFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOcFxncyHle0BtAr1triFs+hpyUwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL09jRnhuY3lIbGUwQnRB
cjF0cmlGcy1ocHlVdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEALq7K9au6CDhEl5JlU3tmAg4xgoTafr7O
qhVLaQJPQ7Y1HOW6++6NqB4sWiY3S3CODKdkjWAAGoHEZD1JLt+CNAZpzSi7JMhI
ymquBxxsNpwExigw8uh2/6jbE6chKaHkKYExZjgwHo2k0jfyEm6iZKkhyVitzwc6
AuIX/IwaOOS1e6+HLavlKK9z6UdH6Z9I1G1OHyBdheKgQplKZThT+UzMt7pUbUzd
loV3wIcpkekpm7oi1CCgURRyelBmiyBpbm0XI4iZpQwMXqpeq9BzoF0awG9We9Ye
NW9HtO2udW1TPOYxQPRHc+gmjAJPX/Lmra53nO2yCeajOO/PRQYh0Q==
-----END CERTIFICATE-----
Generated at Sat Apr 20 12:38:46 2024 by rpki-client on console-fra.rpki-client.org