Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/_zDMNF6NuuNNJPBGmwtcstbduAM.roa
File: _zDMNF6NuuNNJPBGmwtcstbduAM.roa (raw, json)
Hash identifier: J5jSdIhqOa8xQx+Bi8mo2d9YqOiqXugmZiIhnADzD5w=
Subject key identifier: FF:30:CC:34:5E:8D:BA:E3:4D:24:F0:46:9B:0B:5C:B2:D6:DD:B8:03
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1852
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_zDMNF6NuuNNJPBGmwtcstbduAM.roa
Signing time: Wed 24 Apr 2024 19:53:40 +0000
ROA not before: Wed 24 Apr 2024 19:53:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6226 (0x1852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 19:53:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FF30CC345E8DBAE34D24F0469B0B5CB2D6DDB803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:16:f3:6d:71:16:06:1f:9e:9f:35:74:7c:b0:
65:0b:2f:1f:4a:22:95:2a:1d:13:4c:ec:9d:2c:4e:
dc:50:11:47:1f:c1:ab:df:af:b5:2d:ea:a3:bc:23:
85:80:94:22:17:7a:b2:19:e9:3f:0f:f9:74:91:e6:
17:1a:ee:97:51:1b:60:06:2f:cb:72:bb:c3:b2:92:
28:8a:b5:7e:34:c2:1f:16:f1:bc:db:db:60:55:01:
dc:37:36:e8:26:9e:6a:43:a5:ea:99:5c:8f:3a:e1:
40:52:ad:da:3d:ac:b7:be:fb:09:d5:d1:66:f2:17:
3e:a5:bc:72:25:d4:85:03:d7:59:37:4f:e3:de:44:
a7:99:5f:9e:01:8a:56:17:ee:f6:df:19:92:e8:a4:
3a:2f:ce:01:2e:63:ba:4e:c8:c1:ab:4d:ea:ba:7a:
77:6c:d2:f9:77:3a:c1:62:87:4f:05:5f:93:26:d4:
c3:d4:d7:03:07:b3:d3:7c:10:86:66:d5:f3:c1:9a:
c1:fb:11:33:96:1f:66:0f:eb:06:6c:6c:6a:a8:79:
81:d1:de:6f:a9:9f:af:b8:65:6c:3d:0a:c7:e4:a8:
98:62:88:81:79:bb:69:80:05:4d:d6:18:92:b1:26:
f0:93:8d:f2:9b:dd:a7:17:5d:b3:75:da:a2:8f:e4:
c8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:30:CC:34:5E:8D:BA:E3:4D:24:F0:46:9B:0B:5C:B2:D6:DD:B8:03
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_zDMNF6NuuNNJPBGmwtcstbduAM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:a0:41:4f:16:01:71:43:67:d9:04:a3:bc:66:d8:25:b1:d7:
4b:1a:0f:33:be:77:be:7a:cb:ec:f3:96:5f:e9:41:ad:fa:b5:
8b:1e:76:bb:dc:a7:28:88:fe:e8:93:8f:fb:70:ed:cb:8e:2d:
c4:9e:ee:5f:2b:c4:80:8a:39:54:7b:68:e9:21:af:fb:f2:0b:
ea:d7:6d:8a:33:b7:99:a6:ad:2c:3e:8c:a3:95:e0:ed:91:cc:
56:99:9f:af:ab:83:08:23:84:54:0b:bb:6b:86:c5:ca:7c:41:
b7:29:73:66:d1:c8:9e:6b:07:f5:e3:bd:42:12:de:09:85:de:
51:f6:ad:df:47:1a:76:bd:3b:23:f4:39:20:17:2a:68:15:ce:
1f:1d:db:7c:3e:17:80:d1:15:2b:29:ad:c3:33:e4:b7:60:8f:
86:7c:d7:3e:a5:f4:97:0a:f7:39:b1:72:d8:33:95:b3:46:d3:
c2:ee:d6:fe:91:05:a0:2c:54:99:8c:13:87:79:49:3a:7e:58:
0a:91:2c:6f:32:a0:bc:3d:ba:6c:a1:de:4d:e1:a5:3d:23:60:
e0:a7:5f:2c:cb:89:45:39:50:b6:aa:65:1f:da:f1:82:1f:22:
d2:a0:2b:0f:a6:07:88:8d:1c:28:2d:45:61:5b:2b:7e:7d:d7:
c6:24:7c:ee
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGFIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQx
OTUzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZGMzBDQzM0NUU4REJB
RTM0RDI0RjA0NjlCMEI1Q0IyRDZEREI4MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzFvNtcRYGH56fNXR8sGULLx9KIpUqHRNM7J0sTtxQEUcfwavf
r7Ut6qO8I4WAlCIXerIZ6T8P+XSR5hca7pdRG2AGL8tyu8OykiiKtX40wh8W8bzb
22BVAdw3NugmnmpDpeqZXI864UBSrdo9rLe++wnV0WbyFz6lvHIl1IUD11k3T+Pe
RKeZX54BilYX7vbfGZLopDovzgEuY7pOyMGrTeq6ends0vl3OsFih08FX5Mm1MPU
1wMHs9N8EIZm1fPBmsH7ETOWH2YP6wZsbGqoeYHR3m+pn6+4ZWw9CsfkqJhiiIF5
u2mABU3WGJKxJvCTjfKb3acXXbN12qKP5MjfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/zDMNF6NuuNNJPBGmwtcstbduAMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL196RE1ORjZOdXVOTkpQ
Qkdtd3Rjc3RiZHVBTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAg6BBTxYBcUNn2QSjvGbYJbHXSxoPM753
vnrL7POWX+lBrfq1ix52u9ynKIj+6JOP+3Dty44txJ7uXyvEgIo5VHto6SGv+/IL
6tdtijO3maatLD6Mo5Xg7ZHMVpmfr6uDCCOEVAu7a4bFynxBtylzZtHInmsH9eO9
QhLeCYXeUfat30cadr07I/Q5IBcqaBXOHx3bfD4XgNEVKymtwzPkt2CPhnzXPqX0
lwr3ObFy2DOVs0bTwu7W/pEFoCxUmYwTh3lJOn5YCpEsbzKgvD26bKHeTeGlPSNg
4KdfLMuJRTlQtqplH9rxgh8i0qArD6YHiI0cKC1FYVsrfn3XxiR87g==
-----END CERTIFICATE-----
Generated at Wed Apr 24 23:56:39 2024 by rpki-client on console-fra.rpki-client.org