Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/S-ZcSqLqzQfKLJZB3r0_ZP1ze90.roa
File: S-ZcSqLqzQfKLJZB3r0_ZP1ze90.roa (raw, json)
Hash identifier: sT9dc8o72u5Z4WTzuWHFaIypkH6VnrCLFtnSVsu00J4=
Subject key identifier: 4B:E6:5C:4A:A2:EA:CD:07:CA:2C:96:41:DE:BD:3F:64:FD:73:7B:DD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 154A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/S-ZcSqLqzQfKLJZB3r0_ZP1ze90.roa
Signing time: Tue 16 Apr 2024 17:53:22 +0000
ROA not before: Tue 16 Apr 2024 17:53:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5450 (0x154a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 16 17:53:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4BE65C4AA2EACD07CA2C9641DEBD3F64FD737BDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:92:7f:48:b3:d4:e0:0d:25:60:aa:e1:fd:c8:
28:27:09:97:95:6f:09:14:45:6c:bd:74:d5:b3:1a:
3a:35:3e:13:38:8e:0c:5d:e3:bf:f8:c2:d3:d0:e4:
33:aa:ad:ba:74:ff:57:98:f4:96:e9:25:7b:88:23:
43:51:1a:25:1b:c9:7d:5a:3f:f5:32:22:49:5c:b2:
62:73:8b:94:2d:bf:c6:5f:ca:ca:ae:77:0d:4e:5d:
69:27:4c:e1:c0:14:0e:8f:35:36:2a:74:06:48:a4:
23:78:03:3c:9f:90:67:78:69:69:8b:13:45:e0:51:
be:36:07:fd:5b:51:84:e2:de:db:79:c6:9d:a9:16:
ef:9e:bb:36:9d:cb:a7:1f:07:42:11:9e:5a:ca:a8:
ab:89:68:3d:3e:e2:1b:08:ac:7b:d2:ce:83:2a:0f:
57:9d:d7:07:b1:51:c8:c7:05:95:f2:ca:0d:39:f7:
d3:a0:8e:c0:20:21:3f:57:f3:04:bf:e9:9f:c4:bb:
d5:3e:df:21:47:1e:cf:be:df:df:91:5a:bb:7b:0d:
14:9b:e1:9f:f6:96:cf:32:54:69:2b:50:c0:b6:af:
d4:85:af:6f:e7:b1:84:71:c8:bc:ea:c6:2c:34:28:
aa:ac:2d:e9:2b:5c:63:f8:d1:d9:dc:19:13:31:04:
87:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E6:5C:4A:A2:EA:CD:07:CA:2C:96:41:DE:BD:3F:64:FD:73:7B:DD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/S-ZcSqLqzQfKLJZB3r0_ZP1ze90.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:71:5a:70:ea:b8:cc:01:40:05:ab:f2:21:34:d9:b3:4b:71:
e4:42:1f:82:2d:5c:45:45:61:23:df:27:a3:6d:10:fb:37:45:
6b:94:00:60:1b:ca:44:89:35:f6:07:a7:80:b2:26:c0:f2:a9:
8a:4a:4c:95:43:f3:7b:93:80:bc:0a:a1:b5:24:fc:fc:f1:40:
e3:a4:38:7a:8d:6a:d3:43:43:a4:15:fd:d8:dd:bd:e1:10:cd:
9b:d3:22:0b:bc:05:2f:fb:ee:d4:c4:bc:c5:78:8b:6b:10:c1:
a5:84:4d:12:4b:a4:ff:a2:62:be:9e:8a:a0:09:2c:6d:77:e7:
27:eb:64:6a:cc:4a:9b:d1:8a:28:01:56:c3:9a:75:5d:fd:01:
2e:5d:aa:b7:5c:a8:ed:e9:54:ef:d7:57:c7:2c:40:63:0f:d8:
85:9a:3d:dd:0e:99:9f:81:f4:08:d5:10:d7:bb:c7:38:b0:e3:
d1:e8:d4:9d:50:1d:6a:10:88:4c:7b:03:bb:07:0d:d0:5c:6d:
91:b6:07:89:a2:c5:a6:eb:59:94:24:33:19:ce:01:f0:21:70:
28:8f:e1:89:76:53:5c:de:fc:59:87:ca:80:de:36:09:f0:21:
88:5e:0c:29:03:3f:93:73:21:4f:51:c4:f3:13:be:1c:43:4e:
b0:3a:21:f5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTYx
NzUzMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCRTY1QzRBQTJFQUNE
MDdDQTJDOTY0MURFQkQzRjY0RkQ3MzdCREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCykn9Is9TgDSVgquH9yCgnCZeVbwkURWy9dNWzGjo1PhM4jgxd
47/4wtPQ5DOqrbp0/1eY9JbpJXuII0NRGiUbyX1aP/UyIklcsmJzi5Qtv8Zfysqu
dw1OXWknTOHAFA6PNTYqdAZIpCN4AzyfkGd4aWmLE0XgUb42B/1bUYTi3tt5xp2p
Fu+euzady6cfB0IRnlrKqKuJaD0+4hsIrHvSzoMqD1ed1wexUcjHBZXyyg0599Og
jsAgIT9X8wS/6Z/Eu9U+3yFHHs++39+RWrt7DRSb4Z/2ls8yVGkrUMC2r9SFr2/n
sYRxyLzqxiw0KKqsLekrXGP40dncGRMxBIeJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUS+ZcSqLqzQfKLJZB3r0/ZP1ze90wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1MtWmNTcUxxelFmS0xK
WkIzcjBfWlAxemU5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEArHFacOq4zAFABavyITTZs0tx5EIfgi1c
RUVhI98no20Q+zdFa5QAYBvKRIk19gengLImwPKpikpMlUPze5OAvAqhtST8/PFA
46Q4eo1q00NDpBX92N294RDNm9MiC7wFL/vu1MS8xXiLaxDBpYRNEkuk/6Jivp6K
oAksbXfnJ+tkasxKm9GKKAFWw5p1Xf0BLl2qt1yo7elU79dXxyxAYw/YhZo93Q6Z
n4H0CNUQ17vHOLDj0ejUnVAdahCITHsDuwcN0FxtkbYHiaLFputZlCQzGc4B8CFw
KI/hiXZTXN78WYfKgN42CfAhiF4MKQM/k3MhT1HE8xO+HENOsDoh9Q==
-----END CERTIFICATE-----
Generated at Tue Apr 16 21:40:06 2024 by rpki-client on console-fra.rpki-client.org