Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/VsTnIu-crpxSSwxZIGryYWXwZU4.roa
File: VsTnIu-crpxSSwxZIGryYWXwZU4.roa (raw, json)
Hash identifier: 6HseXjscTMlw+mTSpEW/Lx6GTv1adyQ3UKgX3zVg9qA=
Subject key identifier: 56:C4:E7:22:EF:9C:AE:9C:52:4B:0C:59:20:6A:F2:61:65:F0:65:4E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1684
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VsTnIu-crpxSSwxZIGryYWXwZU4.roa
Signing time: Sat 20 Apr 2024 00:23:29 +0000
ROA not before: Sat 20 Apr 2024 00:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5764 (0x1684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 00:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=56C4E722EF9CAE9C524B0C59206AF26165F0654E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fc:69:15:c8:c1:46:ad:5e:d8:36:1d:00:f0:
6f:d3:ec:9d:90:bd:9b:e0:3a:ea:21:4f:ee:25:05:
58:9d:7d:0d:a7:5e:73:48:5f:58:8f:c1:2c:5d:88:
74:c0:19:4c:6e:18:5c:96:53:32:b0:3f:04:f0:31:
76:bf:a2:2d:a5:43:1f:de:09:8c:5f:2c:64:3e:70:
40:fb:07:c5:5f:c3:60:e8:f7:58:68:7c:6b:d0:d7:
0f:c5:e3:b5:f0:d1:ec:b4:d6:d9:79:76:7b:e2:f5:
45:62:64:a4:27:a3:6b:c1:fe:e6:07:8f:2a:65:3e:
5b:5e:46:31:33:2b:4f:5c:52:54:0f:f6:e4:c1:e2:
c0:70:08:12:28:4e:68:02:3f:a7:bb:05:7e:c4:18:
fe:c8:fc:04:14:e0:4b:ab:03:82:71:34:81:e9:32:
98:85:ba:78:4a:0a:a0:89:ca:57:aa:91:b9:29:f4:
ed:07:27:89:43:d4:57:77:8a:63:a0:28:bf:36:0e:
ac:28:bc:7b:2c:f4:f1:55:91:79:b0:49:85:88:eb:
04:1b:d3:57:64:2f:bf:90:69:a1:eb:66:2c:9e:3a:
dc:c1:71:4f:64:bf:ad:92:df:e0:b6:d9:ff:c3:2b:
39:c6:e5:6a:45:38:08:7d:07:d5:3f:ab:7f:4a:25:
39:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C4:E7:22:EF:9C:AE:9C:52:4B:0C:59:20:6A:F2:61:65:F0:65:4E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VsTnIu-crpxSSwxZIGryYWXwZU4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:23:94:54:3a:df:95:88:d7:3d:f7:62:31:e6:f1:ee:4e:c5:
85:3d:1c:97:ca:09:28:d5:58:0c:2b:8a:92:c1:c9:07:da:6e:
68:b0:2e:92:20:9d:3e:11:3c:be:59:e8:a0:44:c7:8f:6d:44:
59:ea:1a:9c:2b:ef:50:26:27:fc:de:89:8e:12:27:96:16:8b:
6d:95:e2:83:12:51:45:b1:d7:be:2e:e3:7c:fb:16:da:57:ed:
20:b0:2c:d7:b4:0b:7c:2f:ec:7c:ed:3f:24:8f:b4:81:e6:88:
4a:e8:ed:e1:a9:99:2f:31:e8:20:ae:0b:d9:69:56:ac:0d:79:
c6:bd:40:80:6a:cf:7e:1d:6f:ac:8e:72:41:d3:a0:58:73:35:
6c:4b:c9:46:3a:b6:76:f7:e4:55:b7:cc:69:93:43:e8:0f:91:
83:90:6c:b4:30:ec:22:9a:d9:f3:4b:06:26:52:5e:61:f9:14:
69:a0:43:a4:05:60:3c:eb:28:33:3f:5d:30:5d:d4:17:fc:35:
c8:d3:a9:92:cd:f7:9d:26:a3:00:57:32:38:36:82:e7:18:52:
38:c2:73:9a:83:b3:c1:c7:93:f8:86:d1:05:89:57:3f:8e:57:
c7:e0:a1:c8:56:1f:3e:0a:63:c6:67:1a:8d:91:2f:6d:50:73:
8a:97:5a:38
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAw
MDIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU2QzRFNzIyRUY5Q0FF
OUM1MjRCMEM1OTIwNkFGMjYxNjVGMDY1NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf/GkVyMFGrV7YNh0A8G/T7J2QvZvgOuohT+4lBVidfQ2nXnNI
X1iPwSxdiHTAGUxuGFyWUzKwPwTwMXa/oi2lQx/eCYxfLGQ+cED7B8Vfw2Do91ho
fGvQ1w/F47Xw0ey01tl5dnvi9UViZKQno2vB/uYHjyplPlteRjEzK09cUlQP9uTB
4sBwCBIoTmgCP6e7BX7EGP7I/AQU4EurA4JxNIHpMpiFunhKCqCJyleqkbkp9O0H
J4lD1Fd3imOgKL82DqwovHss9PFVkXmwSYWI6wQb01dkL7+QaaHrZiyeOtzBcU9k
v62S3+C22f/DKznG5WpFOAh9B9U/q39KJTljAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVsTnIu+crpxSSwxZIGryYWXwZU4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1ZzVG5JdS1jcnB4U1N3
eFpJR3J5WVdYd1pVNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAvyOUVDrflYjXPfdiMebx7k7FhT0cl8oJ
KNVYDCuKksHJB9puaLAukiCdPhE8vlnooETHj21EWeoanCvvUCYn/N6JjhInlhaL
bZXigxJRRbHXvi7jfPsW2lftILAs17QLfC/sfO0/JI+0geaISujt4amZLzHoIK4L
2WlWrA15xr1AgGrPfh1vrI5yQdOgWHM1bEvJRjq2dvfkVbfMaZND6A+Rg5BstDDs
IprZ80sGJlJeYfkUaaBDpAVgPOsoMz9dMF3UF/w1yNOpks33nSajAFcyODaC5xhS
OMJzmoOzwceT+IbRBYlXP45Xx+ChyFYfPgpjxmcajZEvbVBzipdaOA==
-----END CERTIFICATE-----
Generated at Sat Apr 20 03:18:47 2024 by rpki-client on console-fra.rpki-client.org