Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/a68JawWHVThOKQDnXkjolNpaYlU.roa
File: a68JawWHVThOKQDnXkjolNpaYlU.roa (raw, json)
Hash identifier: 7vgnQzQAp7FcoG9ISW7ztQW6BETa/r2TYVqnMKtV+E0=
Subject key identifier: 6B:AF:09:6B:05:87:55:38:4E:29:00:E7:5E:48:E8:94:DA:5A:62:55
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11A4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/a68JawWHVThOKQDnXkjolNpaYlU.roa
Signing time: Sun 07 Apr 2024 00:22:55 +0000
ROA not before: Sun 07 Apr 2024 00:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4516 (0x11a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 00:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6BAF096B058755384E2900E75E48E894DA5A6255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:d5:d7:dc:54:cc:04:82:dd:4a:49:4c:86:
85:a5:01:db:8c:73:b0:50:cc:73:a3:2f:fe:3a:c9:
97:00:c7:ee:44:68:00:3d:29:c1:43:0b:0e:fd:37:
c7:84:7b:5b:73:64:82:da:3d:ef:bb:b5:8c:9e:e7:
71:46:ef:b3:05:8a:a9:2b:31:5f:59:25:66:81:fb:
29:20:88:7b:80:67:a8:fb:6f:d8:73:87:30:18:34:
39:8d:ed:20:e7:6d:50:bf:8f:32:75:ea:4a:88:c3:
c7:60:1a:5a:50:26:f4:20:1e:80:77:cd:54:94:be:
da:3e:db:37:4d:d6:86:ef:b8:6a:46:12:85:ba:c3:
ad:0f:b1:84:ff:ca:07:08:41:ca:25:61:46:2b:e9:
07:84:e1:e6:e8:f3:96:23:fc:12:20:1b:75:21:b2:
0a:68:57:63:c0:cf:de:24:04:50:55:9a:98:0e:50:
dc:f6:fb:ee:83:30:a8:c6:e8:c7:37:19:03:c7:b5:
a6:87:7b:56:52:96:3f:f1:53:1c:f7:1b:5c:7a:2e:
3d:27:f1:b0:4c:1f:02:2e:ca:f2:67:34:c0:3f:f5:
0b:90:5e:61:3e:49:58:24:b2:94:91:33:82:5b:7c:
d9:bc:23:f8:b0:6e:47:dd:f0:16:97:68:46:93:09:
c0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AF:09:6B:05:87:55:38:4E:29:00:E7:5E:48:E8:94:DA:5A:62:55
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/a68JawWHVThOKQDnXkjolNpaYlU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:c2:fe:03:95:db:3e:cf:0d:61:12:62:ef:7d:6b:30:07:39:
3e:19:8b:cb:f4:5f:4d:0c:4d:b9:72:aa:8b:78:e5:d1:24:b7:
8a:e2:71:2f:2f:65:25:e0:b7:0a:f3:89:3c:dd:be:3f:06:dd:
5b:d7:7b:85:62:eb:fc:e2:8c:df:76:d2:e9:17:2b:bc:a0:c9:
dc:95:75:de:6f:a2:aa:1b:e4:98:69:d2:d1:64:ea:29:2a:ed:
29:a5:84:53:89:94:e6:11:d0:96:a3:32:e9:6d:1e:19:20:68:
eb:5c:69:e1:c2:08:13:46:dc:3f:50:01:de:4e:f7:41:df:c6:
d0:59:1b:59:ce:3b:72:c1:b4:69:4a:55:19:d3:db:cd:8f:0f:
7d:97:2f:c3:6a:21:51:61:5b:e3:da:97:5b:f4:4a:96:39:2d:
ae:8d:b8:35:1c:9b:f2:e6:95:fc:ca:48:06:3f:34:fe:b8:de:
1a:82:b0:6c:fd:ef:c4:98:3f:ab:c2:95:c2:2a:5c:51:03:8a:
67:15:fc:3b:20:3d:bb:45:f3:31:f2:d6:cc:68:ed:cd:15:2e:
b7:40:17:65:5f:fd:f2:55:8f:ff:97:3e:73:81:7c:bb:f9:54:
ee:b2:80:90:d1:27:23:05:79:81:00:7e:a5:49:8f:08:71:e6:
fe:bf:34:97
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcw
MDIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCQUYwOTZCMDU4NzU1
Mzg0RTI5MDBFNzVFNDhFODk0REE1QTYyNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC94NXX3FTMBILdSklMhoWlAduMc7BQzHOjL/46yZcAx+5EaAA9
KcFDCw79N8eEe1tzZILaPe+7tYye53FG77MFiqkrMV9ZJWaB+ykgiHuAZ6j7b9hz
hzAYNDmN7SDnbVC/jzJ16kqIw8dgGlpQJvQgHoB3zVSUvto+2zdN1obvuGpGEoW6
w60PsYT/ygcIQcolYUYr6QeE4ebo85Yj/BIgG3UhsgpoV2PAz94kBFBVmpgOUNz2
++6DMKjG6Mc3GQPHtaaHe1ZSlj/xUxz3G1x6Lj0n8bBMHwIuyvJnNMA/9QuQXmE+
SVgkspSRM4JbfNm8I/iwbkfd8BaXaEaTCcCDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUa68JawWHVThOKQDnXkjolNpaYlUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2E2OEphd1dIVlRoT0tR
RG5Ya2pvbE5wYVlsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAm8L+A5XbPs8NYRJi731rMAc5PhmLy/Rf
TQxNuXKqi3jl0SS3iuJxLy9lJeC3CvOJPN2+PwbdW9d7hWLr/OKM33bS6RcrvKDJ
3JV13m+iqhvkmGnS0WTqKSrtKaWEU4mU5hHQlqMy6W0eGSBo61xp4cIIE0bcP1AB
3k73Qd/G0FkbWc47csG0aUpVGdPbzY8PfZcvw2ohUWFb49qXW/RKljktro24NRyb
8uaV/MpIBj80/rjeGoKwbP3vxJg/q8KVwipcUQOKZxX8OyA9u0XzMfLWzGjtzRUu
t0AXZV/98lWP/5c+c4F8u/lU7rKAkNEnIwV5gQB+pUmPCHHm/r80lw==
-----END CERTIFICATE-----
Generated at Sun Apr 7 02:16:15 2024 by rpki-client on console-ams.rpki-client.org