Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/i6fMjGUdoCb0vGgYpIVktlx5HcU.roa
File: i6fMjGUdoCb0vGgYpIVktlx5HcU.roa (raw, json)
Hash identifier: Cp/qaagockuWyPAUgngN/xZ0deKCBDGaqhsdcgVZHdY=
Subject key identifier: 8B:A7:CC:8C:65:1D:A0:26:F4:BC:68:18:A4:85:64:B6:5C:79:1D:C5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0EE2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/i6fMjGUdoCb0vGgYpIVktlx5HcU.roa
Signing time: Sat 30 Mar 2024 15:52:32 +0000
ROA not before: Sat 30 Mar 2024 15:52:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3810 (0xee2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 15:52:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8BA7CC8C651DA026F4BC6818A48564B65C791DC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e8:5a:64:27:bf:c3:5c:69:28:9b:7d:80:98:
03:d8:d1:f4:b0:b2:46:d6:bb:56:68:68:11:cd:94:
28:a9:d2:08:21:91:49:f8:ce:03:f5:dc:46:a1:5c:
6a:2b:72:8c:47:3c:bf:9b:e4:f3:77:08:b7:c4:5f:
2a:b2:42:b0:c1:30:bf:6c:2d:0c:40:04:ec:d6:b4:
23:07:7a:9b:f5:c6:e8:c8:38:b4:78:92:b8:f3:17:
48:af:38:ae:7a:5a:9e:e8:4d:cd:49:ec:2e:bb:a5:
2b:77:b3:d9:e3:35:01:3c:61:d4:ec:b8:8b:63:05:
08:99:aa:d7:6b:3e:f6:e7:3c:9c:fa:ca:e0:48:be:
bc:1b:5a:48:67:89:4c:90:8b:44:ef:7c:be:61:27:
a3:8f:ee:42:48:64:ee:39:ea:0a:fd:76:d8:7b:b3:
ca:f0:78:e1:05:14:2b:66:1c:bb:90:45:a5:da:1c:
4c:f1:27:02:f6:72:98:21:68:70:ca:88:02:fc:f2:
30:dd:c1:01:2d:25:f5:4f:76:f2:ba:a6:ca:9b:40:
5a:b5:40:11:98:49:80:ca:2b:9a:06:3e:0e:7d:cb:
a6:f0:74:b6:a8:b2:f7:aa:ea:51:ad:ec:89:79:b8:
db:79:4a:92:a5:1a:1c:5f:3e:66:f5:6e:ef:16:5e:
57:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A7:CC:8C:65:1D:A0:26:F4:BC:68:18:A4:85:64:B6:5C:79:1D:C5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/i6fMjGUdoCb0vGgYpIVktlx5HcU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:04:d9:1b:ef:7a:7f:f7:67:04:81:f8:12:f4:7f:f4:7a:44:
93:7f:b2:85:1c:0b:b4:83:e3:5a:ec:20:1d:14:c4:70:04:ae:
cd:26:ce:89:4b:18:45:08:08:00:86:41:aa:3c:ac:84:58:f2:
ce:25:90:3c:82:a2:8c:b7:f2:21:ea:08:2f:b9:af:7b:7c:72:
a0:5d:df:3c:77:78:b4:ac:b8:65:6e:86:eb:6b:c5:f6:41:6b:
95:35:c5:71:d0:58:89:5a:fb:45:91:31:4c:0e:67:fd:39:81:
e1:b3:e6:63:3e:88:50:dc:45:5a:2d:54:a0:3a:f4:54:71:81:
07:4b:cc:69:b2:57:58:7f:d9:5b:3f:f3:10:20:20:86:9b:f3:
5a:21:1d:2f:6c:c6:61:c8:e6:55:bc:de:5f:a6:ef:ab:71:e3:
9c:bc:34:c3:a4:62:0b:e7:f3:d8:0c:ba:40:9e:51:6b:cd:af:
83:f0:98:3d:57:76:dc:c6:23:c4:2b:20:7d:8a:13:eb:ad:c1:
be:99:0d:20:50:5b:52:67:85:b2:55:29:87:19:3e:32:e4:12:
28:cc:15:70:c1:74:1d:29:3e:0c:57:44:38:6d:85:58:c8:61:
bd:3a:ae:3f:cd:2a:b5:e2:98:0e:68:06:b9:5c:5f:84:c1:dd:
ec:c4:dc:34
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAx
NTUyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCQTdDQzhDNjUxREEw
MjZGNEJDNjgxOEE0ODU2NEI2NUM3OTFEQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE6FpkJ7/DXGkom32AmAPY0fSwskbWu1ZoaBHNlCip0gghkUn4
zgP13EahXGorcoxHPL+b5PN3CLfEXyqyQrDBML9sLQxABOzWtCMHepv1xujIOLR4
krjzF0ivOK56Wp7oTc1J7C67pSt3s9njNQE8YdTsuItjBQiZqtdrPvbnPJz6yuBI
vrwbWkhniUyQi0TvfL5hJ6OP7kJIZO456gr9dth7s8rweOEFFCtmHLuQRaXaHEzx
JwL2cpghaHDKiAL88jDdwQEtJfVPdvK6psqbQFq1QBGYSYDKK5oGPg59y6bwdLao
sveq6lGt7Il5uNt5SpKlGhxfPmb1bu8WXlehAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUi6fMjGUdoCb0vGgYpIVktlx5HcUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2k2Zk1qR1Vkb0NiMHZH
Z1lwSVZrdGx4NUhjVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEApgTZG+96f/dnBIH4EvR/9HpEk3+yhRwL
tIPjWuwgHRTEcASuzSbOiUsYRQgIAIZBqjyshFjyziWQPIKijLfyIeoIL7mve3xy
oF3fPHd4tKy4ZW6G62vF9kFrlTXFcdBYiVr7RZExTA5n/TmB4bPmYz6IUNxFWi1U
oDr0VHGBB0vMabJXWH/ZWz/zECAghpvzWiEdL2zGYcjmVbzeX6bvq3HjnLw0w6Ri
C+fz2Ay6QJ5Ra82vg/CYPVd23MYjxCsgfYoT663BvpkNIFBbUmeFslUphxk+MuQS
KMwVcMF0HSk+DFdEOG2FWMhhvTquP80qteKYDmgGuVxfhMHd7MTcNA==
-----END CERTIFICATE-----
Generated at Sat Mar 30 17:26:57 2024 by rpki-client on console-fra.rpki-client.org