Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/a9xdHOUTxvNA22wu_7xRUzRjCSM.roa
File: a9xdHOUTxvNA22wu_7xRUzRjCSM.roa (raw, json)
Hash identifier: T2VaF3B2Mdp6mPT5H11k1oCS5Pz8Y2iCgXL0Qml9uXA=
Subject key identifier: 6B:DC:5D:1C:E5:13:C6:F3:40:DB:6C:2E:FF:BC:51:53:34:63:09:23
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 138E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/a9xdHOUTxvNA22wu_7xRUzRjCSM.roa
Signing time: Fri 12 Apr 2024 02:53:11 +0000
ROA not before: Fri 12 Apr 2024 02:53:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5006 (0x138e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 02:53:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6BDC5D1CE513C6F340DB6C2EFFBC515334630923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:56:89:1f:27:6c:ba:be:02:4e:aa:65:b0:86:
24:87:0b:83:df:eb:e1:ef:7c:cd:82:49:fe:77:17:
88:c1:ac:99:94:70:d0:cd:64:1a:14:32:60:dd:80:
de:78:51:4b:be:07:38:69:05:31:9f:39:8e:46:48:
7d:63:13:c9:51:e1:85:8b:e2:27:ed:4c:d3:2f:e1:
81:1f:e4:08:fe:fa:19:b6:f8:7d:69:af:29:09:f2:
76:91:f3:13:b4:28:c0:d3:12:86:cb:29:45:63:8f:
cc:ab:21:28:89:80:d0:08:0a:43:7b:d8:b0:c8:e6:
cc:79:db:63:f3:51:60:6e:5e:93:8a:ea:d7:cd:0e:
fb:dc:03:15:a3:a8:41:d6:1f:44:01:b5:92:7f:83:
47:e9:e9:1f:08:d4:04:38:e4:31:26:b3:eb:1b:9f:
5c:05:bb:d9:7d:71:a4:26:8e:26:bc:04:78:7b:82:
95:a1:a9:52:da:c5:7b:c0:d4:80:d6:29:c7:0a:51:
41:7f:81:b1:ed:3f:94:90:9b:0b:c1:80:17:9f:ce:
e5:5d:2a:22:65:bf:dd:79:4d:7e:bc:f6:55:40:98:
a0:61:c3:02:e0:f3:d4:87:8b:07:48:10:bb:47:4b:
21:0f:9a:88:c5:e0:f8:72:d2:aa:f8:98:e2:86:48:
ca:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DC:5D:1C:E5:13:C6:F3:40:DB:6C:2E:FF:BC:51:53:34:63:09:23
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/a9xdHOUTxvNA22wu_7xRUzRjCSM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:9d:fb:a4:54:b2:4f:e6:20:b9:76:9e:71:5b:32:5b:67:ac:
12:35:b0:ff:80:9e:41:fd:f0:e6:c4:da:27:4d:bf:4e:13:b3:
86:6f:65:82:1b:c3:0c:22:87:5d:7e:fb:0d:4d:8b:bb:be:10:
16:05:1e:98:88:53:83:cd:fc:be:34:42:75:b7:e5:73:1a:23:
ae:b4:b2:3e:ae:8e:8d:a8:a8:01:c2:bf:2c:78:0e:61:4f:25:
21:cc:2e:b7:75:0d:50:ca:f0:51:21:a9:73:37:2a:41:dd:f6:
54:9b:8d:99:76:c5:00:27:11:84:d4:2e:94:5a:46:12:68:c3:
a9:c2:d7:a9:7d:53:38:74:a7:71:5a:19:13:5c:00:8a:c9:02:
39:c0:b6:f8:78:81:8e:79:45:92:39:fa:2e:48:8b:c7:6b:b6:
60:2d:53:9e:f4:d8:35:fd:0c:34:ee:6e:59:56:1b:85:4d:83:
b6:19:7d:7f:d7:55:5a:35:58:b1:df:62:f6:13:b3:68:bc:96:
cd:78:d9:0c:03:8e:e6:07:0b:62:16:c4:4a:47:87:15:89:a1:
4f:98:2a:ad:cb:cb:61:8b:18:2a:34:c6:cb:8c:e4:5a:31:a9:
df:31:08:7e:64:ec:cd:90:c7:f5:61:e2:5a:dd:7f:b3:e7:d5:
cb:c0:98:18
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIw
MjUzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCREM1RDFDRTUxM0M2
RjM0MERCNkMyRUZGQkM1MTUzMzQ2MzA5MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8VokfJ2y6vgJOqmWwhiSHC4Pf6+HvfM2CSf53F4jBrJmUcNDN
ZBoUMmDdgN54UUu+BzhpBTGfOY5GSH1jE8lR4YWL4iftTNMv4YEf5Aj++hm2+H1p
rykJ8naR8xO0KMDTEobLKUVjj8yrISiJgNAICkN72LDI5sx522PzUWBuXpOK6tfN
DvvcAxWjqEHWH0QBtZJ/g0fp6R8I1AQ45DEms+sbn1wFu9l9caQmjia8BHh7gpWh
qVLaxXvA1IDWKccKUUF/gbHtP5SQmwvBgBefzuVdKiJlv915TX689lVAmKBhwwLg
89SHiwdIELtHSyEPmojF4Phy0qr4mOKGSMrTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUa9xdHOUTxvNA22wu/7xRUzRjCSMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2E5eGRIT1VUeHZOQTIy
d3VfN3hSVXpSakNTTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAOJ37pFSyT+YguXaecVsyW2esEjWw/4Ce
Qf3w5sTaJ02/ThOzhm9lghvDDCKHXX77DU2Lu74QFgUemIhTg838vjRCdbflcxoj
rrSyPq6OjaioAcK/LHgOYU8lIcwut3UNUMrwUSGpczcqQd32VJuNmXbFACcRhNQu
lFpGEmjDqcLXqX1TOHSncVoZE1wAiskCOcC2+HiBjnlFkjn6LkiLx2u2YC1TnvTY
Nf0MNO5uWVYbhU2Dthl9f9dVWjVYsd9i9hOzaLyWzXjZDAOO5gcLYhbESkeHFYmh
T5gqrcvLYYsYKjTGy4zkWjGp3zEIfmTszZDH9WHiWt1/s+fVy8CYGA==
-----END CERTIFICATE-----
Generated at Fri Apr 12 04:09:43 2024 by rpki-client on console-fra.rpki-client.org