Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/UZB3a_Z4IYV0DFQx5BLGCaSRuKw.roa
File: UZB3a_Z4IYV0DFQx5BLGCaSRuKw.roa (raw, json)
Hash identifier: W/znzICkbyoGlCOVf2UN3Pg33wZQQ5kklqtB5rvhpTo=
Subject key identifier: 51:90:77:6B:F6:78:21:85:74:0C:54:31:E4:12:C6:09:A4:91:B8:AC
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1832
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/UZB3a_Z4IYV0DFQx5BLGCaSRuKw.roa
Signing time: Wed 24 Apr 2024 11:53:39 +0000
ROA not before: Wed 24 Apr 2024 11:53:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6194 (0x1832)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 11:53:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5190776BF6782185740C5431E412C609A491B8AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6a:c0:5b:dd:99:ee:d0:20:7f:b7:fa:5f:a6:
e0:f6:03:c1:2a:5b:63:23:ff:e2:16:da:f1:31:e8:
d0:1e:96:01:3d:43:e0:c9:ce:e2:fc:55:40:91:7f:
05:4a:d1:15:71:80:11:0b:37:83:d8:cd:28:fb:f7:
91:d9:11:ef:df:7b:8b:7f:fe:b6:67:34:57:36:c7:
36:55:39:d2:ca:ab:94:18:d1:34:92:86:b5:75:ca:
06:fc:49:ac:93:10:66:2a:29:32:70:6c:15:d2:98:
46:0f:f2:8c:e3:03:f8:c6:45:59:2f:59:ea:5d:40:
04:d9:24:65:24:6e:5c:38:fb:fa:66:34:3f:6f:81:
08:b0:ba:89:3b:de:f5:a3:40:00:12:db:bf:b8:be:
83:6f:5c:a2:3f:ae:ea:dd:33:16:70:ff:db:ff:74:
1e:f9:d7:a1:ea:9a:bd:83:28:17:3d:8e:84:02:53:
ac:eb:6b:bf:17:76:67:0a:14:7a:27:d2:bc:f7:c5:
83:b6:72:87:aa:01:2e:db:43:f6:94:83:91:2e:5d:
e4:78:db:e5:4a:a0:4e:5a:c5:42:16:61:20:98:7d:
ef:45:0e:8d:ea:90:db:fd:66:ca:87:58:88:1e:28:
93:ba:fd:9f:23:a5:8e:35:50:91:62:46:60:75:4c:
31:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:90:77:6B:F6:78:21:85:74:0C:54:31:E4:12:C6:09:A4:91:B8:AC
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/UZB3a_Z4IYV0DFQx5BLGCaSRuKw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:f9:20:76:d9:ca:7b:04:67:68:a3:f2:c5:fb:30:e6:73:44:
b9:c7:b0:84:33:b5:7d:a6:f7:b6:93:b4:4f:17:86:04:5c:78:
28:78:d8:c2:37:ef:e5:3a:42:ef:05:d7:91:7a:e2:ad:af:8a:
30:51:c5:6a:85:e0:27:fb:71:e2:db:b4:4d:52:65:03:c4:b2:
c3:74:8d:72:32:8a:ac:28:56:5f:7d:96:38:39:d3:3e:cd:31:
0d:56:1e:cd:fc:ad:25:0b:3a:29:39:6c:f6:08:02:f0:7e:cc:
98:0e:d0:48:af:86:34:24:fb:1d:70:42:7a:33:7c:67:67:33:
96:e8:48:07:b3:94:b4:60:84:11:5d:56:b0:90:27:32:2d:1a:
14:15:1f:cf:dc:00:01:dc:29:22:3b:22:a1:70:e5:ca:c2:5c:
4e:9e:aa:fa:13:1a:e5:90:f0:97:4e:43:9b:92:d7:4b:e6:5f:
56:61:b2:1a:91:57:87:58:ec:85:b5:87:8b:29:d7:c1:04:02:
77:0a:64:9c:56:83:65:da:b7:f8:ed:af:62:ce:40:42:af:d3:
bb:b3:5e:a2:fb:6b:2a:3f:88:87:c4:6a:4f:0d:7c:40:25:d5:
49:f0:94:06:c4:8d:25:21:12:3e:50:f9:b3:48:dd:42:4f:eb:
54:6c:93:72
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQx
MTUzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxOTA3NzZCRjY3ODIx
ODU3NDBDNTQzMUU0MTJDNjA5QTQ5MUI4QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaasBb3Znu0CB/t/pfpuD2A8EqW2Mj/+IW2vEx6NAelgE9Q+DJ
zuL8VUCRfwVK0RVxgBELN4PYzSj795HZEe/fe4t//rZnNFc2xzZVOdLKq5QY0TSS
hrV1ygb8SayTEGYqKTJwbBXSmEYP8ozjA/jGRVkvWepdQATZJGUkblw4+/pmND9v
gQiwuok73vWjQAAS27+4voNvXKI/rurdMxZw/9v/dB7516Hqmr2DKBc9joQCU6zr
a78XdmcKFHon0rz3xYO2coeqAS7bQ/aUg5EuXeR42+VKoE5axUIWYSCYfe9FDo3q
kNv9ZsqHWIgeKJO6/Z8jpY41UJFiRmB1TDHbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUZB3a/Z4IYV0DFQx5BLGCaSRuKwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1VaQjNhX1o0SVlWMERG
UXg1QkxHQ2FTUnVLdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAavkgdtnKewRnaKPyxfsw5nNEucewhDO1
fab3tpO0TxeGBFx4KHjYwjfv5TpC7wXXkXrira+KMFHFaoXgJ/tx4tu0TVJlA8Sy
w3SNcjKKrChWX32WODnTPs0xDVYezfytJQs6KTls9ggC8H7MmA7QSK+GNCT7HXBC
ejN8Z2czluhIB7OUtGCEEV1WsJAnMi0aFBUfz9wAAdwpIjsioXDlysJcTp6q+hMa
5ZDwl05Dm5LXS+ZfVmGyGpFXh1jshbWHiynXwQQCdwpknFaDZdq3+O2vYs5AQq/T
u7NeovtrKj+Ih8RqTw18QCXVSfCUBsSNJSESPlD5s0jdQk/rVGyTcg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 15:54:42 2024 by rpki-client on console-fra.rpki-client.org