Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/VlFMMlz0RXHbCP5mn-uKAA3YqGw.roa
File: VlFMMlz0RXHbCP5mn-uKAA3YqGw.roa (raw, json)
Hash identifier: JSsWzHpgkp5AfqhtQ9TgTJqQxi2P7Vj6dsoL+A4OKyo=
Subject key identifier: 56:51:4C:32:5C:F4:45:71:DB:08:FE:66:9F:EB:8A:00:0D:D8:A8:6C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 119E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VlFMMlz0RXHbCP5mn-uKAA3YqGw.roa
Signing time: Sat 06 Apr 2024 22:52:53 +0000
ROA not before: Sat 06 Apr 2024 22:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4510 (0x119e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 22:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=56514C325CF44571DB08FE669FEB8A000DD8A86C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:62:4e:0c:a2:0f:c8:1b:3a:43:25:3e:3e:
74:f2:79:36:1d:eb:13:7c:7c:63:f1:b3:39:db:05:
7a:fc:ef:2c:f3:18:99:76:73:f0:3c:bb:10:72:a0:
72:db:81:40:f9:c6:90:aa:0c:3a:06:c9:b2:c5:1e:
77:f5:30:89:c0:2a:1d:18:d5:0a:a5:d7:8e:4b:36:
49:0a:58:cf:00:75:51:48:5d:c8:d7:0f:57:46:3d:
c7:19:a5:86:0a:91:cf:5a:0a:34:d6:58:3d:0f:9a:
5d:eb:f6:4e:7e:1f:e8:93:bc:15:c4:03:e0:f5:2c:
75:07:79:1a:e5:4e:94:4d:b5:ea:aa:e8:90:61:2a:
53:d7:30:20:b0:dd:cd:25:e4:7d:5c:c9:3d:b5:28:
a5:5a:df:15:33:b0:b0:47:e0:4e:1b:9d:39:2f:36:
4b:9d:60:11:5d:65:9a:e9:fc:bd:4c:ac:eb:ad:3b:
6c:5a:f2:55:cd:95:c9:b9:ff:5f:6b:8b:6d:13:fa:
5a:28:1a:4d:77:3c:6b:4d:ba:4b:25:75:b7:f0:03:
02:5e:7c:7f:c2:5d:68:03:48:8f:f1:08:ea:47:81:
6e:bb:ee:15:1b:46:a4:fa:e0:b6:7b:78:17:7d:88:
ca:d1:2d:d4:b2:4c:dc:0d:2b:98:35:30:d8:27:df:
1f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:51:4C:32:5C:F4:45:71:DB:08:FE:66:9F:EB:8A:00:0D:D8:A8:6C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VlFMMlz0RXHbCP5mn-uKAA3YqGw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:62:05:18:de:08:2e:27:95:2e:1e:0f:a6:29:89:6e:7d:a0:
1f:c1:66:cb:13:9a:cd:f1:83:d6:db:c7:8e:a7:53:6a:60:6e:
b7:18:7d:04:78:2c:5c:12:84:75:44:a5:7e:18:43:01:25:77:
5d:6b:f1:b6:97:ed:84:9b:09:3a:05:43:6b:08:fe:77:5e:2e:
b5:d1:a9:7c:fb:1d:aa:db:d9:3f:24:a0:29:a2:c1:73:e9:1d:
48:8e:df:a4:7b:b1:6d:09:81:69:ae:5c:c9:e1:bb:dd:4e:15:
56:55:bd:dc:a0:32:f8:31:1b:bd:72:af:dc:b4:98:4a:a6:85:
8f:14:c7:76:2b:25:16:d3:7d:7c:da:9f:53:7a:d5:7f:83:3b:
44:49:f7:63:18:29:46:30:92:ed:a5:a3:c5:a2:e0:54:d5:cf:
a6:be:53:cb:4b:ab:d7:61:db:4d:dc:47:c9:b7:84:54:f1:0a:
24:cb:a6:5a:e8:ac:d0:a5:e1:44:19:34:1c:06:8e:07:aa:37:
ac:57:af:2b:a7:12:53:22:4b:02:74:40:7f:ad:b5:6e:64:64:
73:8a:ec:86:b9:14:e3:38:69:f6:cd:ce:31:fe:1f:be:f1:c6:
4f:d1:8b:86:86:23:3c:4f:16:46:74:cc:51:10:3c:c4:23:42:
a8:86:ab:11
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEZ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYy
MjUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU2NTE0QzMyNUNGNDQ1
NzFEQjA4RkU2NjlGRUI4QTAwMEREOEE4NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBL2JODKIPyBs6QyU+PnTyeTYd6xN8fGPxsznbBXr87yzzGJl2
c/A8uxByoHLbgUD5xpCqDDoGybLFHnf1MInAKh0Y1Qql145LNkkKWM8AdVFIXcjX
D1dGPccZpYYKkc9aCjTWWD0Pml3r9k5+H+iTvBXEA+D1LHUHeRrlTpRNteqq6JBh
KlPXMCCw3c0l5H1cyT21KKVa3xUzsLBH4E4bnTkvNkudYBFdZZrp/L1MrOutO2xa
8lXNlcm5/19ri20T+looGk13PGtNuksldbfwAwJefH/CXWgDSI/xCOpHgW677hUb
RqT64LZ7eBd9iMrRLdSyTNwNK5g1MNgn3x+BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVlFMMlz0RXHbCP5mn+uKAA3YqGwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1ZsRk1NbHowUlhIYkNQ
NW1uLXVLQUEzWXFHdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEANGIFGN4ILieVLh4PpimJbn2gH8FmyxOa
zfGD1tvHjqdTamButxh9BHgsXBKEdUSlfhhDASV3XWvxtpfthJsJOgVDawj+d14u
tdGpfPsdqtvZPySgKaLBc+kdSI7fpHuxbQmBaa5cyeG73U4VVlW93KAy+DEbvXKv
3LSYSqaFjxTHdislFtN9fNqfU3rVf4M7REn3YxgpRjCS7aWjxaLgVNXPpr5Ty0ur
12HbTdxHybeEVPEKJMumWuis0KXhRBk0HAaOB6o3rFevK6cSUyJLAnRAf621bmRk
c4rshrkU4zhp9s3OMf4fvvHGT9GLhoYjPE8WRnTMURA8xCNCqIarEQ==
-----END CERTIFICATE-----
Generated at Sun Apr 7 00:23:14 2024 by rpki-client on console-ams.rpki-client.org