Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/RSglhY8FSGemwJoo3oPpfZdZctU.roa
File: RSglhY8FSGemwJoo3oPpfZdZctU.roa (raw, json)
Hash identifier: zbcm2asULokoYqe+2VygNpPRCTGIFsouO7N1D//xsHc=
Subject key identifier: 45:28:25:85:8F:05:48:67:A6:C0:9A:28:DE:83:E9:7D:97:59:72:D5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D1C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/RSglhY8FSGemwJoo3oPpfZdZctU.roa
Signing time: Tue 07 May 2024 14:24:32 +0000
ROA not before: Tue 07 May 2024 14:24:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7452 (0x1d1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 7 14:24:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=452825858F054867A6C09A28DE83E97D975972D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:4d:e4:ce:c5:df:ce:ed:fa:56:72:c7:17:
b1:15:1e:ea:13:db:5b:ed:08:2a:7d:59:56:e5:8a:
01:2f:79:3c:8f:df:b8:32:55:d3:e8:12:7a:f8:cb:
b3:c7:86:41:7c:c4:34:c7:38:b4:8c:83:a9:82:0d:
41:c6:a7:d5:45:56:57:bc:dc:ed:ba:85:2d:40:45:
e7:dd:e4:a9:bb:8a:bc:27:15:cd:31:4e:4f:6d:82:
f9:1f:bd:72:8b:2b:80:e4:68:ea:b8:bb:ca:7c:e6:
c0:ce:a9:06:e8:1f:38:f5:97:2c:83:99:fe:c9:de:
dd:22:7d:cd:88:bd:54:7e:01:18:23:a1:57:23:67:
21:0c:18:97:32:12:69:89:b3:d1:14:1f:2a:62:c5:
b4:5a:e7:ed:05:58:ca:16:56:6f:bb:78:81:ce:7e:
77:de:f2:d1:8c:b0:cd:0e:77:43:b6:1f:1a:57:68:
78:84:c6:b4:79:e0:7e:90:c9:3f:17:79:ec:a0:d3:
ca:4d:21:0e:fe:45:5b:85:41:20:0c:e1:cf:8c:41:
bc:46:5e:69:f7:9c:6d:7f:b7:08:78:72:59:94:db:
26:23:d6:72:92:47:39:2f:b9:9d:bc:ec:05:4a:02:
0f:6b:5a:9f:86:9b:95:dd:27:7b:a5:d4:b4:ec:f0:
5e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:28:25:85:8F:05:48:67:A6:C0:9A:28:DE:83:E9:7D:97:59:72:D5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/RSglhY8FSGemwJoo3oPpfZdZctU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d2:81:8e:57:fc:df:76:f5:72:fd:00:53:7d:89:32:98:a6:ab:
bc:5a:82:12:52:e6:34:db:c5:40:e0:ea:64:cc:20:94:aa:5f:
69:ea:3b:ad:e0:ea:86:dc:ef:82:3e:4c:9a:16:ef:75:96:bb:
b9:b5:a0:64:06:a0:f4:ab:08:43:ef:a4:61:b6:cd:e4:6b:ea:
74:fb:4f:19:c9:21:cd:3d:15:ec:01:36:af:a5:f9:db:1e:0a:
f5:f6:1f:a3:f9:6d:6e:28:3e:61:15:73:af:32:16:83:d0:01:
c3:e0:35:e2:45:6e:68:e0:5e:48:47:bc:5b:7e:c1:70:7f:71:
83:28:67:81:b2:d3:4d:9d:5a:0a:6d:d7:d7:4d:f7:96:5b:60:
17:2d:be:55:8d:cb:d1:e8:ad:7d:0c:7f:62:09:e6:b9:78:13:
ce:55:26:63:db:02:b0:9c:00:2f:8a:aa:a2:b9:08:98:fc:68:
06:0e:87:57:18:9e:50:bf:ba:a2:27:24:d4:96:cd:9a:be:ee:
2b:59:90:cb:dc:ac:bf:fd:bb:34:e9:cf:a5:42:34:12:42:a9:
35:22:57:df:98:40:8b:9b:91:e5:70:b5:00:66:7f:91:23:56:
25:30:0c:33:d7:2d:fa:c9:b9:3e:43:8c:cf:d5:c3:f4:a8:31:
d8:b3:4a:0e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHRwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDcx
NDI0MzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1MjgyNTg1OEYwNTQ4
NjdBNkMwOUEyOERFODNFOTdEOTc1OTcyRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/Rk3kzsXfzu36VnLHF7EVHuoT21vtCCp9WVbligEveTyP37gy
VdPoEnr4y7PHhkF8xDTHOLSMg6mCDUHGp9VFVle83O26hS1ARefd5Km7irwnFc0x
Tk9tgvkfvXKLK4DkaOq4u8p85sDOqQboHzj1lyyDmf7J3t0ifc2IvVR+ARgjoVcj
ZyEMGJcyEmmJs9EUHypixbRa5+0FWMoWVm+7eIHOfnfe8tGMsM0Od0O2HxpXaHiE
xrR54H6QyT8Xeeyg08pNIQ7+RVuFQSAM4c+MQbxGXmn3nG1/twh4clmU2yYj1nKS
RzkvuZ287AVKAg9rWp+Gm5XdJ3ul1LTs8F6pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURSglhY8FSGemwJoo3oPpfZdZctUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1JTZ2xoWThGU0dlbXdK
b28zb1BwZlpkWmN0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA0oGOV/zfdvVy/QBTfYkymKarvFqCElLm
NNvFQODqZMwglKpfaeo7reDqhtzvgj5MmhbvdZa7ubWgZAag9KsIQ++kYbbN5Gvq
dPtPGckhzT0V7AE2r6X52x4K9fYfo/ltbig+YRVzrzIWg9ABw+A14kVuaOBeSEe8
W37BcH9xgyhngbLTTZ1aCm3X1033lltgFy2+VY3L0eitfQx/YgnmuXgTzlUmY9sC
sJwAL4qqorkImPxoBg6HVxieUL+6oick1JbNmr7uK1mQy9ysv/27NOnPpUI0EkKp
NSJX35hAi5uR5XC1AGZ/kSNWJTAMM9ct+sm5PkOMz9XD9Kgx2LNKDg==
-----END CERTIFICATE-----
Generated at Tue May 7 20:08:24 2024 by rpki-client on console-fra.rpki-client.org