Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/VVzvZkWek3xgwUs4maupz6T8lWo.roa
File: VVzvZkWek3xgwUs4maupz6T8lWo.roa (raw, json)
Hash identifier: wjraqp6OfD0kiZTf1oFJa1hYLHrZOalZ29KC/EnL46g=
Subject key identifier: 55:5C:EF:66:45:9E:93:7C:60:C1:4B:38:99:AB:A9:CF:A4:FC:95:6A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F88
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VVzvZkWek3xgwUs4maupz6T8lWo.roa
Signing time: Mon 01 Apr 2024 09:22:44 +0000
ROA not before: Mon 01 Apr 2024 09:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3976 (0xf88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 09:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=555CEF66459E937C60C14B3899ABA9CFA4FC956A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b3:1a:ae:d3:76:1a:d2:b6:2a:cf:a0:95:6c:
bf:7b:70:24:92:8b:ca:56:3e:1a:45:f3:2d:b4:c8:
bb:33:66:d1:ab:9a:0b:fb:c5:4e:d5:42:22:bb:a9:
7c:8a:67:52:78:af:dd:27:93:44:61:b5:05:48:31:
b6:10:8a:58:e1:b7:50:18:2e:4d:64:a8:cb:36:60:
59:87:91:19:54:fb:55:23:ba:1e:46:a1:d7:07:49:
88:fd:f4:3f:86:3c:da:3a:59:22:59:45:7e:45:87:
8b:3f:48:ef:c2:36:ba:ce:f0:10:a5:e7:4c:cb:98:
15:c8:11:2a:53:32:13:9d:85:40:d0:db:0b:db:da:
94:84:57:c5:21:ba:0a:36:d7:33:5b:42:8c:bf:18:
25:d8:a7:9d:01:91:55:b6:9f:b0:e9:2d:fb:4a:c5:
93:a1:9f:9f:90:0f:61:e1:81:ba:3e:b9:72:24:81:
a4:e8:8c:c8:9a:3f:68:c7:ef:20:21:e3:1b:9b:12:
df:55:bf:2f:6e:96:f9:75:bf:d9:11:55:21:01:91:
cd:0f:ec:c3:65:e8:b9:66:b4:ed:3b:12:33:f7:a4:
f5:d7:de:89:1b:40:03:ce:47:d3:a7:4d:06:ff:6c:
04:9f:c2:75:5b:78:af:09:e5:af:bd:46:ae:10:18:
d9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5C:EF:66:45:9E:93:7C:60:C1:4B:38:99:AB:A9:CF:A4:FC:95:6A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VVzvZkWek3xgwUs4maupz6T8lWo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:fc:47:d2:3d:41:74:b6:a1:91:65:57:d1:50:6a:fe:55:f8:
9e:7d:a7:b3:44:76:dc:76:dc:82:1b:cc:f4:71:fd:00:4e:02:
ad:4b:4c:06:cb:0e:bc:20:2c:20:8d:c3:a8:7a:2c:45:b0:c1:
be:34:72:f7:93:1c:96:34:bb:a5:e8:38:51:d7:d3:d3:b1:52:
d4:a9:a0:97:2e:2e:27:e1:40:61:18:4c:3c:8d:bb:f3:03:ae:
26:05:32:e7:42:38:92:e3:f2:17:d2:c5:79:b0:51:87:e9:3a:
ce:47:ca:75:aa:cc:93:b4:6b:ae:be:87:11:65:83:14:cc:2e:
43:b2:3f:e9:40:32:7b:32:5c:db:35:d7:58:d3:8f:54:39:25:
ee:02:67:42:1e:47:51:98:61:48:4d:ea:5a:fb:d7:18:19:12:
bb:61:51:19:a1:10:e9:72:77:42:18:57:f2:68:fb:dd:d2:03:
75:5c:98:50:91:37:13:8b:4a:61:ba:6f:90:6b:0a:ef:ea:b7:
5c:4e:5e:58:26:96:14:22:79:68:e2:b9:59:a8:4e:eb:c3:31:
0a:0b:13:48:5e:37:d0:45:5e:3c:52:08:7b:b3:37:df:5a:bc:
04:74:1c:81:32:06:4c:22:1f:dc:4c:c4:fc:31:97:ba:0a:6e:
c9:a3:ef:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD4gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEw
OTIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU1NUNFRjY2NDU5RTkz
N0M2MEMxNEIzODk5QUJBOUNGQTRGQzk1NkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0sxqu03Ya0rYqz6CVbL97cCSSi8pWPhpF8y20yLszZtGrmgv7
xU7VQiK7qXyKZ1J4r90nk0RhtQVIMbYQiljht1AYLk1kqMs2YFmHkRlU+1Ujuh5G
odcHSYj99D+GPNo6WSJZRX5Fh4s/SO/CNrrO8BCl50zLmBXIESpTMhOdhUDQ2wvb
2pSEV8Uhugo21zNbQoy/GCXYp50BkVW2n7DpLftKxZOhn5+QD2Hhgbo+uXIkgaTo
jMiaP2jH7yAh4xubEt9Vvy9ulvl1v9kRVSEBkc0P7MNl6LlmtO07EjP3pPXX3okb
QAPOR9OnTQb/bASfwnVbeK8J5a+9Rq4QGNk7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVVzvZkWek3xgwUs4maupz6T8lWowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1ZWenZaa1dlazN4Z3dV
czRtYXVwejZUOGxXby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKPxH0j1BdLahkWVX0VBq/lX4nn2ns0R2
3HbcghvM9HH9AE4CrUtMBssOvCAsII3DqHosRbDBvjRy95McljS7peg4UdfT07FS
1Kmgly4uJ+FAYRhMPI278wOuJgUy50I4kuPyF9LFebBRh+k6zkfKdarMk7Rrrr6H
EWWDFMwuQ7I/6UAyezJc2zXXWNOPVDkl7gJnQh5HUZhhSE3qWvvXGBkSu2FRGaEQ
6XJ3QhhX8mj73dIDdVyYUJE3E4tKYbpvkGsK7+q3XE5eWCaWFCJ5aOK5WahO68Mx
CgsTSF430EVePFIIe7M331q8BHQcgTIGTCIf3EzE/DGXugpuyaPvdg==
-----END CERTIFICATE-----
Generated at Mon Apr 1 10:44:47 2024 by rpki-client on console-ams.rpki-client.org