Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/gRaxlaUFgkhg0bssdIQpluWrcKc.roa
File: gRaxlaUFgkhg0bssdIQpluWrcKc.roa (raw, json)
Hash identifier: gv26UI+A3bUk0C4v3Ep4C0KF0KxyTyNtIlaDtft7RZQ=
Subject key identifier: 81:16:B1:95:A5:05:82:48:60:D1:BB:2C:74:84:29:96:E5:AB:70:A7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 120E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/gRaxlaUFgkhg0bssdIQpluWrcKc.roa
Signing time: Mon 08 Apr 2024 02:52:55 +0000
ROA not before: Mon 08 Apr 2024 02:52:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4622 (0x120e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 02:52:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8116B195A505824860D1BB2C74842996E5AB70A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cc:c9:71:d2:d1:46:7e:e2:70:89:8e:ec:50:
11:2b:8e:33:3e:89:a3:ae:26:24:8e:06:15:1d:95:
5d:b9:83:17:4b:47:37:9f:c3:20:bd:1f:9e:60:2e:
f6:d3:29:c7:4f:dc:c5:02:72:a8:3e:42:4a:f6:d7:
8b:f9:c5:e2:42:90:29:9d:08:3f:cd:99:ca:ea:b3:
77:98:27:d6:17:c4:0d:02:95:ed:2c:8e:70:97:0f:
c5:f3:12:7d:0d:8c:bc:0c:0c:ad:2c:32:ed:9e:25:
54:0b:a3:0a:56:0b:37:cb:21:f2:4c:53:af:dc:34:
91:de:0c:91:a6:b8:06:53:9a:54:f1:91:6c:05:bd:
b2:aa:d1:a6:4c:f1:69:6c:6b:e1:c4:6a:bc:bf:24:
44:66:fc:11:83:43:46:98:68:8f:cd:4d:53:66:8a:
e2:08:1b:45:81:07:ed:c6:6e:0c:fc:a2:ac:25:8e:
15:76:74:ef:98:50:80:95:51:d8:e3:c4:d3:65:78:
ad:95:d3:ab:01:59:00:c1:9e:93:16:47:b0:f2:17:
3e:7a:dd:66:c4:b5:4e:38:35:04:e3:5d:d7:76:4e:
6d:7a:64:a4:58:0d:fe:e0:a5:65:41:42:ea:3d:dc:
5b:db:07:8d:99:fd:97:a4:f4:74:f3:43:b9:8c:60:
d8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:16:B1:95:A5:05:82:48:60:D1:BB:2C:74:84:29:96:E5:AB:70:A7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/gRaxlaUFgkhg0bssdIQpluWrcKc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:a8:b5:fd:70:50:d3:10:f2:65:73:a4:42:c0:97:a7:09:12:
21:08:7c:17:ee:76:13:c6:80:76:9d:db:94:31:32:c0:cd:3d:
e8:25:a8:6c:52:11:8e:8c:e5:24:d0:3b:6e:ab:0a:07:80:40:
56:bd:f2:50:ec:09:a0:5e:02:58:c5:9e:9a:3d:e8:69:b1:3b:
e3:bf:fb:0c:7e:84:f0:1a:a5:5e:fb:dc:19:c5:09:58:96:28:
79:77:a7:e3:a5:89:c9:f2:7f:87:32:80:3a:f2:24:d1:7e:3f:
33:20:6f:6c:c1:d1:8c:4d:a0:f6:00:9d:16:9b:ca:1e:61:49:
bb:bf:33:45:98:1f:75:f3:7d:52:b6:4f:b4:80:85:28:30:b9:
5d:21:25:31:ff:6a:bd:43:54:e9:93:ad:ee:97:cb:2f:b0:03:
ec:aa:84:4b:b8:77:c9:6d:b8:65:ce:e2:33:3b:23:05:3c:30:
d6:23:d7:fe:7b:57:32:7d:9c:8e:3e:b5:45:39:5c:62:75:a9:
8b:aa:6d:fd:cf:9b:87:c1:d6:3a:70:f5:f7:27:0b:0a:9f:76:
9a:18:bf:2c:06:dc:14:1f:d6:ba:5d:52:33:f8:9a:16:11:29:
32:78:1c:7c:1d:6b:0f:00:a3:27:f6:85:10:a4:94:19:bf:c7:
96:61:76:27
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEg4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgw
MjUyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxMTZCMTk1QTUwNTgy
NDg2MEQxQkIyQzc0ODQyOTk2RTVBQjcwQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5zMlx0tFGfuJwiY7sUBErjjM+iaOuJiSOBhUdlV25gxdLRzef
wyC9H55gLvbTKcdP3MUCcqg+Qkr214v5xeJCkCmdCD/Nmcrqs3eYJ9YXxA0Cle0s
jnCXD8XzEn0NjLwMDK0sMu2eJVQLowpWCzfLIfJMU6/cNJHeDJGmuAZTmlTxkWwF
vbKq0aZM8Wlsa+HEary/JERm/BGDQ0aYaI/NTVNmiuIIG0WBB+3Gbgz8oqwljhV2
dO+YUICVUdjjxNNleK2V06sBWQDBnpMWR7DyFz563WbEtU44NQTjXdd2Tm16ZKRY
Df7gpWVBQuo93FvbB42Z/Zek9HTzQ7mMYNhHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgRaxlaUFgkhg0bssdIQpluWrcKcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2dSYXhsYVVGZ2toZzBi
c3NkSVFwbHVXcmNLYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAZ6i1/XBQ0xDyZXOkQsCXpwkSIQh8F+52
E8aAdp3blDEywM096CWobFIRjozlJNA7bqsKB4BAVr3yUOwJoF4CWMWemj3oabE7
47/7DH6E8BqlXvvcGcUJWJYoeXen46WJyfJ/hzKAOvIk0X4/MyBvbMHRjE2g9gCd
FpvKHmFJu78zRZgfdfN9UrZPtICFKDC5XSElMf9qvUNU6ZOt7pfLL7AD7KqES7h3
yW24Zc7iMzsjBTww1iPX/ntXMn2cjj61RTlcYnWpi6pt/c+bh8HWOnD19ycLCp92
mhi/LAbcFB/Wul1SM/iaFhEpMngcfB1rDwCjJ/aFEKSUGb/HlmF2Jw==
-----END CERTIFICATE-----
Generated at Mon Apr 8 06:20:25 2024 by rpki-client on console-ams.rpki-client.org