Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/d69jhXi-ZvwQMWvWFAz9Rmh4HJ4.roa
File: d69jhXi-ZvwQMWvWFAz9Rmh4HJ4.roa (raw, json)
Hash identifier: FKbdbT9e0XKEucxFVgcBl6web50DTV/ZsdNT4W3coKA=
Subject key identifier: 77:AF:63:85:78:BE:66:FC:10:31:6B:D6:14:0C:FD:46:68:78:1C:9E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 166C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/d69jhXi-ZvwQMWvWFAz9Rmh4HJ4.roa
Signing time: Fri 19 Apr 2024 18:23:28 +0000
ROA not before: Fri 19 Apr 2024 18:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5740 (0x166c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 19 18:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=77AF638578BE66FC10316BD6140CFD4668781C9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:93:23:b6:36:87:14:6f:14:9f:e5:60:03:f6:
83:cb:31:49:c6:19:0b:6a:64:6f:30:b4:66:ab:f7:
9f:52:ce:01:9a:aa:4b:33:5d:29:3f:bb:bb:83:28:
f0:be:63:2e:c9:76:73:ab:f4:06:a8:70:c7:71:b6:
43:1f:56:c0:46:bc:21:06:3e:0f:6d:3e:c2:92:4b:
06:82:e7:37:df:8d:5a:33:0c:61:2d:47:5f:51:b9:
b3:c2:31:16:d3:b8:40:ce:ac:43:27:1d:ca:37:86:
c1:2c:74:56:47:b0:2b:a0:cc:64:47:57:3a:4e:5f:
d3:36:03:d2:45:f2:1e:30:38:bd:ec:3d:77:2c:b4:
47:ab:b9:b5:8a:02:16:b6:e3:03:11:d8:72:97:a0:
4f:34:2e:d5:4e:12:95:50:2c:15:40:b8:e4:27:77:
05:3f:81:7a:5e:6a:49:d0:2c:8f:b0:11:33:42:4b:
fc:64:73:f5:02:e4:66:1c:a5:2d:fa:b6:0c:78:78:
fe:0b:ef:50:b4:bc:b1:dd:68:55:06:39:e1:fe:7b:
d0:2f:fa:cf:4a:7d:0d:d9:55:5b:c2:cc:fa:ca:78:
24:a2:64:c3:84:03:80:c9:d7:ef:2e:48:97:be:88:
11:e3:6e:26:5e:03:1f:99:60:89:4a:a0:53:df:9a:
bc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AF:63:85:78:BE:66:FC:10:31:6B:D6:14:0C:FD:46:68:78:1C:9E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/d69jhXi-ZvwQMWvWFAz9Rmh4HJ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:fe:4a:da:df:c0:58:09:95:34:be:8e:d1:74:18:01:4c:d4:
fb:c8:eb:59:93:e7:96:ab:2c:78:94:78:fa:2b:89:4b:3b:a7:
c9:42:62:9c:cb:c1:91:62:49:6e:7e:fe:70:a7:ad:2f:76:31:
6e:53:d5:06:98:8a:4f:30:b6:ae:2a:cf:29:a0:a0:f3:85:23:
f6:e6:ac:44:7b:48:1f:6c:b9:2d:54:e3:7a:a9:37:65:9c:97:
31:43:31:60:d5:6b:e0:c7:85:b7:e8:01:1e:34:73:ef:78:21:
b3:5e:cf:b6:56:74:40:87:0c:c3:b3:ff:76:8f:7f:2c:a0:ba:
1d:18:1a:e0:2b:87:8e:80:7d:2a:37:fa:1e:b3:56:ab:1e:c0:
09:2f:dc:7c:95:b0:cd:01:62:ff:bf:81:16:b5:71:fb:9e:d9:
4b:28:86:fe:9a:d1:c6:e6:54:f6:a5:db:53:a4:40:d4:94:f6:
80:08:9e:5d:75:82:8b:57:c3:81:48:ff:21:cc:55:ca:2e:47:
71:fe:f4:3c:da:bd:e8:fa:fe:d4:24:ca:3f:c3:fc:de:97:13:
34:13:6f:cb:bf:9d:85:0e:51:48:72:fd:0e:0d:b4:6a:cf:7d:
f4:49:ea:58:59:80:5d:82:87:2d:53:bd:ab:ae:0f:48:4b:fe:
76:8c:7d:99
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFmwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTkx
ODIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc3QUY2Mzg1NzhCRTY2
RkMxMDMxNkJENjE0MENGRDQ2Njg3ODFDOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3kyO2NocUbxSf5WAD9oPLMUnGGQtqZG8wtGar959SzgGaqksz
XSk/u7uDKPC+Yy7JdnOr9AaocMdxtkMfVsBGvCEGPg9tPsKSSwaC5zffjVozDGEt
R19RubPCMRbTuEDOrEMnHco3hsEsdFZHsCugzGRHVzpOX9M2A9JF8h4wOL3sPXcs
tEerubWKAha24wMR2HKXoE80LtVOEpVQLBVAuOQndwU/gXpeaknQLI+wETNCS/xk
c/UC5GYcpS36tgx4eP4L71C0vLHdaFUGOeH+e9Av+s9KfQ3ZVVvCzPrKeCSiZMOE
A4DJ1+8uSJe+iBHjbiZeAx+ZYIlKoFPfmrwpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUd69jhXi+ZvwQMWvWFAz9Rmh4HJ4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2Q2OWpoWGktWnZ3UU1X
dldGQXo5Um1oNEhKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAMf5K2t/AWAmVNL6O0XQYAUzU+8jrWZPn
lqsseJR4+iuJSzunyUJinMvBkWJJbn7+cKetL3YxblPVBpiKTzC2rirPKaCg84Uj
9uasRHtIH2y5LVTjeqk3ZZyXMUMxYNVr4MeFt+gBHjRz73ghs17PtlZ0QIcMw7P/
do9/LKC6HRga4CuHjoB9Kjf6HrNWqx7ACS/cfJWwzQFi/7+BFrVx+57ZSyiG/prR
xuZU9qXbU6RA1JT2gAieXXWCi1fDgUj/IcxVyi5Hcf70PNq96Pr+1CTKP8P83pcT
NBNvy7+dhQ5RSHL9Dg20as999EnqWFmAXYKHLVO9q64PSEv+dox9mQ==
-----END CERTIFICATE-----
Generated at Sat Apr 20 00:24:00 2024 by rpki-client on console-ams.rpki-client.org