Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/VybfHzKU1mpB3Z50xaBxBfV3tmA.roa
File: VybfHzKU1mpB3Z50xaBxBfV3tmA.roa (raw, json)
Hash identifier: giPsYOu7MKFyciplUsAgvMbpxJN+eKirp3HG1LjROLQ=
Subject key identifier: 57:26:DF:1F:32:94:D6:6A:41:DD:9E:74:C5:A0:71:05:F5:77:B6:60
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BFA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VybfHzKU1mpB3Z50xaBxBfV3tmA.roa
Signing time: Sat 04 May 2024 13:54:14 +0000
ROA not before: Sat 04 May 2024 13:54:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7162 (0x1bfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 13:54:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5726DF1F3294D66A41DD9E74C5A07105F577B660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4b:45:90:42:05:4b:61:2f:8a:31:4e:85:d8:
4a:89:36:b4:ca:4f:0a:b6:69:e5:6c:4c:63:ae:b9:
d1:3b:8e:66:df:19:b6:e6:6f:4a:18:6f:90:d5:f3:
93:68:b4:ec:47:46:ad:5f:b9:60:a2:5d:96:3a:ec:
0e:89:e7:af:14:6e:3e:db:ac:33:67:8a:78:82:9d:
a5:b5:da:a0:60:3f:80:3c:24:53:86:44:0a:81:92:
1f:9c:b7:84:15:a2:ae:b3:c9:89:08:7c:6e:e1:ae:
39:53:83:7c:94:b9:07:6c:9a:af:fd:66:63:37:75:
51:08:a1:fb:81:01:4e:92:a7:87:05:c6:ee:20:88:
06:de:b0:ef:7a:92:33:e4:94:bd:82:39:10:e5:be:
05:5d:ef:4f:cf:9d:a9:09:be:af:7c:03:83:e1:17:
4b:28:5c:cf:ab:14:5e:6a:ed:99:8b:63:31:94:57:
2d:fe:b7:44:08:b3:99:92:2f:6f:39:28:47:ab:3d:
c4:52:f3:63:fb:3e:0b:2e:dc:ea:63:ba:72:94:da:
88:27:26:d2:77:30:1e:bb:8e:3d:73:ab:8d:d7:67:
a4:f9:ed:47:b2:2a:26:b2:1f:d2:c0:df:52:27:59:
1d:a1:f6:23:1d:ac:44:35:a1:c8:12:fa:48:59:c7:
8c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:26:DF:1F:32:94:D6:6A:41:DD:9E:74:C5:A0:71:05:F5:77:B6:60
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/VybfHzKU1mpB3Z50xaBxBfV3tmA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:d5:8a:cf:ef:8b:6d:f6:f2:5f:15:6b:da:2a:29:01:86:82:
8c:02:93:0f:13:18:56:cb:35:aa:7e:a8:a8:d9:b4:03:b9:86:
72:3d:0e:d6:82:18:ee:5b:40:d4:81:ce:9c:64:04:e0:52:35:
9e:9f:38:a4:75:b2:b3:53:97:13:49:af:a4:d0:12:7f:aa:a6:
b8:c7:81:77:88:b9:86:8f:9a:9d:85:b9:03:ee:46:c5:f7:ee:
99:48:83:47:0d:fa:53:84:fd:9d:14:9a:8c:fc:e2:6a:64:e4:
90:cb:c9:6f:07:ac:56:be:fc:4a:77:21:9f:1b:25:08:e8:03:
69:57:59:42:a0:00:58:e8:cb:54:5e:91:31:81:3b:99:57:17:
1a:b9:41:59:36:e9:ba:3d:b3:c0:34:5a:fc:cf:56:d6:94:b4:
71:56:81:af:55:68:29:f6:23:67:66:52:46:0e:c8:d5:70:dd:
38:ea:39:80:10:6e:4c:15:94:1a:37:51:b8:0f:4e:45:ce:6b:
d2:0b:17:9d:e0:11:3e:d3:e8:0b:97:80:15:ee:95:91:da:a6:
01:26:0c:ef:c8:1d:12:0e:18:51:12:11:b0:0f:8d:b7:07:79:
49:e4:ec:30:c0:88:09:0a:37:30:50:9a:0d:5c:82:eb:cf:65:
76:8a:f6:ee
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQx
MzU0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU3MjZERjFGMzI5NEQ2
NkE0MUREOUU3NEM1QTA3MTA1RjU3N0I2NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDES0WQQgVLYS+KMU6F2EqJNrTKTwq2aeVsTGOuudE7jmbfGbbm
b0oYb5DV85NotOxHRq1fuWCiXZY67A6J568Ubj7brDNniniCnaW12qBgP4A8JFOG
RAqBkh+ct4QVoq6zyYkIfG7hrjlTg3yUuQdsmq/9ZmM3dVEIofuBAU6Sp4cFxu4g
iAbesO96kjPklL2CORDlvgVd70/PnakJvq98A4PhF0soXM+rFF5q7ZmLYzGUVy3+
t0QIs5mSL285KEerPcRS82P7Pgsu3OpjunKU2ognJtJ3MB67jj1zq43XZ6T57Uey
KiayH9LA31InWR2h9iMdrEQ1ocgS+khZx4x5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVybfHzKU1mpB3Z50xaBxBfV3tmAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1Z5YmZIektVMW1wQjNa
NTB4YUJ4QmZWM3RtQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXdWKz++LbfbyXxVr2iopAYaCjAKTDxMY
Vss1qn6oqNm0A7mGcj0O1oIY7ltA1IHOnGQE4FI1np84pHWys1OXE0mvpNASf6qm
uMeBd4i5ho+anYW5A+5GxffumUiDRw36U4T9nRSajPziamTkkMvJbwesVr78Snch
nxslCOgDaVdZQqAAWOjLVF6RMYE7mVcXGrlBWTbpuj2zwDRa/M9W1pS0cVaBr1Vo
KfYjZ2ZSRg7I1XDdOOo5gBBuTBWUGjdRuA9ORc5r0gsXneARPtPoC5eAFe6Vkdqm
ASYM78gdEg4YURIRsA+Ntwd5SeTsMMCICQo3MFCaDVyC689ldor27g==
-----END CERTIFICATE-----
Generated at Sat May 4 15:54:26 2024 by rpki-client on console-fra.rpki-client.org