Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/dxIr5qPKd0aebS91Ks8oDM1oQ_M.roa
File: dxIr5qPKd0aebS91Ks8oDM1oQ_M.roa (raw, json)
Hash identifier: WQuZjTZLX1ijyo5Jaj7IBdmvc0doaQzzOvcsYV8J8Bs=
Subject key identifier: 77:12:2B:E6:A3:CA:77:46:9E:6D:2F:75:2A:CF:28:0C:CD:68:43:F3
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1080
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/dxIr5qPKd0aebS91Ks8oDM1oQ_M.roa
Signing time: Wed 03 Apr 2024 23:22:44 +0000
ROA not before: Wed 03 Apr 2024 23:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4224 (0x1080)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 3 23:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=77122BE6A3CA77469E6D2F752ACF280CCD6843F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:45:66:93:28:2e:90:3d:a7:9c:b9:1d:fb:17:
d2:f9:ad:db:c3:73:01:30:68:69:a7:d6:d2:31:d4:
6e:e0:56:4b:7d:ea:a0:96:98:71:db:38:64:9b:d8:
df:37:9f:09:5f:d1:5c:cc:d3:2b:64:b4:39:eb:01:
29:17:04:54:25:fc:a3:9d:5b:81:3b:8b:bf:bb:a5:
f8:b0:cf:fe:04:f4:94:8b:7b:bf:67:7e:0e:7d:d7:
4b:11:fa:c8:27:75:cf:cd:0f:23:7e:4b:a7:6a:3a:
ff:74:d8:85:c4:a4:32:f0:7e:83:29:72:14:12:14:
08:38:0a:ee:b9:5a:5b:b7:14:54:1b:7e:b5:ef:df:
67:8a:3f:f9:06:c2:ac:46:f3:f9:f6:fa:9d:4c:98:
c0:4c:52:32:b8:23:1d:c0:b6:c2:c7:ae:97:5f:e5:
d6:5d:a8:3c:bf:9e:97:eb:bb:c1:41:89:e4:4f:e2:
fc:65:0f:49:79:31:72:3d:1f:d4:b5:1c:91:2c:1a:
02:fe:b0:4c:17:d6:de:12:eb:e3:01:0f:bf:99:3e:
b9:e8:e7:1c:76:62:85:00:ce:e3:d3:d3:9b:c7:90:
5a:5d:71:ce:92:7b:6b:d8:50:09:63:d5:ef:2e:6f:
ef:e2:7e:f6:f5:eb:50:02:56:27:07:39:f7:56:fc:
76:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:12:2B:E6:A3:CA:77:46:9E:6D:2F:75:2A:CF:28:0C:CD:68:43:F3
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/dxIr5qPKd0aebS91Ks8oDM1oQ_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:f1:10:78:d6:67:e7:82:1d:d6:35:fa:d9:b3:45:4c:51:f1:
b2:6d:69:08:78:63:e1:55:40:4e:4a:73:17:71:bc:7a:61:ca:
33:e6:3f:b5:13:38:ad:7d:f6:5b:6f:07:a7:20:d7:b2:68:56:
27:48:c7:6a:91:32:08:7b:75:80:74:57:51:94:33:d7:d5:61:
21:d9:2e:c9:27:a7:c1:a6:3b:61:47:4b:16:35:28:81:da:59:
c9:1d:30:42:dd:f6:eb:e0:41:37:9c:75:a9:99:dd:00:26:e6:
ef:db:fe:62:3b:85:51:96:44:8d:bd:7a:bb:79:92:17:7b:17:
17:7f:6a:46:61:95:79:00:7c:e1:83:ad:e0:bf:57:b6:0c:81:
eb:22:1a:03:7d:12:ec:6e:89:3e:07:27:f4:0f:9e:48:52:9e:
0b:ed:90:e2:08:cc:5c:e6:93:63:f1:3d:9d:ae:20:1e:0d:6e:
65:e5:62:fe:67:59:f4:9e:53:87:43:6a:b2:ef:5f:0a:06:0e:
b3:4a:80:c4:78:31:43:a3:9c:11:d0:40:77:2a:49:9d:86:f6:
36:8f:30:28:fa:fe:66:c5:16:52:f2:db:47:d1:b3:bd:52:10:
14:09:05:a8:d9:ba:7f:70:57:9b:36:29:2c:9a:e6:5d:78:dc:
87:8c:74:05
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDMy
MzIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc3MTIyQkU2QTNDQTc3
NDY5RTZEMkY3NTJBQ0YyODBDQ0Q2ODQzRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsRWaTKC6QPaecuR37F9L5rdvDcwEwaGmn1tIx1G7gVkt96qCW
mHHbOGSb2N83nwlf0VzM0ytktDnrASkXBFQl/KOdW4E7i7+7pfiwz/4E9JSLe79n
fg5910sR+sgndc/NDyN+S6dqOv902IXEpDLwfoMpchQSFAg4Cu65Wlu3FFQbfrXv
32eKP/kGwqxG8/n2+p1MmMBMUjK4Ix3AtsLHrpdf5dZdqDy/npfru8FBieRP4vxl
D0l5MXI9H9S1HJEsGgL+sEwX1t4S6+MBD7+ZPrno5xx2YoUAzuPT05vHkFpdcc6S
e2vYUAlj1e8ub+/ifvb161ACVicHOfdW/HbHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdxIr5qPKd0aebS91Ks8oDM1oQ/MwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2R4SXI1cVBLZDBhZWJT
OTFLczhvRE0xb1FfTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAtvEQeNZn54Id1jX62bNFTFHxsm1pCHhj
4VVATkpzF3G8emHKM+Y/tRM4rX32W28HpyDXsmhWJ0jHapEyCHt1gHRXUZQz19Vh
IdkuySenwaY7YUdLFjUogdpZyR0wQt326+BBN5x1qZndACbm79v+YjuFUZZEjb16
u3mSF3sXF39qRmGVeQB84YOt4L9XtgyB6yIaA30S7G6JPgcn9A+eSFKeC+2Q4gjM
XOaTY/E9na4gHg1uZeVi/mdZ9J5Th0Nqsu9fCgYOs0qAxHgxQ6OcEdBAdypJnYb2
No8wKPr+ZsUWUvLbR9GzvVIQFAkFqNm6f3BXmzYpLJrmXXjch4x0BQ==
-----END CERTIFICATE-----
Generated at Thu Apr 4 01:06:46 2024 by rpki-client on console-ams.rpki-client.org