Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/czMEyTmLSBJaVqylC5Ypi6V5bpc.roa
File: czMEyTmLSBJaVqylC5Ypi6V5bpc.roa (raw, json)
Hash identifier: PrwjZnOZAZrQkpajaH71YZVv6BixFMbL9JqP4sTfAoQ=
Subject key identifier: 73:33:04:C9:39:8B:48:12:5A:56:AC:A5:0B:96:29:8B:A5:79:6E:97
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11FA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/czMEyTmLSBJaVqylC5Ypi6V5bpc.roa
Signing time: Sun 07 Apr 2024 21:52:55 +0000
ROA not before: Sun 07 Apr 2024 21:52:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4602 (0x11fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 21:52:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=733304C9398B48125A56ACA50B96298BA5796E97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b2:ae:58:e9:10:be:55:c2:8c:b9:06:ef:69:
37:a1:11:d3:39:af:e7:f2:63:ed:a1:f3:d3:8c:81:
af:86:7a:70:e8:98:29:94:a3:2a:b4:be:50:c6:86:
f3:35:93:11:83:f4:8b:e8:12:ea:17:b0:f8:4e:9f:
87:e1:53:78:45:2b:66:53:f1:7e:33:48:91:d9:65:
a3:3f:75:0f:0d:b2:ad:ac:41:4e:d7:bf:ba:30:a0:
3f:fd:c0:df:5a:33:b7:62:ae:58:ad:6d:c8:14:88:
d7:8b:dc:cd:72:68:86:08:5f:18:9d:ed:71:8a:37:
04:af:cd:fc:3f:80:95:c2:70:2e:95:19:e2:35:c2:
e8:de:5c:c4:1b:28:35:62:e1:d9:d9:ac:46:96:5a:
18:c5:fe:af:d7:df:b1:c9:e9:71:5b:b6:60:f7:b4:
ab:f5:9d:d3:66:62:8a:11:f0:5b:2a:8c:5c:27:b2:
da:58:82:ad:3f:05:41:6b:84:30:9a:ac:ad:a9:4d:
4f:38:36:87:8b:3a:8a:6a:6c:10:08:76:c0:b3:c8:
3f:f1:8d:74:9c:64:c4:42:7d:ec:05:e4:38:88:69:
6e:c2:49:42:74:83:50:bf:b5:cf:e5:75:49:51:64:
fc:9c:95:09:77:a7:1f:87:eb:aa:e3:98:1b:e7:d6:
0d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:33:04:C9:39:8B:48:12:5A:56:AC:A5:0B:96:29:8B:A5:79:6E:97
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/czMEyTmLSBJaVqylC5Ypi6V5bpc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:27:a6:9e:d5:10:40:28:10:d2:9f:eb:07:f6:fe:cd:04:75:
5a:e6:ea:fe:1b:94:95:1e:a5:92:ad:0e:78:2e:47:50:80:16:
8c:92:e7:e5:f1:be:a9:b9:2d:69:fe:f5:2a:d3:3f:03:81:6e:
14:49:72:df:3e:34:0a:96:49:12:6c:ac:b6:a7:0e:a2:37:1a:
00:a5:d9:74:a0:95:50:06:d7:0e:bc:18:38:42:d3:6f:f0:56:
8a:fe:87:47:bd:d4:a5:08:ae:7c:d1:53:87:28:74:14:53:ba:
ea:f9:d0:fc:68:ff:ea:a4:14:fa:8e:94:c2:af:dc:4d:da:d1:
b6:00:63:c0:1e:12:d4:86:2f:b5:18:33:43:6c:2e:fa:cd:fe:
dc:8a:33:8c:f9:d0:a3:61:a3:a1:2a:2d:63:60:8a:4b:68:11:
bd:44:92:f5:57:de:92:d7:fc:be:c7:fc:b7:fd:55:4d:28:a6:
85:db:e8:60:0c:31:f9:e9:2e:f3:4c:49:ff:0b:42:8c:75:55:
c0:aa:6d:a8:b1:ae:64:5c:2d:12:2c:ef:a9:ad:fe:f7:92:74:
2f:2f:e2:0e:5b:05:36:78:31:f8:8c:75:c3:37:46:50:f8:bf:
5b:99:8a:ea:2b:a6:12:ba:74:58:fa:82:e5:d0:7f:67:58:df:
b6:1f:0f:04
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcy
MTUyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDczMzMwNEM5Mzk4QjQ4
MTI1QTU2QUNBNTBCOTYyOThCQTU3OTZFOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDsq5Y6RC+VcKMuQbvaTehEdM5r+fyY+2h89OMga+GenDomCmU
oyq0vlDGhvM1kxGD9IvoEuoXsPhOn4fhU3hFK2ZT8X4zSJHZZaM/dQ8Nsq2sQU7X
v7owoD/9wN9aM7dirlitbcgUiNeL3M1yaIYIXxid7XGKNwSvzfw/gJXCcC6VGeI1
wujeXMQbKDVi4dnZrEaWWhjF/q/X37HJ6XFbtmD3tKv1ndNmYooR8FsqjFwnstpY
gq0/BUFrhDCarK2pTU84NoeLOopqbBAIdsCzyD/xjXScZMRCfewF5DiIaW7CSUJ0
g1C/tc/ldUlRZPyclQl3px+H66rjmBvn1g1NAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUczMEyTmLSBJaVqylC5Ypi6V5bpcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2N6TUV5VG1MU0JKYVZx
eWxDNVlwaTZWNWJwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEATCemntUQQCgQ0p/rB/b+zQR1Wubq/huU
lR6lkq0OeC5HUIAWjJLn5fG+qbktaf71KtM/A4FuFEly3z40CpZJEmystqcOojca
AKXZdKCVUAbXDrwYOELTb/BWiv6HR73UpQiufNFThyh0FFO66vnQ/Gj/6qQU+o6U
wq/cTdrRtgBjwB4S1IYvtRgzQ2wu+s3+3IozjPnQo2GjoSotY2CKS2gRvUSS9Vfe
ktf8vsf8t/1VTSimhdvoYAwx+eku80xJ/wtCjHVVwKptqLGuZFwtEizvqa3+95J0
Ly/iDlsFNngx+Ix1wzdGUPi/W5mK6iumErp0WPqC5dB/Z1jfth8PBA==
-----END CERTIFICATE-----
Generated at Sun Apr 7 23:41:52 2024 by rpki-client on console-ams.rpki-client.org