Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/grXgttd5Z9QFYU6YqqFq-d6Q8F8.roa
File: grXgttd5Z9QFYU6YqqFq-d6Q8F8.roa (raw, json)
Hash identifier: 62Zx0ppL2L5K4J44/ergBm9TPKrNgAQ59KCMJ/gxfCM=
Subject key identifier: 82:B5:E0:B6:D7:79:67:D4:05:61:4E:98:AA:A1:6A:F9:DE:90:F0:5F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 19F6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/grXgttd5Z9QFYU6YqqFq-d6Q8F8.roa
Signing time: Mon 29 Apr 2024 04:53:56 +0000
ROA not before: Mon 29 Apr 2024 04:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6646 (0x19f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 29 04:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=82B5E0B6D77967D405614E98AAA16AF9DE90F05F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d0:ac:4f:e2:b2:7b:ff:a0:71:70:70:67:c6:
7b:b1:8f:c8:89:cb:6e:e6:33:77:9a:c4:97:f3:71:
12:c4:c5:64:16:b6:02:6f:ab:96:5e:a5:fa:ba:82:
fe:3a:4f:f2:eb:d3:67:41:1d:10:63:2e:c2:39:f2:
b2:a8:96:c5:be:aa:aa:47:3b:b3:f5:c7:b9:ba:6f:
3b:4d:df:34:0f:01:45:b2:77:48:1e:68:aa:7b:f9:
86:c0:17:ff:97:31:6d:06:93:bf:e1:ff:92:90:c6:
fc:26:ea:98:f2:f1:1e:6e:e8:68:f0:22:5b:e5:7d:
77:da:75:91:8b:77:91:b5:14:b9:3e:52:b4:e3:d0:
0e:ee:0d:2b:ab:e1:7c:6e:b8:e5:f6:be:60:a0:68:
b5:ae:72:0b:d9:37:33:30:34:8d:37:9b:94:58:98:
dd:09:c6:a9:02:f9:65:b1:c3:00:d5:69:87:13:d8:
d2:b7:39:31:69:1f:ab:20:4c:dd:cb:2d:26:a5:7b:
08:42:4f:c2:59:19:f1:1b:70:f1:07:9c:86:66:d9:
e3:84:17:f9:ec:8c:9c:01:a3:bd:b3:a9:3a:9e:a6:
f3:bc:15:53:27:ff:34:06:45:ba:ac:a7:79:0a:26:
0c:92:9c:7a:f9:a5:89:59:f8:58:61:17:5e:fd:b8:
6b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B5:E0:B6:D7:79:67:D4:05:61:4E:98:AA:A1:6A:F9:DE:90:F0:5F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/grXgttd5Z9QFYU6YqqFq-d6Q8F8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:df:36:a2:c6:25:2e:6c:d1:da:dc:32:50:df:72:2b:68:b6:
10:63:90:71:ce:8b:72:94:2b:1c:11:6b:fc:56:79:9c:02:0c:
ba:3e:06:da:ac:16:1d:30:1e:58:63:e1:04:75:82:ac:eb:42:
81:29:8b:8a:46:f5:be:47:6b:1d:72:3e:57:a1:60:8d:c5:b3:
a1:de:7d:eb:c0:a9:95:b1:2d:f9:c3:f9:0d:da:66:51:ea:83:
40:f5:6c:46:10:5e:c1:2c:e1:a6:6d:5a:9e:d1:26:1a:80:45:
0f:a2:df:c0:62:f4:ea:91:7e:af:13:b6:a9:e3:68:5e:d5:49:
ae:32:30:da:97:0c:15:46:ab:d0:d3:65:45:98:d7:71:a9:0e:
64:dd:72:f0:4b:ad:99:d0:0b:f9:15:ac:d6:40:1b:29:f0:c9:
4b:77:91:d6:a5:a3:30:c9:ae:4f:97:24:cc:29:60:6f:61:6e:
5f:3b:45:cf:77:5c:f3:6d:0c:97:7c:2b:83:ae:ef:6d:16:ab:
0a:84:7e:32:8d:b2:45:e5:a4:0e:fc:d5:20:ef:87:f8:33:a7:
ed:4f:33:99:67:6d:dc:1d:0b:74:0a:2c:3d:43:40:f8:bd:e8:
91:9a:d9:fb:67:35:49:1d:89:70:0e:ef:23:0a:04:09:11:6b:
eb:91:3c:b4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjkw
NDUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyQjVFMEI2RDc3OTY3
RDQwNTYxNEU5OEFBQTE2QUY5REU5MEYwNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDf0KxP4rJ7/6BxcHBnxnuxj8iJy27mM3eaxJfzcRLExWQWtgJv
q5Zepfq6gv46T/Lr02dBHRBjLsI58rKolsW+qqpHO7P1x7m6bztN3zQPAUWyd0ge
aKp7+YbAF/+XMW0Gk7/h/5KQxvwm6pjy8R5u6GjwIlvlfXfadZGLd5G1FLk+UrTj
0A7uDSur4XxuuOX2vmCgaLWucgvZNzMwNI03m5RYmN0JxqkC+WWxwwDVaYcT2NK3
OTFpH6sgTN3LLSalewhCT8JZGfEbcPEHnIZm2eOEF/nsjJwBo72zqTqepvO8FVMn
/zQGRbqsp3kKJgySnHr5pYlZ+FhhF179uGs9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgrXgttd5Z9QFYU6YqqFq+d6Q8F8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2dyWGd0dGQ1WjlRRllV
NllxcUZxLWQ2UThGOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAc982osYlLmzR2twyUN9yK2i2EGOQcc6L
cpQrHBFr/FZ5nAIMuj4G2qwWHTAeWGPhBHWCrOtCgSmLikb1vkdrHXI+V6FgjcWz
od5968CplbEt+cP5DdpmUeqDQPVsRhBewSzhpm1antEmGoBFD6LfwGL06pF+rxO2
qeNoXtVJrjIw2pcMFUar0NNlRZjXcakOZN1y8EutmdAL+RWs1kAbKfDJS3eR1qWj
MMmuT5ckzClgb2FuXztFz3dc820Ml3wrg67vbRarCoR+Mo2yReWkDvzVIO+H+DOn
7U8zmWdt3B0LdAosPUNA+L3okZrZ+2c1SR2JcA7vIwoECRFr65E8tA==
-----END CERTIFICATE-----
Generated at Mon Apr 29 05:46:09 2024 by rpki-client on console-ams.rpki-client.org