Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/iRp33We0PsaF59vVnbr3SbS8pwI.roa
File: iRp33We0PsaF59vVnbr3SbS8pwI.roa (raw, json)
Hash identifier: lv/aF4TgzaI2dgIaXM9McGiceo9PuoLbg79YItTfFnc=
Subject key identifier: 89:1A:77:DD:67:B4:3E:C6:85:E7:DB:D5:9D:BA:F7:49:B4:BC:A7:02
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A04
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/iRp33We0PsaF59vVnbr3SbS8pwI.roa
Signing time: Mon 29 Apr 2024 08:23:55 +0000
ROA not before: Mon 29 Apr 2024 08:23:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6660 (0x1a04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 29 08:23:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=891A77DD67B43EC685E7DBD59DBAF749B4BCA702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:da:99:91:d1:ae:5f:b8:27:2a:7d:19:f7:e4:
e3:fd:3c:89:7a:f5:8c:c8:2a:64:4c:fa:66:9b:cc:
76:48:3d:c9:ce:f1:81:d3:57:9c:6b:eb:33:57:03:
b4:de:a7:de:5e:68:e1:13:c5:bd:c1:c8:27:34:51:
19:13:eb:4d:4b:63:68:36:d5:a9:2c:4b:03:ab:00:
95:1c:98:f0:5c:38:a1:77:54:a0:a6:12:46:6b:69:
1d:ad:48:38:fb:88:50:00:a7:78:6b:99:ff:f9:9f:
46:3c:24:67:75:64:86:2d:73:dd:ef:a3:88:f0:08:
79:df:6b:a0:4d:56:c7:d0:7b:39:21:1b:97:3c:43:
90:e0:7a:e2:80:b6:55:4d:37:20:a8:0a:ea:90:78:
6f:21:5d:41:74:8e:41:7b:35:58:b1:91:26:af:ff:
41:32:d8:e7:1c:1a:f9:b0:13:80:5a:f5:f8:6c:06:
1e:6e:28:3e:6f:fd:84:f1:45:c3:67:55:02:bd:06:
43:98:43:2b:ec:e0:f9:d4:4f:b6:c7:d1:ac:55:62:
10:8d:a6:f2:c3:56:b2:e0:7b:1a:0f:6a:68:76:39:
be:21:2d:c3:8e:1f:d3:a2:6f:86:b6:1e:93:88:0a:
e6:52:95:fe:43:d8:7b:3c:62:94:05:c6:ac:64:ce:
6e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1A:77:DD:67:B4:3E:C6:85:E7:DB:D5:9D:BA:F7:49:B4:BC:A7:02
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/iRp33We0PsaF59vVnbr3SbS8pwI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:ff:b9:53:c1:6e:24:6c:6a:3f:bb:7d:9f:09:11:7b:d3:f7:
bb:92:a9:dd:1d:dc:f3:5e:e9:02:d9:78:64:32:2f:5c:3a:bf:
4b:eb:21:b8:e2:60:5d:ec:ca:a4:06:1c:40:0c:44:52:50:0a:
e9:56:1c:55:36:bf:43:19:db:b5:2d:0f:9e:ff:8c:5d:f3:68:
d1:a7:ab:f9:af:2f:23:66:03:0d:d7:3b:cb:f4:af:3c:da:6d:
48:93:84:b0:88:0f:45:9e:1a:9d:76:9e:4d:25:69:ce:75:9d:
c0:1d:61:4e:69:41:0a:03:80:f3:3b:58:c9:d6:6b:e9:4c:60:
04:16:67:b6:11:df:47:40:f9:9a:01:1c:d5:b7:33:74:1c:55:
83:08:f8:ad:b5:09:97:57:fe:de:db:93:80:f7:f0:90:19:da:
a5:0e:ce:5a:06:39:4f:bb:e0:b7:54:77:a7:cf:e4:9a:85:95:
af:79:e5:58:69:e8:9b:3f:50:57:7e:15:6f:62:3c:bc:a2:27:
28:60:42:a4:6e:84:8e:58:32:a9:47:ed:74:4d:9f:03:d2:bc:
f6:90:dc:5c:5a:f2:a9:b5:c5:73:87:5a:a0:30:fb:f4:28:54:
b0:82:e9:b5:06:e2:2b:d8:75:2b:be:10:a7:25:31:bf:ec:04:
71:d2:e3:9d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGgQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjkw
ODIzNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg5MUE3N0RENjdCNDNF
QzY4NUU3REJENTlEQkFGNzQ5QjRCQ0E3MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT2pmR0a5fuCcqfRn35OP9PIl69YzIKmRM+mabzHZIPcnO8YHT
V5xr6zNXA7Tep95eaOETxb3ByCc0URkT601LY2g21aksSwOrAJUcmPBcOKF3VKCm
EkZraR2tSDj7iFAAp3hrmf/5n0Y8JGd1ZIYtc93vo4jwCHnfa6BNVsfQezkhG5c8
Q5DgeuKAtlVNNyCoCuqQeG8hXUF0jkF7NVixkSav/0Ey2OccGvmwE4Ba9fhsBh5u
KD5v/YTxRcNnVQK9BkOYQyvs4PnUT7bH0axVYhCNpvLDVrLgexoPamh2Ob4hLcOO
H9Oib4a2HpOICuZSlf5D2Hs8YpQFxqxkzm7zAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUiRp33We0PsaF59vVnbr3SbS8pwIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2lScDMzV2UwUHNhRjU5
dlZuYnIzU2JTOHB3SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAg/+5U8FuJGxqP7t9nwkRe9P3u5Kp3R3c
817pAtl4ZDIvXDq/S+shuOJgXezKpAYcQAxEUlAK6VYcVTa/QxnbtS0Pnv+MXfNo
0aer+a8vI2YDDdc7y/SvPNptSJOEsIgPRZ4anXaeTSVpznWdwB1hTmlBCgOA8ztY
ydZr6UxgBBZnthHfR0D5mgEc1bczdBxVgwj4rbUJl1f+3tuTgPfwkBnapQ7OWgY5
T7vgt1R3p8/kmoWVr3nlWGnomz9QV34Vb2I8vKInKGBCpG6EjlgyqUftdE2fA9K8
9pDcXFryqbXFc4daoDD79ChUsILptQbiK9h1K74QpyUxv+wEcdLjnQ==
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:26 2024 by rpki-client on console-fra.rpki-client.org