Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/UWpczdbHeZG81A6JORxfWSZsOds.roa
File: UWpczdbHeZG81A6JORxfWSZsOds.roa (raw, json)
Hash identifier: Ikk/w8qKlvOIxBWNrjG0lBQFSHE3VIHUlTf2/O6wsjw=
Subject key identifier: 51:6A:5C:CD:D6:C7:79:91:BC:D4:0E:89:39:1C:5F:59:26:6C:39:DB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B18
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/UWpczdbHeZG81A6JORxfWSZsOds.roa
Signing time: Thu 02 May 2024 05:24:07 +0000
ROA not before: Thu 02 May 2024 05:24:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6936 (0x1b18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 2 05:24:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=516A5CCDD6C77991BCD40E89391C5F59266C39DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:b8:44:3e:40:d2:f0:97:fa:c2:22:35:35:
d7:f5:6c:02:14:4c:8d:da:1a:69:79:cf:ce:00:b2:
74:b9:e5:0b:6f:e3:7d:63:d2:ee:c4:80:30:29:bb:
f3:ef:d4:72:43:4a:04:7e:ec:74:a7:76:1d:b6:02:
cc:5c:13:ea:06:4f:b5:f7:22:fe:a8:e0:d0:8b:70:
6a:95:35:f5:f4:79:69:a7:4f:c0:e1:e8:7d:47:30:
19:61:48:fc:ff:c6:8f:f0:73:76:a2:d8:bb:7e:1b:
07:fd:bb:57:bc:03:ea:ee:42:79:1b:a6:5a:7a:87:
b0:e3:5a:48:de:b5:0f:01:10:27:df:74:f6:b3:a1:
f3:7b:a1:67:10:11:9b:ee:1e:02:0d:2b:f8:90:b2:
42:6e:8e:0c:ad:67:03:8d:f3:c3:ef:cb:0a:1a:e0:
db:ec:2b:08:45:45:8a:6f:d7:5b:53:28:f2:ef:92:
7b:e0:c9:58:73:2a:40:e3:28:1a:c5:55:74:f0:65:
d0:c6:83:89:92:cb:e7:d4:ae:98:26:0b:bf:95:00:
f8:6c:dc:ac:bc:37:3d:1f:d0:0d:51:5a:8e:28:a3:
8b:78:8b:d7:a7:1e:99:de:3f:a7:44:83:94:6a:45:
91:fa:bd:58:ee:2b:55:3c:97:30:ea:c2:c9:51:29:
a8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:6A:5C:CD:D6:C7:79:91:BC:D4:0E:89:39:1C:5F:59:26:6C:39:DB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/UWpczdbHeZG81A6JORxfWSZsOds.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:b0:b2:92:10:5a:ea:6e:22:fe:fa:ff:14:91:2d:fd:36:14:
13:d9:3b:3e:13:73:3b:2c:11:a6:c7:38:df:20:3f:8b:25:66:
99:3b:f9:56:cb:15:d4:b0:96:69:6f:ac:17:5a:64:b2:10:4a:
12:70:97:01:3f:8d:d4:2b:a9:29:75:69:b8:12:18:92:67:c7:
3c:44:b9:fc:bf:3d:e5:b2:fb:81:ca:08:e3:e6:d3:04:ac:4e:
7a:d0:47:f2:2c:7b:67:bd:69:f8:a5:f0:6d:73:ed:96:ed:bc:
8e:3b:cd:b5:00:ea:2e:73:59:b2:0d:ba:19:22:9f:ff:63:bf:
5f:67:45:de:d9:76:31:27:25:b9:a5:bc:8b:00:4b:cd:6b:44:
c5:a0:75:2c:f3:2f:84:69:98:7a:86:4e:8e:7e:15:eb:89:f1:
74:0f:23:4a:a5:f0:31:88:a6:b6:43:c4:7b:51:48:f5:86:35:
c9:63:bc:91:02:5a:ac:78:a7:d9:ae:ea:d0:26:18:cb:56:6a:
20:d4:33:b0:22:10:3c:5a:e8:0d:e0:6e:be:f9:1e:ee:d7:d2:
2d:d9:82:24:6f:37:8c:f9:88:5c:66:9e:68:8f:87:87:8c:18:
b6:6f:3a:2f:af:ec:4d:31:d4:55:cd:3c:af:28:b0:ee:ea:db:
8b:b3:6d:08
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDIw
NTI0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxNkE1Q0NERDZDNzc5
OTFCQ0Q0MEU4OTM5MUM1RjU5MjY2QzM5REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWS7hEPkDS8Jf6wiI1Ndf1bAIUTI3aGml5z84AsnS55Qtv431j
0u7EgDApu/Pv1HJDSgR+7HSndh22AsxcE+oGT7X3Iv6o4NCLcGqVNfX0eWmnT8Dh
6H1HMBlhSPz/xo/wc3ai2Lt+Gwf9u1e8A+ruQnkbplp6h7DjWkjetQ8BECffdPaz
ofN7oWcQEZvuHgINK/iQskJujgytZwON88Pvywoa4NvsKwhFRYpv11tTKPLvknvg
yVhzKkDjKBrFVXTwZdDGg4mSy+fUrpgmC7+VAPhs3Ky8Nz0f0A1RWo4oo4t4i9en
HpneP6dEg5RqRZH6vVjuK1U8lzDqwslRKajZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUWpczdbHeZG81A6JORxfWSZsOdswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1VXcGN6ZGJIZVpHODFB
NkpPUnhmV1Nac09kcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAl7CykhBa6m4i/vr/FJEt/TYUE9k7PhNz
OywRpsc43yA/iyVmmTv5VssV1LCWaW+sF1pkshBKEnCXAT+N1CupKXVpuBIYkmfH
PES5/L895bL7gcoI4+bTBKxOetBH8ix7Z71p+KXwbXPtlu28jjvNtQDqLnNZsg26
GSKf/2O/X2dF3tl2MScluaW8iwBLzWtExaB1LPMvhGmYeoZOjn4V64nxdA8jSqXw
MYimtkPEe1FI9YY1yWO8kQJarHin2a7q0CYYy1ZqINQzsCIQPFroDeBuvvke7tfS
LdmCJG83jPmIXGaeaI+Hh4wYtm86L6/sTTHUVc08ryiw7urbi7NtCA==
-----END CERTIFICATE-----
Generated at Thu May 2 09:25:11 2024 by rpki-client on console-ams.rpki-client.org