Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Xinigp16qg0PVXwXpWyKVtjRgeE.roa
File: Xinigp16qg0PVXwXpWyKVtjRgeE.roa (raw, json)
Hash identifier: xnU4aoaizfRxwlg3BZydMmteA10l2u6Bxw0X1oG/WAA=
Subject key identifier: 5E:29:E2:82:9D:7A:AA:0D:0F:55:7C:17:A5:6C:8A:56:D8:D1:81:E1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 12B4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Xinigp16qg0PVXwXpWyKVtjRgeE.roa
Signing time: Tue 09 Apr 2024 20:23:06 +0000
ROA not before: Tue 09 Apr 2024 20:23:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4788 (0x12b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 9 20:23:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5E29E2829D7AAA0D0F557C17A56C8A56D8D181E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:e2:6e:7f:82:02:db:7d:b8:9d:8d:c8:75:
df:63:89:fa:ea:d3:fb:e0:76:65:d5:c0:b8:fe:51:
20:bd:50:5a:06:24:5e:2e:31:1c:8e:6f:88:14:a9:
63:49:61:04:48:5c:18:97:69:10:79:67:d8:f8:0f:
29:bf:2a:16:86:d0:e0:39:81:a7:de:ee:7d:3f:c1:
e1:21:ae:40:52:6f:a7:30:fd:af:ad:e2:22:f2:cc:
94:d1:e1:9e:93:8d:e3:b5:53:90:82:cc:a9:c9:a6:
5c:85:19:c2:a0:e6:66:73:2d:f6:bb:ae:99:88:4c:
7f:b4:8d:4d:fc:13:aa:bf:ca:41:09:82:25:89:c9:
93:a2:ff:53:82:0d:8e:7a:96:30:a2:cc:28:b6:c7:
fb:80:7a:f8:36:e9:15:08:16:cc:27:0b:c8:85:e7:
66:6e:d1:2c:b5:b9:85:66:bb:c9:08:7f:a1:58:cd:
2a:a2:09:f6:75:f1:9f:47:19:00:72:09:17:b5:2e:
35:67:3f:98:48:b2:4d:8c:2d:bc:e8:46:e6:cf:89:
7b:bb:58:44:ef:c5:96:c1:b9:79:d6:15:2b:ac:8a:
1e:80:e5:36:87:24:08:4c:83:6b:f9:9c:51:ca:9c:
71:8d:36:84:f5:a7:66:0c:06:d8:f0:aa:92:4e:6f:
b6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:29:E2:82:9D:7A:AA:0D:0F:55:7C:17:A5:6C:8A:56:D8:D1:81:E1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Xinigp16qg0PVXwXpWyKVtjRgeE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:34:18:1d:23:82:db:29:db:26:2d:70:fa:19:17:d8:08:cd:
9e:5c:ec:25:93:f4:70:6b:b7:e9:16:d4:64:91:0e:01:dc:0c:
9c:36:24:52:33:6c:e9:14:0c:03:99:a5:df:a1:53:58:a3:f2:
8c:19:7e:13:c4:15:a4:88:56:0a:93:97:76:ee:bf:25:50:d9:
48:39:d1:76:d3:04:5c:4c:a9:56:92:72:36:94:48:4a:df:a6:
9d:c8:03:f2:07:fb:29:08:f1:fb:da:64:fa:dd:42:30:f9:08:
8b:a6:49:01:91:17:db:7c:d1:fa:64:cf:e4:39:cf:a2:69:00:
cd:8a:db:9c:01:6a:a4:8c:fc:e5:b7:44:3a:4b:57:24:fb:16:
86:31:62:2b:6c:f1:0a:48:bb:3a:20:2f:39:91:99:4d:9b:be:
fc:5a:3e:56:b1:03:e9:c6:c7:7c:e3:f2:ef:42:9e:04:b8:06:
52:59:0e:7e:ce:c7:da:28:cc:b2:11:ad:ab:a4:8d:f6:48:6e:
85:da:44:f9:5c:6c:1d:48:d1:e4:0d:4f:4e:9b:af:8b:c1:cc:
bd:01:e7:80:74:8b:d2:c1:39:25:13:58:3d:67:01:8b:d4:15:
1b:f0:30:6a:45:a8:25:14:60:3a:00:93:7e:f0:93:89:c1:7f:
8a:da:37:ee
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICErQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDky
MDIzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFMjlFMjgyOUQ3QUFB
MEQwRjU1N0MxN0E1NkM4QTU2RDhEMTgxRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNvOJuf4IC2324nY3Idd9jifrq0/vgdmXVwLj+USC9UFoGJF4u
MRyOb4gUqWNJYQRIXBiXaRB5Z9j4Dym/KhaG0OA5gafe7n0/weEhrkBSb6cw/a+t
4iLyzJTR4Z6TjeO1U5CCzKnJplyFGcKg5mZzLfa7rpmITH+0jU38E6q/ykEJgiWJ
yZOi/1OCDY56ljCizCi2x/uAevg26RUIFswnC8iF52Zu0Sy1uYVmu8kIf6FYzSqi
CfZ18Z9HGQByCRe1LjVnP5hIsk2MLbzoRubPiXu7WETvxZbBuXnWFSusih6A5TaH
JAhMg2v5nFHKnHGNNoT1p2YMBtjwqpJOb7bPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXinigp16qg0PVXwXpWyKVtjRgeEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1hpbmlncDE2cWcwUFZY
d1hwV3lLVnRqUmdlRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAHzQYHSOC2ynbJi1w+hkX2AjNnlzsJZP0
cGu36RbUZJEOAdwMnDYkUjNs6RQMA5ml36FTWKPyjBl+E8QVpIhWCpOXdu6/JVDZ
SDnRdtMEXEypVpJyNpRISt+mncgD8gf7KQjx+9pk+t1CMPkIi6ZJAZEX23zR+mTP
5DnPomkAzYrbnAFqpIz85bdEOktXJPsWhjFiK2zxCki7OiAvOZGZTZu+/Fo+VrED
6cbHfOPy70KeBLgGUlkOfs7H2ijMshGtq6SN9khuhdpE+VxsHUjR5A1PTpuvi8HM
vQHngHSL0sE5JRNYPWcBi9QVG/AwakWoJRRgOgCTfvCTicF/ito37g==
-----END CERTIFICATE-----
Generated at Wed Apr 10 00:10:08 2024 by rpki-client on console-fra.rpki-client.org