Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/XAKdHKBRmJcx2j5OFLazhCtDXSo.roa
File: XAKdHKBRmJcx2j5OFLazhCtDXSo.roa (raw, json)
Hash identifier: MyiyUjvBoi6anQ9hUHgcQhY/1Qw28+n+i0s+C5y3XCM=
Subject key identifier: 5C:02:9D:1C:A0:51:98:97:31:DA:3E:4E:14:B6:B3:84:2B:43:5D:2A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D5A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/XAKdHKBRmJcx2j5OFLazhCtDXSo.roa
Signing time: Wed 08 May 2024 05:54:22 +0000
ROA not before: Wed 08 May 2024 05:54:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7514 (0x1d5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 8 05:54:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5C029D1CA051989731DA3E4E14B6B3842B435D2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:f7:e6:38:72:72:5f:83:04:22:ec:1e:40:
fa:be:f5:e8:79:e6:c3:95:d0:b1:53:41:9d:f9:1e:
28:42:2d:c1:7a:17:52:52:58:98:f2:a5:3d:bf:d0:
b2:f4:f4:c2:5d:54:04:89:a8:47:f3:6b:45:09:3c:
09:17:27:64:59:9f:71:be:b7:95:a5:af:e6:84:35:
09:0c:9e:9c:6b:55:d7:26:ee:c4:ec:02:5e:40:27:
89:ba:e0:91:1f:60:50:79:4e:12:07:f3:60:f4:a4:
b0:b3:88:8c:c3:52:51:23:f5:72:de:87:58:22:67:
4b:83:5f:c4:b4:b4:38:c5:17:be:78:82:7f:3d:48:
d3:47:79:76:40:35:1f:42:11:57:08:52:30:59:80:
9e:9d:c3:72:62:54:3f:35:7b:9e:61:cd:b2:22:09:
cf:a5:88:81:ce:c4:fa:c7:ce:1b:1e:74:e9:10:8c:
12:60:5c:c0:fe:f3:cf:56:94:62:af:a0:ae:26:6c:
cd:f0:38:25:79:87:80:ab:1a:a8:c6:23:37:3a:ba:
15:12:f0:0a:78:94:fd:63:80:15:81:d7:58:fa:26:
5d:eb:80:77:9a:74:1a:32:6a:9e:4c:4d:69:3f:ca:
f1:18:a6:ae:63:23:38:c3:8d:0a:99:dc:39:7e:b2:
12:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:02:9D:1C:A0:51:98:97:31:DA:3E:4E:14:B6:B3:84:2B:43:5D:2A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/XAKdHKBRmJcx2j5OFLazhCtDXSo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:35:5e:1f:71:6f:43:96:13:10:1f:13:ea:45:5d:ad:49:4f:
36:ef:9b:79:d4:83:bd:73:31:56:e7:3a:73:a7:62:65:7c:bc:
28:ad:82:c0:ed:ac:04:93:7b:1d:65:30:2a:c6:7b:8c:ee:07:
f3:03:ef:07:43:21:4a:fc:46:a6:d6:74:63:00:d3:6a:e7:21:
ac:36:dd:ef:24:f2:ae:57:5c:92:27:b4:70:40:5b:e9:0f:38:
29:94:c3:02:ec:6f:5e:7a:36:49:8e:ad:6b:a1:20:1c:cf:be:
21:43:bd:c7:d0:a7:4c:7e:1f:3c:bd:64:7f:b0:3e:73:8c:85:
c3:8c:1f:fc:1e:63:10:6b:76:69:f9:1a:5e:93:4d:0a:09:92:
87:b7:c0:fc:28:72:b9:26:0b:57:b8:b2:c3:8b:ae:95:7c:da:
4a:bc:51:08:b5:32:a5:09:99:97:33:73:e2:f8:af:4d:48:78:
b2:47:31:e8:94:24:81:3e:6e:68:62:04:7d:b8:6a:d9:93:64:
42:96:4d:70:1c:3b:14:0b:39:c3:bd:77:02:13:4c:f6:4e:91:
79:08:ee:48:18:41:81:30:42:a5:2e:12:3c:f0:e6:a0:77:52:
4c:70:29:32:52:65:a2:88:66:72:3d:bc:18:e8:bd:59:2d:0a:
b4:3f:bb:ca
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDgw
NTU0MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDMDI5RDFDQTA1MTk4
OTczMURBM0U0RTE0QjZCMzg0MkI0MzVEMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC63PfmOHJyX4MEIuweQPq+9eh55sOV0LFTQZ35HihCLcF6F1JS
WJjypT2/0LL09MJdVASJqEfza0UJPAkXJ2RZn3G+t5Wlr+aENQkMnpxrVdcm7sTs
Al5AJ4m64JEfYFB5ThIH82D0pLCziIzDUlEj9XLeh1giZ0uDX8S0tDjFF754gn89
SNNHeXZANR9CEVcIUjBZgJ6dw3JiVD81e55hzbIiCc+liIHOxPrHzhsedOkQjBJg
XMD+889WlGKvoK4mbM3wOCV5h4CrGqjGIzc6uhUS8Ap4lP1jgBWB11j6Jl3rgHea
dBoyap5MTWk/yvEYpq5jIzjDjQqZ3Dl+shLBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXAKdHKBRmJcx2j5OFLazhCtDXSowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1hBS2RIS0JSbUpjeDJq
NU9GTGF6aEN0RFhTby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAFTVeH3FvQ5YTEB8T6kVdrUlPNu+bedSD
vXMxVuc6c6diZXy8KK2CwO2sBJN7HWUwKsZ7jO4H8wPvB0MhSvxGptZ0YwDTauch
rDbd7yTyrldckie0cEBb6Q84KZTDAuxvXno2SY6ta6EgHM++IUO9x9CnTH4fPL1k
f7A+c4yFw4wf/B5jEGt2afkaXpNNCgmSh7fA/ChyuSYLV7iyw4uulXzaSrxRCLUy
pQmZlzNz4vivTUh4skcx6JQkgT5uaGIEfbhq2ZNkQpZNcBw7FAs5w713AhNM9k6R
eQjuSBhBgTBCpS4SPPDmoHdSTHApMlJloohmcj28GOi9WS0KtD+7yg==
-----END CERTIFICATE-----
Generated at Wed May 8 07:04:32 2024 by rpki-client on console-ams.rpki-client.org