Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/h5RT-2eKI3nLuuXc9NTSeUfUKM4.roa
File: h5RT-2eKI3nLuuXc9NTSeUfUKM4.roa (raw, json)
Hash identifier: aL187ZdRKXfFvoxxnrIYaXHqKxlFf2712ZAAGneigfI=
Subject key identifier: 87:94:53:FB:67:8A:23:79:CB:BA:E5:DC:F4:D4:D2:79:47:D4:28:CE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D3A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h5RT-2eKI3nLuuXc9NTSeUfUKM4.roa
Signing time: Tue 07 May 2024 21:54:22 +0000
ROA not before: Tue 07 May 2024 21:54:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7482 (0x1d3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 7 21:54:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=879453FB678A2379CBBAE5DCF4D4D27947D428CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ff:c7:44:88:23:20:ed:66:4f:c9:fb:94:4a:
99:33:d8:1d:20:94:8a:95:5e:32:f6:14:fa:60:2a:
98:f7:18:3b:26:6a:3a:bf:bf:b5:3e:36:20:fd:f5:
6c:24:fa:40:79:c8:11:cc:d4:32:a6:c7:62:0a:6d:
d9:c3:0d:e4:aa:20:c8:3e:60:81:d1:89:53:5c:a7:
b1:67:32:77:e8:c8:0e:a8:4d:f7:8f:0d:19:27:2a:
38:60:72:75:c2:82:41:b8:19:3e:7f:4f:20:73:91:
e7:42:41:2d:5d:9c:60:74:0a:26:b3:26:91:e2:bf:
eb:fc:0b:42:3b:51:1c:1b:ae:15:e8:30:41:d6:a1:
c4:dc:48:3c:d6:6e:4e:d5:58:21:df:39:90:82:b0:
43:87:ec:d3:e2:36:ea:23:1a:05:b3:6a:b2:d2:ff:
69:e4:ec:62:ac:85:7d:69:65:b6:a9:8c:68:43:e5:
24:67:f6:ff:53:67:99:2b:69:9d:41:58:45:ed:5f:
12:2a:2b:91:17:bf:c8:92:88:d1:a8:2f:5c:96:56:
93:f5:98:fa:0e:15:0d:09:7f:de:61:68:e1:0c:09:
db:a8:e8:77:c0:fe:7c:53:52:bc:58:25:98:3a:8d:
5f:2c:26:56:53:10:94:d4:ba:53:9c:e7:09:d5:9f:
42:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:94:53:FB:67:8A:23:79:CB:BA:E5:DC:F4:D4:D2:79:47:D4:28:CE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h5RT-2eKI3nLuuXc9NTSeUfUKM4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:80:62:5c:5b:72:df:70:ef:a1:cf:4b:91:25:0e:39:e1:c5:
8b:20:82:b8:20:f2:2e:a9:eb:a3:8b:19:7c:25:96:c1:ae:4f:
79:39:74:68:46:04:31:7d:62:cd:3e:77:1b:1b:53:f9:e7:db:
3c:65:dc:45:ba:b5:f6:15:71:55:94:6e:fe:72:6c:3f:66:41:
5a:21:59:24:e4:2e:fb:39:c1:44:d2:09:1d:66:b1:c2:de:01:
3b:7d:b8:15:7e:0b:ca:86:62:7e:f8:1b:58:11:eb:ed:a6:63:
6c:f8:63:41:27:84:36:15:74:5f:43:23:8f:0b:c4:5b:52:28:
4c:c8:77:44:8c:58:16:76:1d:49:9f:6e:66:24:55:6d:d6:6f:
4c:22:3d:ad:e7:a2:13:91:1b:98:52:fe:a7:26:7f:1f:0e:37:
fc:bc:17:fd:d9:a4:5e:63:75:fa:c8:9f:48:52:c6:24:26:35:
2f:e3:46:7c:98:af:f6:ec:e7:1e:1b:cf:71:72:02:fc:e0:f6:
f5:84:dc:1e:c1:1c:a7:e7:e2:6f:8e:c9:f7:c2:82:b7:13:88:
08:67:ea:63:d4:29:3b:ac:8c:44:b9:cd:87:7c:ff:2d:ae:b6:
88:aa:8c:a4:0c:ac:8a:b0:69:8b:97:b1:ea:52:37:b1:14:7c:
55:38:29:6c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDcy
MTU0MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3OTQ1M0ZCNjc4QTIz
NzlDQkJBRTVEQ0Y0RDREMjc5NDdENDI4Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+/8dEiCMg7WZPyfuUSpkz2B0glIqVXjL2FPpgKpj3GDsmajq/
v7U+NiD99Wwk+kB5yBHM1DKmx2IKbdnDDeSqIMg+YIHRiVNcp7FnMnfoyA6oTfeP
DRknKjhgcnXCgkG4GT5/TyBzkedCQS1dnGB0CiazJpHiv+v8C0I7URwbrhXoMEHW
ocTcSDzWbk7VWCHfOZCCsEOH7NPiNuojGgWzarLS/2nk7GKshX1pZbapjGhD5SRn
9v9TZ5kraZ1BWEXtXxIqK5EXv8iSiNGoL1yWVpP1mPoOFQ0Jf95haOEMCduo6HfA
/nxTUrxYJZg6jV8sJlZTEJTUulOc5wnVn0JXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUh5RT+2eKI3nLuuXc9NTSeUfUKM4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2g1UlQtMmVLSTNuTHV1
WGM5TlRTZVVmVUtNNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAcoBiXFty33Dvoc9LkSUOOeHFiyCCuCDy
Lqnro4sZfCWWwa5PeTl0aEYEMX1izT53GxtT+efbPGXcRbq19hVxVZRu/nJsP2ZB
WiFZJOQu+znBRNIJHWaxwt4BO324FX4LyoZifvgbWBHr7aZjbPhjQSeENhV0X0Mj
jwvEW1IoTMh3RIxYFnYdSZ9uZiRVbdZvTCI9reeiE5EbmFL+pyZ/Hw43/LwX/dmk
XmN1+sifSFLGJCY1L+NGfJiv9uznHhvPcXIC/OD29YTcHsEcp+fib47J98KCtxOI
CGfqY9QpO6yMRLnNh3z/La62iKqMpAysirBpi5ex6lI3sRR8VTgpbA==
-----END CERTIFICATE-----
Generated at Tue May 7 23:31:37 2024 by rpki-client on console-fra.rpki-client.org