Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/V1gLwLy2kacq7ya4gCodwM7bjwc.roa
File: V1gLwLy2kacq7ya4gCodwM7bjwc.roa (raw, json)
Hash identifier: BMO9Z/pLjSjkz8VMVz23b8FWTBKuwxNTAgQvCKkxUKo=
Subject key identifier: 57:58:0B:C0:BC:B6:91:A7:2A:EF:26:B8:80:2A:1D:C0:CE:DB:8F:07
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0891
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/V1gLwLy2kacq7ya4gCodwM7bjwc.roa
Signing time: Mon 10 Jul 2023 06:39:09 +0000
ROA not before: Mon 10 Jul 2023 06:39:09 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2193 (0x891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Jul 10 06:39:09 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=57580BC0BCB691A72AEF26B8802A1DC0CEDB8F07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:01:89:02:7b:d9:2e:70:12:f4:1b:86:6e:65:
84:0a:58:1b:3e:cb:f4:56:b0:ee:56:23:35:a0:63:
f7:66:39:df:9b:88:9b:c4:35:a6:6b:25:7b:2a:3e:
61:94:13:e1:2e:5c:0a:12:56:9e:fb:f0:fe:dc:64:
ef:e8:15:b8:c7:bc:95:0d:3d:85:07:bf:d2:3c:6b:
60:71:d2:93:1f:c3:a4:e4:25:d6:f3:27:bb:1b:79:
fa:94:00:fe:d4:69:71:7f:ab:8d:1a:1d:25:f8:7a:
f7:4f:7d:c4:01:cf:9c:ed:f7:f7:2e:7f:7f:2a:78:
d8:3e:f5:19:67:a6:6c:a2:f6:80:07:4f:ab:c2:24:
69:62:8f:9f:9a:30:c9:f9:87:f3:dc:e2:b4:7b:ed:
00:85:8d:b7:22:73:47:e9:6b:7d:a9:4d:41:4c:2c:
0b:56:4a:7e:3e:94:de:6e:2c:b0:d5:38:9e:4a:b0:
cd:08:43:64:91:51:39:99:9a:40:87:b1:bc:c0:ad:
5e:32:fe:af:60:5c:0d:ad:df:f5:64:63:7c:77:1d:
4e:77:6c:f0:a8:e0:6d:34:3e:16:a6:db:68:5f:ad:
63:fb:e1:01:32:5e:69:d5:b3:99:d5:93:28:79:7b:
7e:a6:e2:3d:53:5a:76:47:af:4d:6d:df:a8:2c:70:
4b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:58:0B:C0:BC:B6:91:A7:2A:EF:26:B8:80:2A:1D:C0:CE:DB:8F:07
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/V1gLwLy2kacq7ya4gCodwM7bjwc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d3:c8:92:20:6a:0f:70:07:1a:e6:0e:da:4d:69:22:7c:dd:38:
ff:61:a4:23:6d:99:1e:b7:f7:1a:3e:1f:65:ab:24:79:58:a7:
8e:1c:bc:a9:86:43:d8:07:77:a2:86:9f:77:9f:5a:35:65:28:
ea:4d:56:53:ec:77:72:1d:2b:af:fb:18:19:3b:6b:1d:cd:17:
75:a7:40:08:d2:a9:e0:e1:38:a1:48:ec:f7:52:b4:a9:9d:62:
58:56:7e:a7:ca:12:52:8f:40:ad:3b:70:1a:c4:a5:e4:05:20:
63:66:e9:f7:25:35:f3:27:f7:97:b1:4e:e9:82:87:92:e8:99:
48:48:8f:1b:f6:ff:8a:58:31:75:f5:98:d4:f5:63:aa:10:8a:
38:db:10:ff:8f:9c:d8:92:16:14:0a:e3:69:46:cf:72:f3:42:
8c:2e:da:f5:4b:a6:93:6f:ce:a9:f8:04:32:91:98:38:a7:e3:
dc:c9:74:09:0e:ec:45:e6:ec:85:b2:e9:85:7c:1c:00:10:35:
f4:eb:9a:80:7a:40:c6:47:22:1f:1b:df:9c:fc:51:af:bf:63:
35:df:7b:00:a3:ae:f9:9a:12:a7:de:32:21:8b:a7:0f:ce:0d:
27:bb:c7:44:ac:28:2e:66:96:15:e9:b5:fe:6c:20:57:c4:7c:
4f:c2:ef:8c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yMzA3MTAw
NjM5MDlaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDU3NTgwQkMwQkNCNjkx
QTcyQUVGMjZCODgwMkExREMwQ0VEQjhGMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcAYkCe9kucBL0G4ZuZYQKWBs+y/RWsO5WIzWgY/dmOd+biJvE
NaZrJXsqPmGUE+EuXAoSVp778P7cZO/oFbjHvJUNPYUHv9I8a2Bx0pMfw6TkJdbz
J7sbefqUAP7UaXF/q40aHSX4evdPfcQBz5zt9/cuf38qeNg+9Rlnpmyi9oAHT6vC
JGlij5+aMMn5h/Pc4rR77QCFjbcic0fpa32pTUFMLAtWSn4+lN5uLLDVOJ5KsM0I
Q2SRUTmZmkCHsbzArV4y/q9gXA2t3/VkY3x3HU53bPCo4G00Pham22hfrWP74QEy
XmnVs5nVkyh5e36m4j1TWnZHr01t36gscEv5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUV1gLwLy2kacq7ya4gCodwM7bjwcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1YxZ0x3THkya2FjcTd5
YTRnQ29kd003Ymp3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA08iSIGoPcAca5g7aTWkifN04/2GkI22Z
Hrf3Gj4fZaskeVinjhy8qYZD2Ad3ooafd59aNWUo6k1WU+x3ch0rr/sYGTtrHc0X
dadACNKp4OE4oUjs91K0qZ1iWFZ+p8oSUo9ArTtwGsSl5AUgY2bp9yU18yf3l7FO
6YKHkuiZSEiPG/b/ilgxdfWY1PVjqhCKONsQ/4+c2JIWFArjaUbPcvNCjC7a9Uum
k2/OqfgEMpGYOKfj3Ml0CQ7sRebshbLphXwcABA19OuagHpAxkciHxvfnPxRr79j
Nd97AKOu+ZoSp94yIYunD84NJ7vHRKwoLmaWFem1/mwgV8R8T8LvjA==
-----END CERTIFICATE-----
Generated at Wed Mar 27 09:47:01 2024 by rpki-client on console-ams.rpki-client.org