Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/dtEhsqNPH2jW1eZTAvK8AywIOl8.roa
File: dtEhsqNPH2jW1eZTAvK8AywIOl8.roa (raw, json)
Hash identifier: C9XA9fRn9YGQP2s/PYQ6avRTFHTLvgFXsfCRPmFKYZk=
Subject key identifier: 76:D1:21:B2:A3:4F:1F:68:D6:D5:E6:53:02:F2:BC:03:2C:08:3A:5F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1502
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/dtEhsqNPH2jW1eZTAvK8AywIOl8.roa
Signing time: Mon 15 Apr 2024 23:53:24 +0000
ROA not before: Mon 15 Apr 2024 23:53:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5378 (0x1502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 23:53:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=76D121B2A34F1F68D6D5E65302F2BC032C083A5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:29:6d:61:b0:27:7c:a5:f8:14:c6:75:88:99:
69:30:c6:e1:69:6e:73:20:bd:4e:70:ca:1b:57:1f:
33:e4:9f:fa:19:67:02:67:50:33:e8:32:d3:3d:58:
48:2c:49:d3:83:92:9f:1d:91:21:0b:2d:bb:72:d5:
35:52:21:c5:6b:e5:26:33:c4:eb:d2:a3:55:bd:5e:
0e:bc:ba:09:73:43:67:48:d6:08:7a:4d:80:9b:3e:
ed:57:39:c4:5a:70:75:f4:eb:eb:1e:f1:6a:ac:b3:
85:06:19:82:c8:73:f4:d5:11:7f:f2:da:51:c3:6f:
2b:05:ff:0b:8c:fc:51:99:de:a7:47:09:da:83:7e:
3c:9c:38:41:dd:8c:3c:cb:44:88:92:f1:4d:28:f9:
84:14:92:8f:a0:2c:8b:8e:a2:d3:f9:a4:79:79:94:
53:16:6a:98:42:2b:64:70:6c:ac:04:77:aa:c4:a5:
92:d6:5f:21:b1:d4:fb:cd:82:c0:55:eb:05:54:22:
b8:62:42:95:29:1c:7e:50:42:eb:2e:47:42:ee:b6:
f8:7e:c2:c9:15:55:9a:d5:da:9a:ec:6a:a6:d6:b5:
b7:ca:b5:21:a1:77:61:6f:36:f9:e5:53:30:ba:92:
a0:13:31:e8:06:46:e5:8e:de:1b:bf:cd:fe:4d:b3:
df:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D1:21:B2:A3:4F:1F:68:D6:D5:E6:53:02:F2:BC:03:2C:08:3A:5F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/dtEhsqNPH2jW1eZTAvK8AywIOl8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:c5:85:8f:83:2a:d9:59:aa:2d:6f:92:f7:be:6c:76:75:5f:
d0:f1:c8:b8:00:70:83:a4:66:51:c7:9e:ee:15:52:ab:36:35:
f3:7a:ff:6f:3d:10:aa:d9:8e:1b:bf:b1:75:40:a8:f9:0e:b1:
aa:7d:46:db:e1:3b:f0:56:38:e3:d8:7e:62:0a:6f:35:92:90:
4d:81:49:a4:fc:d9:78:0b:1c:ab:03:6c:a1:b2:2a:d6:f7:9b:
2f:9e:1c:dd:06:94:b1:c1:92:99:ca:f4:7c:bf:cf:14:2e:d6:
ae:e3:ea:e8:fd:92:13:6b:34:58:bc:f4:ff:b1:bc:47:ab:35:
cf:c8:cf:79:be:95:45:b3:30:7e:61:21:40:96:ca:8a:fc:ad:
7b:0a:a3:51:78:e4:19:80:da:12:93:28:e1:f0:65:5d:ed:29:
e1:c1:03:71:e1:73:ef:65:1d:37:db:22:0f:f9:fb:b1:40:b4:
44:d4:8e:9c:97:df:a5:77:e0:b7:74:12:f6:ea:84:76:81:01:
77:60:4a:08:02:87:ae:b7:43:c8:a6:6f:00:50:ab:9c:cf:d0:
69:dc:91:87:d4:6c:83:1b:b4:ec:84:3a:6b:b6:02:00:9f:9f:
9a:b1:3d:c6:69:ee:b1:6e:61:8e:d9:95:44:0c:d8:9a:e8:78:
37:fa:cf:bb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUy
MzUzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc2RDEyMUIyQTM0RjFG
NjhENkQ1RTY1MzAyRjJCQzAzMkMwODNBNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuKW1hsCd8pfgUxnWImWkwxuFpbnMgvU5wyhtXHzPkn/oZZwJn
UDPoMtM9WEgsSdODkp8dkSELLbty1TVSIcVr5SYzxOvSo1W9Xg68uglzQ2dI1gh6
TYCbPu1XOcRacHX06+se8Wqss4UGGYLIc/TVEX/y2lHDbysF/wuM/FGZ3qdHCdqD
fjycOEHdjDzLRIiS8U0o+YQUko+gLIuOotP5pHl5lFMWaphCK2RwbKwEd6rEpZLW
XyGx1PvNgsBV6wVUIrhiQpUpHH5QQusuR0Lutvh+wskVVZrV2prsaqbWtbfKtSGh
d2FvNvnlUzC6kqATMegGRuWO3hu/zf5Ns9/jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdtEhsqNPH2jW1eZTAvK8AywIOl8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2R0RWhzcU5QSDJqVzFl
WlRBdks4QXl3SU9sOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAtsWFj4Mq2VmqLW+S975sdnVf0PHIuABw
g6RmUcee7hVSqzY183r/bz0QqtmOG7+xdUCo+Q6xqn1G2+E78FY449h+YgpvNZKQ
TYFJpPzZeAscqwNsobIq1vebL54c3QaUscGSmcr0fL/PFC7WruPq6P2SE2s0WLz0
/7G8R6s1z8jPeb6VRbMwfmEhQJbKivytewqjUXjkGYDaEpMo4fBlXe0p4cEDceFz
72UdN9siD/n7sUC0RNSOnJffpXfgt3QS9uqEdoEBd2BKCAKHrrdDyKZvAFCrnM/Q
adyRh9Rsgxu07IQ6a7YCAJ+fmrE9xmnusW5hjtmVRAzYmuh4N/rPuw==
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:22:31 2024 by rpki-client on console-fra.rpki-client.org