Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/XyIkI3xsv9EUbJ6TTQkGkg0ksmU.roa
File: XyIkI3xsv9EUbJ6TTQkGkg0ksmU.roa (raw, json)
Hash identifier: guyFaFiyBbuLzQvj0KIl+e2u6BLanlZxvU59FvBmncY=
Subject key identifier: 5F:22:24:23:7C:6C:BF:D1:14:6C:9E:93:4D:09:06:92:0D:24:B2:65
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1AF8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/XyIkI3xsv9EUbJ6TTQkGkg0ksmU.roa
Signing time: Wed 01 May 2024 21:24:05 +0000
ROA not before: Wed 01 May 2024 21:24:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6904 (0x1af8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 21:24:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5F2224237C6CBFD1146C9E934D0906920D24B265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a6:5e:32:38:4e:6e:1b:ce:77:db:ce:44:43:
5a:62:0a:17:da:e7:e8:60:c9:f8:5f:b8:b4:95:09:
e3:a6:c0:df:7f:b1:dc:d9:18:77:0b:4a:5d:e6:58:
c6:b1:f2:b6:ee:72:bd:46:8e:df:a2:03:49:67:70:
28:ef:4b:21:fa:fb:40:61:c0:53:df:95:90:d6:b2:
33:21:ca:a6:b9:86:b9:87:0d:12:67:e2:3b:9a:25:
e2:af:3b:c7:82:50:7f:6c:69:d8:1a:5c:23:0e:bf:
29:d3:bd:4d:49:b9:5f:c5:90:fe:c1:06:4d:3e:1f:
e5:74:af:53:1f:46:47:7c:7c:1f:10:ba:44:9b:f0:
53:78:2a:a0:fd:84:db:3e:ac:56:e7:c7:64:a7:c4:
b0:66:d8:98:20:ba:37:72:2f:a0:39:0a:7f:31:e9:
dc:9d:5b:f5:50:9f:7f:9c:22:48:0f:96:1d:45:93:
30:1c:c3:d6:a9:03:22:ae:f3:07:07:39:1a:c3:d0:
0d:4e:36:e7:87:17:fa:ce:28:29:25:7a:b8:23:f8:
79:45:0d:47:42:7b:16:b0:a7:f9:bb:ec:f4:9d:3f:
e9:09:f7:44:ca:f3:e0:82:53:63:31:06:33:84:9f:
2a:e4:fc:f4:f7:eb:1d:76:9b:57:27:53:cf:1d:e1:
eb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:22:24:23:7C:6C:BF:D1:14:6C:9E:93:4D:09:06:92:0D:24:B2:65
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/XyIkI3xsv9EUbJ6TTQkGkg0ksmU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:25:7b:8c:da:a1:9b:14:7d:4b:72:ba:ff:80:95:af:06:e9:
6e:dc:43:26:20:7c:73:bc:df:0b:57:11:7d:59:3f:89:0b:d7:
dd:52:ff:bf:59:ac:30:25:0b:47:76:e5:f7:8e:23:56:28:0a:
aa:50:72:43:98:1f:7c:2c:a7:62:b4:49:85:12:d4:56:f1:69:
39:7c:de:89:b7:db:00:6b:cd:7c:17:b6:d2:1d:d2:47:0b:fd:
b7:06:15:8e:73:6b:33:1a:fb:d0:ae:7b:f9:0b:a7:cf:04:cd:
26:b2:06:b7:0a:ed:ee:d9:12:b1:97:31:ef:9d:3f:cc:0d:17:
4e:25:ff:14:f1:1d:c9:b2:6e:5e:36:51:ac:00:10:86:c1:93:
2a:62:d9:0d:d8:c0:d2:89:c2:54:a0:d2:db:33:99:1f:de:8e:
02:da:d8:d5:fa:c7:91:c4:49:6c:92:0d:05:74:d1:e9:1b:17:
22:de:03:39:60:ae:91:a6:da:85:95:76:75:0f:54:2c:c9:4d:
32:49:ed:91:cf:d9:ff:66:3f:e6:d1:c5:d8:d4:5e:00:5a:21:
00:d4:00:ac:34:9b:7f:ff:07:f7:08:ca:2d:01:6e:13:77:9c:
ac:2f:0e:22:7c:be:62:f4:e6:09:e5:47:4f:29:fe:c3:e1:e3:
7b:ce:b6:71
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEy
MTI0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGMjIyNDIzN0M2Q0JG
RDExNDZDOUU5MzREMDkwNjkyMEQyNEIyNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOpl4yOE5uG853285EQ1piChfa5+hgyfhfuLSVCeOmwN9/sdzZ
GHcLSl3mWMax8rbucr1Gjt+iA0lncCjvSyH6+0BhwFPflZDWsjMhyqa5hrmHDRJn
4juaJeKvO8eCUH9sadgaXCMOvynTvU1JuV/FkP7BBk0+H+V0r1MfRkd8fB8QukSb
8FN4KqD9hNs+rFbnx2SnxLBm2JggujdyL6A5Cn8x6dydW/VQn3+cIkgPlh1FkzAc
w9apAyKu8wcHORrD0A1ONueHF/rOKCklergj+HlFDUdCexawp/m77PSdP+kJ90TK
8+CCU2MxBjOEnyrk/PT36x12m1cnU88d4evtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXyIkI3xsv9EUbJ6TTQkGkg0ksmUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1h5SWtJM3hzdjlFVWJK
NlRUUWtHa2cwa3NtVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEARiV7jNqhmxR9S3K6/4CVrwbpbtxDJiB8
c7zfC1cRfVk/iQvX3VL/v1msMCULR3bl944jVigKqlByQ5gffCynYrRJhRLUVvFp
OXzeibfbAGvNfBe20h3SRwv9twYVjnNrMxr70K57+QunzwTNJrIGtwrt7tkSsZcx
750/zA0XTiX/FPEdybJuXjZRrAAQhsGTKmLZDdjA0onCVKDS2zOZH96OAtrY1frH
kcRJbJINBXTR6RsXIt4DOWCukabahZV2dQ9ULMlNMkntkc/Z/2Y/5tHF2NReAFoh
ANQArDSbf/8H9wjKLQFuE3ecrC8OIny+YvTmCeVHTyn+w+Hje862cQ==
-----END CERTIFICATE-----
Generated at Thu May 2 03:21:50 2024 by rpki-client on console-fra.rpki-client.org