Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/eqF3GkqCSOTXkBFhDAhigxGWEh8.roa
File: eqF3GkqCSOTXkBFhDAhigxGWEh8.roa (raw, json)
Hash identifier: ipQ5lZXnpEqAXCbyenq7lvpp09HGnilai9JElsSDslI=
Subject key identifier: 7A:A1:77:1A:4A:82:48:E4:D7:90:11:61:0C:08:62:83:11:96:12:1F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10A8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/eqF3GkqCSOTXkBFhDAhigxGWEh8.roa
Signing time: Thu 04 Apr 2024 09:22:44 +0000
ROA not before: Thu 04 Apr 2024 09:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4264 (0x10a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 09:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7AA1771A4A8248E4D79011610C0862831196121F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:83:7a:e2:c4:d4:59:75:4e:04:f1:ab:b4:f8:
76:99:a9:f2:b3:8c:66:7e:94:10:c7:65:a4:3f:11:
ab:50:75:15:67:e8:af:dc:bc:59:f0:26:f1:e9:4d:
b8:42:a3:f5:a3:d9:9a:65:a1:68:6d:a8:3b:a3:91:
76:5e:26:fe:cb:f7:a8:b4:16:73:d4:a4:98:78:c6:
fe:19:5c:c2:00:55:bd:ac:57:e1:d7:f2:69:03:8a:
c3:64:39:64:ed:71:6a:65:bf:b1:ad:d3:07:9f:dd:
54:3d:ce:7b:04:0b:4a:65:8e:eb:e9:fd:a0:4a:d9:
b0:19:0b:a7:fb:55:6b:74:bb:76:e2:3b:13:78:19:
dd:f3:82:a7:ee:18:f8:57:fd:04:41:bf:fc:23:71:
07:18:17:e5:27:5e:0b:e2:81:9a:77:20:e6:75:9f:
34:b8:c0:34:08:17:0e:96:3c:70:cd:39:44:5f:9f:
77:d0:05:0a:34:b1:19:d4:e0:ac:b6:ad:45:d8:d1:
91:98:6c:7f:de:7f:dd:32:ea:2d:63:d2:6b:65:81:
84:96:9f:b5:29:59:9c:3b:f1:9d:c2:de:0f:8b:8f:
2e:c8:3b:36:f8:8a:33:f8:7a:9c:ff:66:e3:1b:71:
ba:96:44:32:3d:76:e7:0c:e2:52:e5:46:7d:90:73:
2e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A1:77:1A:4A:82:48:E4:D7:90:11:61:0C:08:62:83:11:96:12:1F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/eqF3GkqCSOTXkBFhDAhigxGWEh8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:cf:56:fc:86:47:89:4f:03:22:c2:44:55:ff:40:f6:87:26:
a2:45:8e:4f:66:34:5a:17:1d:9c:ac:8f:24:67:d1:92:45:65:
26:a5:ed:8e:36:12:a2:df:ad:29:e8:d0:49:ed:64:3a:2a:72:
c6:29:1e:ca:b0:31:19:9f:e1:6c:c5:d4:c7:3f:60:bb:86:bb:
bf:ff:c5:40:49:2f:6e:fd:69:8a:ff:c7:32:db:6d:b2:86:4c:
b6:8a:35:99:cc:98:e2:d3:ae:cd:01:b2:aa:cb:45:06:3d:14:
3a:95:8f:d7:8a:60:71:2a:c1:cd:b8:8c:a0:bd:1c:26:0c:10:
fb:84:fc:a4:cd:bb:e9:f8:cd:c6:a2:f4:6b:a8:63:a3:a2:4a:
dd:9e:5c:10:de:7f:04:36:c9:5b:23:e5:d0:55:1e:eb:56:9a:
19:f3:75:f0:c9:2f:5e:1b:53:21:35:18:93:8b:e8:65:52:6e:
fc:93:4f:f6:92:48:51:89:4e:1a:0d:aa:2e:8f:dd:cd:4f:11:
f5:26:17:9f:2c:22:f7:03:17:ab:46:a4:50:fa:94:ac:59:dd:
a8:7c:dc:19:3e:a5:93:73:58:32:5b:96:73:19:45:a0:10:ff:
90:5f:59:30:63:b1:38:11:7b:1f:8b:52:c4:b4:bf:8b:1f:3e:
af:aa:b5:10
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQw
OTIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBQTE3NzFBNEE4MjQ4
RTRENzkwMTE2MTBDMDg2MjgzMTE5NjEyMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKg3rixNRZdU4E8au0+HaZqfKzjGZ+lBDHZaQ/EatQdRVn6K/c
vFnwJvHpTbhCo/Wj2ZploWhtqDujkXZeJv7L96i0FnPUpJh4xv4ZXMIAVb2sV+HX
8mkDisNkOWTtcWplv7Gt0wef3VQ9znsEC0pljuvp/aBK2bAZC6f7VWt0u3biOxN4
Gd3zgqfuGPhX/QRBv/wjcQcYF+UnXgvigZp3IOZ1nzS4wDQIFw6WPHDNOURfn3fQ
BQo0sRnU4Ky2rUXY0ZGYbH/ef90y6i1j0mtlgYSWn7UpWZw78Z3C3g+Ljy7IOzb4
ijP4epz/ZuMbcbqWRDI9ducM4lLlRn2Qcy59AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUeqF3GkqCSOTXkBFhDAhigxGWEh8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2VxRjNHa3FDU09UWGtC
RmhEQWhpZ3hHV0VoOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAA89W/IZHiU8DIsJEVf9A9ocmokWOT2Y0
WhcdnKyPJGfRkkVlJqXtjjYSot+tKejQSe1kOipyxikeyrAxGZ/hbMXUxz9gu4a7
v//FQEkvbv1piv/HMtttsoZMtoo1mcyY4tOuzQGyqstFBj0UOpWP14pgcSrBzbiM
oL0cJgwQ+4T8pM276fjNxqL0a6hjo6JK3Z5cEN5/BDbJWyPl0FUe61aaGfN18Mkv
XhtTITUYk4voZVJu/JNP9pJIUYlOGg2qLo/dzU8R9SYXnywi9wMXq0akUPqUrFnd
qHzcGT6lk3NYMluWcxlFoBD/kF9ZMGOxOBF7H4tSxLS/ix8+r6q1EA==
-----END CERTIFICATE-----
Generated at Thu Apr 4 14:38:30 2024 by rpki-client on console-ams.rpki-client.org