Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ak9ioLG3Eavjh61HV_VxeANCnyM.roa
File: ak9ioLG3Eavjh61HV_VxeANCnyM.roa (raw, json)
Hash identifier: hZMoH4gjgaIifdwQUCkHx2th01K3p1e59jUnsDEMnoE=
Subject key identifier: 6A:4F:62:A0:B1:B7:11:AB:E3:87:AD:47:57:F5:71:78:03:42:9F:23
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C66
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ak9ioLG3Eavjh61HV_VxeANCnyM.roa
Signing time: Sun 05 May 2024 16:54:15 +0000
ROA not before: Sun 05 May 2024 16:54:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7270 (0x1c66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 16:54:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6A4F62A0B1B711ABE387AD4757F5717803429F23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fa:c3:96:5d:9d:42:1c:1e:b7:84:61:2a:b1:
6c:44:57:72:36:c1:12:6c:c4:d7:7d:2c:05:ed:8e:
86:db:4f:85:86:5b:29:a9:7d:bf:70:bb:71:84:fa:
0f:76:0d:57:8d:db:2f:46:96:33:3a:dd:59:59:12:
42:45:cc:6f:72:f2:c1:be:73:f1:6a:7d:2c:ff:f7:
ab:d0:90:b7:6b:39:9f:72:4d:30:d7:84:a0:5f:94:
d0:8b:7c:b0:b3:63:59:24:72:3f:2f:6f:87:61:df:
39:c7:05:ee:b0:6d:ff:74:e6:64:89:d2:95:ad:63:
da:40:9e:90:66:f7:b1:7b:21:09:d9:f9:c8:d9:d3:
8f:8f:cf:0d:9a:7a:fa:4f:bd:d3:ca:29:84:ef:e1:
59:df:2b:ed:35:3c:ea:8b:e3:90:d1:e0:60:6a:77:
0d:f2:4b:9b:bc:79:5d:72:8c:b5:0b:8e:ea:3d:be:
57:b0:8e:2a:8a:b5:57:60:82:51:3b:5d:08:ef:5c:
7a:2a:e5:5e:ea:3c:28:74:c9:73:ee:18:4b:58:98:
ab:56:85:cd:05:d8:d0:f9:bc:0e:db:1b:d4:01:0f:
71:a5:1c:ba:bf:03:1d:ba:96:b6:ce:26:1d:2c:c6:
b7:ac:98:6d:85:35:4f:bc:cd:a3:75:e0:af:11:d5:
a0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4F:62:A0:B1:B7:11:AB:E3:87:AD:47:57:F5:71:78:03:42:9F:23
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ak9ioLG3Eavjh61HV_VxeANCnyM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:ca:cf:88:ed:07:bf:0d:0b:e9:34:4f:4d:c0:6c:b6:0a:4d:
df:2b:a4:b3:d8:3e:8f:c9:3e:9b:ed:7d:cd:37:45:cd:29:6c:
94:c0:88:50:88:8f:0f:8a:ea:5d:44:ed:e0:a7:af:9b:8e:22:
5a:58:4c:fe:d6:8c:88:ed:74:ae:fd:1d:1a:45:67:8a:02:22:
6f:7c:7f:e4:51:0e:15:b7:24:60:f9:b9:19:ec:13:70:6f:93:
f4:85:1c:67:3f:2a:17:a7:db:30:23:ba:fe:2e:9a:4a:2f:a8:
fc:7e:b9:84:d8:58:88:cf:1a:d5:aa:da:c0:3a:f8:54:a8:77:
86:b6:eb:68:6b:23:16:68:fa:f8:de:b5:56:6b:16:6a:bf:31:
fc:ec:31:23:5f:79:90:5a:db:e2:b3:9c:8f:cf:ff:7a:7c:c6:
48:4d:d1:0d:20:89:97:91:2f:5c:a5:56:1e:74:68:62:4f:d2:
a3:27:f8:f6:82:26:f7:6c:c6:95:57:46:cb:2b:53:65:ca:09:
8c:a4:0b:98:69:cc:eb:f5:7c:da:42:01:b4:d4:49:b7:97:83:
51:ef:6c:01:55:3e:67:4b:95:de:9f:f0:cf:21:06:9c:13:5a:
20:89:3d:83:bb:39:9e:55:3d:b3:be:94:1d:4f:3e:6d:72:2b:
ac:69:c6:8e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUx
NjU0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBNEY2MkEwQjFCNzEx
QUJFMzg3QUQ0NzU3RjU3MTc4MDM0MjlGMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv+sOWXZ1CHB63hGEqsWxEV3I2wRJsxNd9LAXtjobbT4WGWymp
fb9wu3GE+g92DVeN2y9GljM63VlZEkJFzG9y8sG+c/FqfSz/96vQkLdrOZ9yTTDX
hKBflNCLfLCzY1kkcj8vb4dh3znHBe6wbf905mSJ0pWtY9pAnpBm97F7IQnZ+cjZ
04+Pzw2aevpPvdPKKYTv4VnfK+01POqL45DR4GBqdw3yS5u8eV1yjLULjuo9vlew
jiqKtVdgglE7XQjvXHoq5V7qPCh0yXPuGEtYmKtWhc0F2ND5vA7bG9QBD3GlHLq/
Ax26lrbOJh0sxresmG2FNU+8zaN14K8R1aCtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUak9ioLG3Eavjh61HV/VxeANCnyMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2FrOWlvTEczRWF2amg2
MUhWX1Z4ZUFOQ255TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAWsrPiO0Hvw0L6TRPTcBstgpN3yuks9g+
j8k+m+19zTdFzSlslMCIUIiPD4rqXUTt4Kevm44iWlhM/taMiO10rv0dGkVnigIi
b3x/5FEOFbckYPm5GewTcG+T9IUcZz8qF6fbMCO6/i6aSi+o/H65hNhYiM8a1ara
wDr4VKh3hrbraGsjFmj6+N61VmsWar8x/OwxI195kFrb4rOcj8//enzGSE3RDSCJ
l5EvXKVWHnRoYk/Soyf49oIm92zGlVdGyytTZcoJjKQLmGnM6/V82kIBtNRJt5eD
Ue9sAVU+Z0uV3p/wzyEGnBNaIIk9g7s5nlU9s76UHU8+bXIrrGnGjg==
-----END CERTIFICATE-----
Generated at Sun May 5 20:31:09 2024 by rpki-client on console-fra.rpki-client.org