Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PcHlTWKgiGmB2pb7WLLiWvwgcxE.roa
File: PcHlTWKgiGmB2pb7WLLiWvwgcxE.roa (raw, json)
Hash identifier: hL1evGELqJLqzBHghcch3tJGwCPOo800a4ar1u7KXBA=
Subject key identifier: 3D:C1:E5:4D:62:A0:88:69:81:DA:96:FB:58:B2:E2:5A:FC:20:73:11
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1116
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PcHlTWKgiGmB2pb7WLLiWvwgcxE.roa
Signing time: Fri 05 Apr 2024 12:52:48 +0000
ROA not before: Fri 05 Apr 2024 12:52:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4374 (0x1116)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 5 12:52:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3DC1E54D62A0886981DA96FB58B2E25AFC207311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4d:8f:32:b1:28:3f:f5:c2:73:36:20:da:9c:
2a:46:03:e7:91:f6:da:a8:5b:35:ad:b4:e6:14:4e:
b6:a6:ab:2c:71:ff:00:c0:61:53:fc:20:22:29:d5:
3f:a1:1b:48:7f:61:a1:3c:56:2c:13:27:7c:5c:b1:
f5:ba:88:5c:09:7c:7f:b5:5d:52:28:2e:3c:fd:3c:
16:f7:81:e4:80:38:f5:99:a8:8c:24:c3:8c:52:e2:
47:69:52:25:24:ae:95:38:44:ad:ee:2d:bd:b3:df:
7b:b3:7c:ef:83:b6:4a:d8:3a:7c:9c:99:7d:88:63:
eb:89:8b:a2:10:06:05:e4:41:c8:85:96:32:af:cd:
a4:7f:0e:3d:b0:90:28:d9:4d:51:dc:68:80:9b:18:
56:60:3d:74:fa:f2:0c:78:db:fc:b7:bd:77:bc:7e:
51:30:c8:7d:86:ed:20:14:e1:f6:19:22:f1:d1:15:
dd:ea:2a:72:92:f9:20:5d:d8:7e:fb:5e:6c:aa:ee:
eb:ba:14:b9:05:27:02:ff:75:8a:34:26:19:91:ed:
d2:a1:7c:2b:69:e5:19:85:95:bf:2c:9c:ad:4f:82:
02:9b:50:94:73:5e:56:b1:70:18:b8:bd:74:fb:ba:
6f:d6:e3:98:41:ac:99:04:9b:cc:a6:99:0a:93:0f:
1b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C1:E5:4D:62:A0:88:69:81:DA:96:FB:58:B2:E2:5A:FC:20:73:11
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PcHlTWKgiGmB2pb7WLLiWvwgcxE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:25:ae:3c:ca:56:ca:a6:df:8a:58:b1:22:0b:67:b5:fc:c7:
6d:cb:9d:62:81:9a:41:32:c3:e1:be:30:eb:30:4b:2f:ab:a5:
d6:30:c8:b7:b7:6d:9f:88:6b:30:10:03:40:66:9c:2f:8c:86:
37:53:d8:4b:91:20:b9:ae:cb:aa:51:f3:f8:66:ab:0f:3d:fd:
66:65:9e:c7:e3:a8:d0:ac:23:86:ed:e9:e9:49:5c:97:e8:b5:
58:31:12:57:08:c8:bd:2d:e9:ac:c3:c2:5e:82:18:d8:31:e6:
00:37:6d:58:5d:a0:93:f1:a8:e1:43:58:d9:e3:7b:08:93:30:
59:98:5b:40:ca:2f:a5:13:35:4b:00:ef:64:01:0f:16:bb:bd:
71:5f:2e:da:d5:25:c9:bf:61:87:4b:ab:08:e2:f5:93:ec:2f:
d6:22:01:c1:64:46:a4:45:c2:c2:6e:71:38:84:03:d6:fe:d4:
38:95:7b:bd:0c:2a:54:56:65:94:19:3d:37:af:24:10:34:f5:
e1:dc:2f:0b:1f:53:7c:fa:e8:bd:2e:65:c7:f4:fd:cd:28:03:
b8:b2:ff:ff:c3:96:17:bf:61:be:78:de:bc:79:ee:b2:49:1d:
ff:12:aa:66:65:a2:cc:91:be:62:aa:ba:fc:5d:23:32:b9:f2:
c4:01:58:38
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICERYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDUx
MjUyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNEQzFFNTRENjJBMDg4
Njk4MURBOTZGQjU4QjJFMjVBRkMyMDczMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSTY8ysSg/9cJzNiDanCpGA+eR9tqoWzWttOYUTramqyxx/wDA
YVP8ICIp1T+hG0h/YaE8ViwTJ3xcsfW6iFwJfH+1XVIoLjz9PBb3geSAOPWZqIwk
w4xS4kdpUiUkrpU4RK3uLb2z33uzfO+DtkrYOnycmX2IY+uJi6IQBgXkQciFljKv
zaR/Dj2wkCjZTVHcaICbGFZgPXT68gx42/y3vXe8flEwyH2G7SAU4fYZIvHRFd3q
KnKS+SBd2H77Xmyq7uu6FLkFJwL/dYo0JhmR7dKhfCtp5RmFlb8snK1PggKbUJRz
XlaxcBi4vXT7um/W45hBrJkEm8ymmQqTDxsbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPcHlTWKgiGmB2pb7WLLiWvwgcxEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BjSGxUV0tnaUdtQjJw
YjdXTExpV3Z3Z2N4RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEARiWuPMpWyqbfilixIgtntfzHbcudYoGa
QTLD4b4w6zBLL6ul1jDIt7dtn4hrMBADQGacL4yGN1PYS5Egua7LqlHz+GarDz39
ZmWex+Oo0Kwjhu3p6Ulcl+i1WDESVwjIvS3prMPCXoIY2DHmADdtWF2gk/Go4UNY
2eN7CJMwWZhbQMovpRM1SwDvZAEPFru9cV8u2tUlyb9hh0urCOL1k+wv1iIBwWRG
pEXCwm5xOIQD1v7UOJV7vQwqVFZllBk9N68kEDT14dwvCx9TfProvS5lx/T9zSgD
uLL//8OWF79hvnjevHnuskkd/xKqZmWizJG+Yqq6/F0jMrnyxAFYOA==
-----END CERTIFICATE-----
Generated at Fri Apr 5 18:37:49 2024 by rpki-client on console-fra.rpki-client.org