Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/VG8Fq-gHdVnjylASslhwRXNGbXw.roa
File: VG8Fq-gHdVnjylASslhwRXNGbXw.roa (raw, json)
Hash identifier: W1GFTes/k2fv8P0qAqwQz+yejXMXYs2v6c0250vwdaE=
Subject key identifier: 54:6F:05:AB:E8:07:75:59:E3:CA:50:12:B2:58:70:45:73:46:6D:7C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 12F0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VG8Fq-gHdVnjylASslhwRXNGbXw.roa
Signing time: Wed 10 Apr 2024 11:23:08 +0000
ROA not before: Wed 10 Apr 2024 11:23:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4848 (0x12f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 11:23:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=546F05ABE8077559E3CA5012B258704573466D7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a5:c9:02:af:02:c5:52:6c:ae:2f:5c:f8:35:
f4:3d:22:04:13:38:4a:1d:2d:5f:f8:50:3e:ed:55:
5d:5d:90:d3:b6:5e:27:73:bf:05:f2:14:53:8e:31:
db:1e:6f:cb:19:0e:f9:01:c6:2d:59:40:96:c7:88:
f5:67:97:b7:41:5a:26:68:36:c5:84:13:32:b9:86:
0a:8e:76:a4:a6:32:a7:81:af:94:77:62:cb:95:8e:
89:07:64:e6:c5:e9:ba:ca:94:86:37:5f:24:cb:d4:
29:a0:5e:d2:7a:2c:eb:f6:8a:5c:24:c5:c4:57:54:
52:07:c7:8b:91:5e:9b:ac:fb:f2:45:79:3b:e6:9b:
5e:79:1b:b7:0e:52:02:00:07:84:a1:8e:e7:dd:e9:
7c:b7:64:c7:32:9b:64:e0:22:2d:5e:d1:11:a5:80:
60:df:85:43:95:eb:91:53:f4:2a:36:10:36:58:27:
5a:cf:a6:8c:85:06:e0:ae:c9:cd:1d:8d:fa:aa:52:
ba:4a:2f:93:62:5e:a4:68:da:31:af:df:48:af:2d:
1d:0c:ae:3a:0f:48:12:d1:4f:8c:d1:c6:35:d9:2a:
2b:57:79:72:63:c3:c3:d1:d8:b2:9d:31:82:fc:1e:
ed:a0:66:8e:5f:41:27:9a:6d:e9:62:ad:e5:62:37:
eb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6F:05:AB:E8:07:75:59:E3:CA:50:12:B2:58:70:45:73:46:6D:7C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VG8Fq-gHdVnjylASslhwRXNGbXw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:c3:ae:7c:8f:da:1a:8c:30:b1:f5:0d:94:d9:59:60:82:3c:
e7:65:77:86:65:e4:25:47:a0:aa:8a:cf:2e:75:e3:7b:ab:8f:
ec:ba:77:f7:14:79:d3:42:df:1a:60:03:9d:08:d1:e6:24:09:
53:31:1d:7f:7d:50:ef:1e:7e:9e:77:6e:86:51:39:80:13:b4:
55:3f:56:a7:4a:69:52:0d:2b:e0:86:de:84:e2:f1:2b:be:d8:
78:55:53:6a:52:92:53:08:59:56:ed:ab:6e:d1:da:07:a1:3f:
63:df:cf:96:62:1d:90:82:5b:41:4e:e0:21:1e:3c:3b:6b:41:
7d:b7:5b:ab:10:2c:4c:03:46:5e:aa:64:5f:87:7f:a3:16:d1:
ce:32:f2:4c:23:08:43:68:51:0a:28:b9:91:ad:fb:58:7f:8e:
6f:fd:7f:07:5c:40:49:57:9e:88:35:b7:60:73:3c:be:23:03:
04:df:2a:ff:98:19:52:91:3e:2c:aa:17:9d:46:5e:57:0a:17:
62:f1:fe:fd:39:74:41:27:5c:81:e5:99:b2:e5:7d:99:3a:0d:
6b:a8:08:ef:07:9b:8b:06:39:c5:8e:be:42:bf:da:4b:63:b3:
fb:aa:7b:51:3a:51:3f:f4:d8:3b:31:7c:68:01:74:93:0d:16:
d4:2c:a6:6a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEvAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAx
MTIzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0NkYwNUFCRTgwNzc1
NTlFM0NBNTAxMkIyNTg3MDQ1NzM0NjZEN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwpckCrwLFUmyuL1z4NfQ9IgQTOEodLV/4UD7tVV1dkNO2Xidz
vwXyFFOOMdseb8sZDvkBxi1ZQJbHiPVnl7dBWiZoNsWEEzK5hgqOdqSmMqeBr5R3
YsuVjokHZObF6brKlIY3XyTL1CmgXtJ6LOv2ilwkxcRXVFIHx4uRXpus+/JFeTvm
m155G7cOUgIAB4Shjufd6Xy3ZMcym2TgIi1e0RGlgGDfhUOV65FT9Co2EDZYJ1rP
poyFBuCuyc0djfqqUrpKL5NiXqRo2jGv30ivLR0MrjoPSBLRT4zRxjXZKitXeXJj
w8PR2LKdMYL8Hu2gZo5fQSeabelireViN+vZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVG8Fq+gHdVnjylASslhwRXNGbXwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1ZHOEZxLWdIZFZuanls
QVNzbGh3UlhOR2JYdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKMOufI/aGowwsfUNlNlZYII852V3hmXk
JUegqorPLnXje6uP7Lp39xR500LfGmADnQjR5iQJUzEdf31Q7x5+nnduhlE5gBO0
VT9Wp0ppUg0r4IbehOLxK77YeFVTalKSUwhZVu2rbtHaB6E/Y9/PlmIdkIJbQU7g
IR48O2tBfbdbqxAsTANGXqpkX4d/oxbRzjLyTCMIQ2hRCii5ka37WH+Ob/1/B1xA
SVeeiDW3YHM8viMDBN8q/5gZUpE+LKoXnUZeVwoXYvH+/Tl0QSdcgeWZsuV9mToN
a6gI7webiwY5xY6+Qr/aS2Oz+6p7UTpRP/TYOzF8aAF0kw0W1Cymag==
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:40:16 2024 by rpki-client on console-ams.rpki-client.org