Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/h_-1Cq5pq8bj3kbxkWMxyI5V5WE.roa
File: h_-1Cq5pq8bj3kbxkWMxyI5V5WE.roa (raw, json)
Hash identifier: svK+HvLCi+R3cVTt/RGbY2C17ZLxFF5/ZBJqJyhRRrw=
Subject key identifier: 87:FF:B5:0A:AE:69:AB:C6:E3:DE:46:F1:91:63:31:C8:8E:55:E5:61
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BE2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h_-1Cq5pq8bj3kbxkWMxyI5V5WE.roa
Signing time: Sat 04 May 2024 07:54:13 +0000
ROA not before: Sat 04 May 2024 07:54:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7138 (0x1be2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 07:54:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=87FFB50AAE69ABC6E3DE46F1916331C88E55E561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7c:1c:04:25:9e:2c:55:79:a4:e0:2e:d9:3d:
9c:19:b3:10:ff:81:36:4b:60:e0:ed:07:13:dc:cb:
8e:84:d5:34:0a:ef:5c:20:1d:d3:7d:96:bf:5a:df:
94:3a:76:2e:94:3f:3e:5c:f4:58:f9:ce:b2:e6:02:
73:a8:e3:ee:03:76:88:2a:69:35:cb:b2:59:de:9a:
f4:7b:ee:45:c2:ba:cf:2f:60:8f:11:46:bf:98:ba:
98:50:1a:65:87:46:ef:8b:48:2e:f4:4b:c1:d2:c4:
12:ba:85:eb:58:c0:9e:3b:67:e3:72:a0:b9:89:71:
71:a7:aa:de:6e:ac:f5:59:78:25:64:21:72:c9:0d:
6a:bd:e4:3c:ef:7e:66:4c:55:42:e5:91:aa:95:ce:
6a:6f:db:a6:e8:f4:ce:44:4a:eb:da:07:60:dd:b5:
81:28:99:1d:c6:71:32:bf:fd:b1:7a:04:58:3a:8e:
0c:5d:62:cc:ec:cb:19:e2:cb:b4:70:9d:8d:e1:a0:
5d:52:50:1a:7d:eb:6e:e7:19:f4:84:8d:42:14:11:
11:2c:ba:73:67:f5:cb:04:1b:e1:ac:5b:40:6f:d1:
47:75:a9:3c:d1:ab:c7:31:0b:18:94:8f:b0:cc:32:
9f:91:70:8d:d2:62:13:6f:d7:92:86:84:02:2b:34:
0e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FF:B5:0A:AE:69:AB:C6:E3:DE:46:F1:91:63:31:C8:8E:55:E5:61
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h_-1Cq5pq8bj3kbxkWMxyI5V5WE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:0b:b9:d2:94:b3:42:3b:3d:14:8b:e8:94:7c:c5:c6:b6:97:
cf:ea:2b:42:fa:f3:81:4f:6f:c4:f5:7f:6c:57:4a:57:dc:ac:
25:51:c2:d0:35:27:d4:fa:d2:7b:95:4f:cd:8b:73:7a:f5:d3:
3c:93:70:c8:e8:eb:45:b8:9c:05:66:13:dd:e9:f8:70:b7:ae:
d8:90:27:3f:6d:19:ca:a8:56:32:d4:dd:55:fc:90:8c:b4:81:
e0:a5:7b:10:09:13:56:ef:18:16:1e:80:60:71:2e:eb:1c:4d:
8c:bf:9d:0b:1f:34:9d:a8:c5:0e:21:d9:44:09:23:a7:49:5a:
9a:50:53:1c:33:98:e7:55:71:10:ed:8b:c8:3a:71:02:d9:f0:
2a:b5:cc:e9:e7:4b:35:21:7f:b7:87:6c:74:31:b0:46:b0:76:
7b:f7:e5:bd:4a:6a:0e:3f:c6:b2:de:39:c0:ef:79:9f:91:71:
2e:4e:00:27:56:4f:29:e8:0a:6c:94:eb:de:71:d7:ba:04:44:
5a:47:4c:2c:c1:2c:3c:1f:40:b9:4f:fe:7b:bb:de:1d:4b:26:
e3:b8:e8:f8:13:0a:1c:75:30:03:35:9b:6c:93:f7:9d:c3:a6:
f3:ca:d7:c2:a9:68:a5:e3:19:88:ff:93:c0:5f:99:0c:3c:fc:
59:0b:80:0e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQw
NzU0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3RkZCNTBBQUU2OUFC
QzZFM0RFNDZGMTkxNjMzMUM4OEU1NUU1NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUfBwEJZ4sVXmk4C7ZPZwZsxD/gTZLYODtBxPcy46E1TQK71wg
HdN9lr9a35Q6di6UPz5c9Fj5zrLmAnOo4+4DdogqaTXLslnemvR77kXCus8vYI8R
Rr+YuphQGmWHRu+LSC70S8HSxBK6hetYwJ47Z+NyoLmJcXGnqt5urPVZeCVkIXLJ
DWq95DzvfmZMVULlkaqVzmpv26bo9M5ESuvaB2DdtYEomR3GcTK//bF6BFg6jgxd
Yszsyxniy7RwnY3hoF1SUBp9627nGfSEjUIUEREsunNn9csEG+GsW0Bv0Ud1qTzR
q8cxCxiUj7DMMp+RcI3SYhNv15KGhAIrNA7jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUh/+1Cq5pq8bj3kbxkWMxyI5V5WEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2hfLTFDcTVwcThiajNr
YnhrV014eUk1VjVXRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEArgu50pSzQjs9FIvolHzFxraXz+orQvrz
gU9vxPV/bFdKV9ysJVHC0DUn1PrSe5VPzYtzevXTPJNwyOjrRbicBWYT3en4cLeu
2JAnP20ZyqhWMtTdVfyQjLSB4KV7EAkTVu8YFh6AYHEu6xxNjL+dCx80najFDiHZ
RAkjp0lamlBTHDOY51VxEO2LyDpxAtnwKrXM6edLNSF/t4dsdDGwRrB2e/flvUpq
Dj/Gst45wO95n5FxLk4AJ1ZPKegKbJTr3nHXugREWkdMLMEsPB9AuU/+e7veHUsm
47jo+BMKHHUwAzWbbJP3ncOm88rXwqlopeMZiP+TwF+ZDDz8WQuADg==
-----END CERTIFICATE-----
Generated at Sat May 4 11:37:01 2024 by rpki-client on console-fra.rpki-client.org