Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/eO0KhJQgyK8YgksDF8FrHqiSlyk.roa
File: eO0KhJQgyK8YgksDF8FrHqiSlyk.roa (raw, json)
Hash identifier: e2DJVtofdpb8BMVKFM45i3rY9vu1m65Ipr1kuTnWWtk=
Subject key identifier: 78:ED:0A:84:94:20:C8:AF:18:82:4B:03:17:C1:6B:1E:A8:92:97:29
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 119A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/eO0KhJQgyK8YgksDF8FrHqiSlyk.roa
Signing time: Sat 06 Apr 2024 21:52:58 +0000
ROA not before: Sat 06 Apr 2024 21:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4506 (0x119a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 21:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=78ED0A849420C8AF18824B0317C16B1EA8929729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1c:8a:88:e7:8e:37:1a:44:b4:b6:43:9f:8e:
00:9e:45:52:b2:6c:78:4e:56:04:68:42:21:3b:e5:
8c:34:e7:dd:b8:9e:5c:20:e3:3a:b4:b5:2a:11:af:
fb:39:70:bf:e6:d2:2f:52:16:66:dd:9d:41:49:35:
90:5f:12:0a:90:96:38:e8:ba:34:ee:f4:6c:b9:b7:
59:c2:df:09:19:3e:29:d7:d2:bc:8f:d6:86:81:a3:
53:a7:f9:d3:a7:55:d5:69:eb:24:19:90:ca:a8:39:
1f:bc:c5:d9:b0:53:1d:76:e0:5b:62:90:0f:1a:2c:
2f:83:c1:9f:69:d2:78:de:d1:96:d5:d1:fa:97:94:
c7:62:fc:04:80:62:d2:17:c7:d7:c7:2c:c3:62:3f:
9c:15:e3:7d:a6:a6:22:4a:db:c1:8e:0b:ec:66:42:
40:30:c8:1d:ba:b7:dd:91:93:9f:f5:7f:2c:28:f5:
3a:5e:05:48:97:f3:f9:86:e2:c3:1e:b0:15:01:20:
65:3f:0c:95:19:1b:ef:4c:58:07:6c:64:ce:d1:e1:
76:29:0e:b3:bb:10:4e:65:c5:88:ee:48:2b:1f:10:
10:f6:db:ea:87:1e:31:a2:bd:bc:02:d3:27:92:66:
d2:14:dd:58:1c:f3:1e:ad:c5:11:1f:a6:18:b9:6a:
48:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:ED:0A:84:94:20:C8:AF:18:82:4B:03:17:C1:6B:1E:A8:92:97:29
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/eO0KhJQgyK8YgksDF8FrHqiSlyk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:8b:16:9f:6a:14:6b:33:0e:2b:bd:ef:7b:a6:6b:f4:0e:0e:
dc:b6:5b:31:6a:c8:da:23:ca:11:bc:43:62:0f:bd:54:0d:d1:
fc:9d:9a:d3:c6:78:0e:95:f0:97:e6:5b:06:b2:58:ad:49:45:
63:4b:b9:0d:2d:06:87:b0:92:6e:a2:36:40:00:68:5f:d3:2d:
a1:5b:bb:4d:35:67:0e:03:6a:db:a0:39:9b:f6:18:78:41:2b:
74:33:43:ab:35:0b:38:d2:5d:3e:b3:a6:fa:3a:83:65:d1:ff:
4f:7f:7e:ff:f1:63:91:62:61:31:ce:84:a9:e9:1c:5a:e4:48:
67:5c:b0:4e:92:6c:9a:99:3d:8b:0a:aa:65:d9:fb:ce:a9:bb:
68:8a:00:5d:8d:36:45:37:42:38:77:ae:98:bd:c0:ac:30:9e:
df:f5:30:e0:d4:27:95:29:6a:59:2b:d4:d0:21:58:be:f7:f5:
8d:bc:20:c6:99:e9:60:80:b3:40:09:71:6b:07:23:8c:26:90:
ed:57:da:c8:55:bc:3a:ef:48:2e:e4:38:4f:fd:2a:c1:a4:3e:
75:1c:30:05:97:7b:0d:6b:56:36:3b:fe:07:83:95:b5:4a:f5:
dd:59:f0:06:7a:ca:50:18:2f:7f:c2:b3:09:92:e1:03:cb:7c:
c5:5a:62:d3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYy
MTUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc4RUQwQTg0OTQyMEM4
QUYxODgyNEIwMzE3QzE2QjFFQTg5Mjk3MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbHIqI5443GkS0tkOfjgCeRVKybHhOVgRoQiE75Yw05924nlwg
4zq0tSoRr/s5cL/m0i9SFmbdnUFJNZBfEgqQljjoujTu9Gy5t1nC3wkZPinX0ryP
1oaBo1On+dOnVdVp6yQZkMqoOR+8xdmwUx124FtikA8aLC+DwZ9p0nje0ZbV0fqX
lMdi/ASAYtIXx9fHLMNiP5wV432mpiJK28GOC+xmQkAwyB26t92Rk5/1fywo9Tpe
BUiX8/mG4sMesBUBIGU/DJUZG+9MWAdsZM7R4XYpDrO7EE5lxYjuSCsfEBD22+qH
HjGivbwC0yeSZtIU3Vgc8x6txREfphi5akjBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeO0KhJQgyK8YgksDF8FrHqiSlykwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2VPMEtoSlFneUs4WWdr
c0RGOEZySHFpU2x5ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAPYsWn2oUazMOK73ve6Zr9A4O3LZbMWrI
2iPKEbxDYg+9VA3R/J2a08Z4DpXwl+ZbBrJYrUlFY0u5DS0Gh7CSbqI2QABoX9Mt
oVu7TTVnDgNq26A5m/YYeEErdDNDqzULONJdPrOm+jqDZdH/T39+//FjkWJhMc6E
qekcWuRIZ1ywTpJsmpk9iwqqZdn7zqm7aIoAXY02RTdCOHeumL3ArDCe3/Uw4NQn
lSlqWSvU0CFYvvf1jbwgxpnpYICzQAlxawcjjCaQ7VfayFW8Ou9ILuQ4T/0qwaQ+
dRwwBZd7DWtWNjv+B4OVtUr13VnwBnrKUBgvf8KzCZLhA8t8xVpi0w==
-----END CERTIFICATE-----
Generated at Sat Apr 6 23:22:28 2024 by rpki-client on console-fra.rpki-client.org