Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Otf1oStyqt8yy2VhAdFGRHwFCW0.roa
File: Otf1oStyqt8yy2VhAdFGRHwFCW0.roa (raw, json)
Hash identifier: inHtGINquVKrAiB8JCBQ6WBp3HuWT4GNhdW9cqY8T2Q=
Subject key identifier: 3A:D7:F5:A1:2B:72:AA:DF:32:CB:65:61:01:D1:46:44:7C:05:09:6D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C32
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Otf1oStyqt8yy2VhAdFGRHwFCW0.roa
Signing time: Sun 05 May 2024 03:54:26 +0000
ROA not before: Sun 05 May 2024 03:54:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7218 (0x1c32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 03:54:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3AD7F5A12B72AADF32CB656101D146447C05096D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c2:68:dc:bf:45:93:c1:09:b4:36:9f:7d:e1:
d7:a2:3c:a9:05:6d:48:7e:31:11:f5:20:8e:fd:99:
bf:5c:e5:d7:1b:4b:de:7c:0f:6d:3f:36:f4:e9:c3:
23:d0:f7:3d:e7:91:82:4f:11:e4:83:2c:b8:8a:e6:
ed:c1:65:90:44:c7:64:16:af:68:de:31:60:b2:58:
39:5c:52:37:39:33:40:8e:3b:36:32:ca:24:b4:56:
c2:e0:4e:f3:72:45:5f:04:39:be:af:63:8e:a3:45:
b9:0d:88:0f:13:32:9e:b2:3a:00:e1:5f:b8:79:2b:
88:49:12:70:6c:13:e3:3c:40:1c:7f:44:84:11:3b:
ab:cf:bf:db:04:f7:df:58:52:cf:2c:9e:8c:fd:5b:
a0:e6:ab:5c:2d:72:b2:bb:38:d9:8d:2f:0e:cc:98:
18:7b:e3:38:9a:26:2c:88:bd:a6:d7:33:9d:2a:7d:
a9:ac:40:da:23:94:c3:ed:42:9b:65:11:ff:ab:3c:
98:3d:b1:26:8b:67:85:b3:65:16:0a:ae:61:bc:4e:
a0:4a:87:9d:e8:c0:d3:29:49:61:78:ff:eb:1d:02:
f9:cf:65:bf:9b:d0:76:f4:fc:1b:10:84:e6:63:5c:
6e:d5:c7:88:bc:a7:76:7e:89:03:6a:b0:10:37:7f:
0a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D7:F5:A1:2B:72:AA:DF:32:CB:65:61:01:D1:46:44:7C:05:09:6D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Otf1oStyqt8yy2VhAdFGRHwFCW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:e4:18:95:81:0f:39:77:4a:6a:2a:39:59:cd:12:d1:b7:b5:
60:26:da:89:bb:f8:2b:1a:e1:91:5c:8b:f5:e3:ea:34:cb:25:
a0:b8:e5:f9:3e:10:93:e4:4b:40:e2:52:c2:0c:47:48:8c:74:
ad:55:b5:33:1b:78:ac:77:de:4a:6a:f3:2f:74:b8:76:b3:1c:
4e:57:d7:02:b5:21:bb:b8:2e:98:15:9a:13:22:ce:f9:c1:81:
65:7d:41:8a:97:df:23:33:49:8b:03:7e:12:ed:ae:ac:61:38:
70:c5:e0:e3:c0:36:74:0e:3f:b9:dd:fc:c8:2a:fd:f6:cb:1b:
66:a9:4b:73:f7:73:14:c6:c1:e2:4a:e8:ee:78:80:cf:fb:4c:
3d:80:a7:58:5b:60:01:4a:1d:e8:b1:c1:bd:41:27:be:d2:96:
65:72:d6:a5:56:76:90:31:14:68:d8:ff:87:99:e2:b5:aa:b9:
4e:59:61:8c:8f:5c:fe:49:f4:7f:ac:2a:da:e7:dc:1b:a7:bb:
46:3a:7b:a2:18:cf:f6:cb:2d:d2:d7:98:34:8b:cc:f9:e4:81:
4d:b3:64:49:08:3a:07:a3:9c:fd:30:c5:21:40:43:90:51:d3:
d6:67:68:99:94:0e:c2:20:b9:d0:b5:7f:c3:1c:c1:ee:a0:05:
bb:0d:e1:e3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUw
MzU0MjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNBRDdGNUExMkI3MkFB
REYzMkNCNjU2MTAxRDE0NjQ0N0MwNTA5NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChwmjcv0WTwQm0Np994deiPKkFbUh+MRH1II79mb9c5dcbS958
D20/NvTpwyPQ9z3nkYJPEeSDLLiK5u3BZZBEx2QWr2jeMWCyWDlcUjc5M0COOzYy
yiS0VsLgTvNyRV8EOb6vY46jRbkNiA8TMp6yOgDhX7h5K4hJEnBsE+M8QBx/RIQR
O6vPv9sE999YUs8snoz9W6Dmq1wtcrK7ONmNLw7MmBh74ziaJiyIvabXM50qfams
QNojlMPtQptlEf+rPJg9sSaLZ4WzZRYKrmG8TqBKh53owNMpSWF4/+sdAvnPZb+b
0Hb0/BsQhOZjXG7Vx4i8p3Z+iQNqsBA3fwpXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOtf1oStyqt8yy2VhAdFGRHwFCW0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL090ZjFvU3R5cXQ4eXky
VmhBZEZHUkh3RkNXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEArOQYlYEPOXdKaio5Wc0S0be1YCbaibv4
KxrhkVyL9ePqNMsloLjl+T4Qk+RLQOJSwgxHSIx0rVW1Mxt4rHfeSmrzL3S4drMc
TlfXArUhu7gumBWaEyLO+cGBZX1BipffIzNJiwN+Eu2urGE4cMXg48A2dA4/ud38
yCr99ssbZqlLc/dzFMbB4kro7niAz/tMPYCnWFtgAUod6LHBvUEnvtKWZXLWpVZ2
kDEUaNj/h5nitaq5TllhjI9c/kn0f6wq2ufcG6e7Rjp7ohjP9sst0teYNIvM+eSB
TbNkSQg6B6Oc/TDFIUBDkFHT1mdomZQOwiC50LV/wxzB7qAFuw3h4w==
-----END CERTIFICATE-----
Generated at Sun May 5 05:31:05 2024 by rpki-client on console-ams.rpki-client.org