Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PcrLgJcglheJ2zzFidZILhETrYY.roa
File: PcrLgJcglheJ2zzFidZILhETrYY.roa (raw, json)
Hash identifier: egWXf6k2NxKBPrDyAxEqCrACrieSx81xoAcTagL2Bfk=
Subject key identifier: 3D:CA:CB:80:97:20:96:17:89:DB:3C:C5:89:D6:48:2E:11:13:AD:86
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1252
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PcrLgJcglheJ2zzFidZILhETrYY.roa
Signing time: Mon 08 Apr 2024 19:53:50 +0000
ROA not before: Mon 08 Apr 2024 19:53:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4690 (0x1252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 19:53:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3DCACB809720961789DB3CC589D6482E1113AD86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fa:76:61:0f:5d:d7:6e:e1:e0:60:e9:c1:24:
fa:98:1f:d4:a0:32:57:b8:57:a0:e7:7b:16:6f:94:
86:f0:b6:0b:5b:1f:0f:b3:6b:5a:8f:23:79:39:00:
4c:90:87:8c:de:36:3c:27:fb:c8:4f:28:6f:f3:ae:
ae:85:2f:c6:9a:d8:34:70:ae:da:2a:bc:1c:54:bf:
2d:56:3b:b0:70:32:3b:8b:01:9b:03:1e:32:99:73:
60:50:e1:e3:7a:ee:8e:26:a0:9a:52:ae:e7:83:2f:
b5:84:b3:ea:c5:73:37:ba:4a:23:e3:de:b6:cf:29:
2c:83:36:c4:00:af:34:c6:63:fa:7b:a8:e8:be:b1:
2d:dc:41:9b:ab:c7:c0:33:2d:0a:6c:fd:cf:cd:6c:
98:5d:6a:60:bf:0b:d0:da:40:57:c8:e3:b0:60:9c:
73:a0:9f:a6:75:96:ae:71:ea:a1:f9:f2:f2:4a:68:
bc:52:83:e1:99:46:9b:75:cb:16:c4:60:ee:4c:f1:
a0:be:22:28:76:ef:c5:c5:69:53:7d:2b:47:38:e1:
98:51:79:f5:3b:49:6b:61:71:d3:33:b7:4a:a1:4c:
2d:9a:95:e9:32:23:8c:a5:20:2b:6a:a2:e7:ed:fc:
f3:ec:37:2c:3d:45:5a:9d:bd:ee:f3:1e:1c:f7:da:
02:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CA:CB:80:97:20:96:17:89:DB:3C:C5:89:D6:48:2E:11:13:AD:86
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PcrLgJcglheJ2zzFidZILhETrYY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:83:51:75:78:a5:6b:58:f3:8f:7e:8c:7e:9e:9d:ef:b0:c4:
95:9c:f0:3b:f6:5f:55:c7:f7:5f:cc:13:4f:d9:65:ed:48:b9:
b0:bb:82:cc:63:5f:1e:0a:da:ad:20:c6:7e:5c:b4:63:31:88:
0f:2c:17:cb:d7:f0:a7:98:4a:b1:42:04:67:b3:b9:a4:a3:5f:
a1:6e:3e:36:1c:c9:18:20:c2:a8:5f:e3:0f:17:a6:6c:1d:dc:
90:0a:8e:5c:4c:07:7b:08:98:ce:75:b3:40:7c:f4:62:ac:e8:
77:56:ce:51:1e:4d:f9:1f:e8:c1:51:38:d6:5a:f9:d4:6d:4a:
9a:5c:8a:0f:e5:51:41:4b:9b:c3:5e:2a:e4:52:75:ca:b0:f0:
2e:cb:8b:6e:33:84:b5:f7:67:ae:21:f7:2d:16:f8:58:7f:2f:
1b:5d:d2:b2:86:95:fa:0d:f9:7a:a0:68:44:cc:69:a1:ba:ed:
68:64:8d:f8:40:0c:68:9a:a1:11:a5:d4:c5:1d:da:c1:52:c1:
a2:e2:b1:07:89:84:ba:2f:64:c8:2c:5c:75:ec:18:9a:fd:8b:
47:42:ec:f9:3d:2c:29:81:a5:0f:18:87:14:af:e8:05:a5:98:
46:0c:7a:3d:95:cb:cd:b7:01:95:1d:48:62:7b:e6:0d:22:4c:
75:b3:04:6e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICElIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgx
OTUzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNEQ0FDQjgwOTcyMDk2
MTc4OURCM0NDNTg5RDY0ODJFMTExM0FEODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj+nZhD13XbuHgYOnBJPqYH9SgMle4V6DnexZvlIbwtgtbHw+z
a1qPI3k5AEyQh4zeNjwn+8hPKG/zrq6FL8aa2DRwrtoqvBxUvy1WO7BwMjuLAZsD
HjKZc2BQ4eN67o4moJpSrueDL7WEs+rFcze6SiPj3rbPKSyDNsQArzTGY/p7qOi+
sS3cQZurx8AzLQps/c/NbJhdamC/C9DaQFfI47BgnHOgn6Z1lq5x6qH58vJKaLxS
g+GZRpt1yxbEYO5M8aC+Iih278XFaVN9K0c44ZhRefU7SWthcdMzt0qhTC2aleky
I4ylICtqouft/PPsNyw9RVqdve7zHhz32gLdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPcrLgJcglheJ2zzFidZILhETrYYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BjckxnSmNnbGhlSjJ6
ekZpZFpJTGhFVHJZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAVINRdXila1jzj36Mfp6d77DElZzwO/Zf
Vcf3X8wTT9ll7Ui5sLuCzGNfHgrarSDGfly0YzGIDywXy9fwp5hKsUIEZ7O5pKNf
oW4+NhzJGCDCqF/jDxembB3ckAqOXEwHewiYznWzQHz0Yqzod1bOUR5N+R/owVE4
1lr51G1KmlyKD+VRQUubw14q5FJ1yrDwLsuLbjOEtfdnriH3LRb4WH8vG13SsoaV
+g35eqBoRMxpobrtaGSN+EAMaJqhEaXUxR3awVLBouKxB4mEui9kyCxcdewYmv2L
R0Ls+T0sKYGlDxiHFK/oBaWYRgx6PZXLzbcBlR1IYnvmDSJMdbMEbg==
-----END CERTIFICATE-----
Generated at Mon Apr 8 23:48:08 2024 by rpki-client on console-fra.rpki-client.org