Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/igElp70eRx10jkQ0apd2putzkOw.roa
File: igElp70eRx10jkQ0apd2putzkOw.roa (raw, json)
Hash identifier: pdS2s3jlksnWr69asPpBS5pKjyJ2D8u6TLutF92p8/4=
Subject key identifier: 8A:01:25:A7:BD:1E:47:1D:74:8E:44:34:6A:97:76:A6:EB:73:90:EC
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E7E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/igElp70eRx10jkQ0apd2putzkOw.roa
Signing time: Fri 29 Mar 2024 14:52:34 +0000
ROA not before: Fri 29 Mar 2024 14:52:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3710 (0xe7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 14:52:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8A0125A7BD1E471D748E44346A9776A6EB7390EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:73:b0:c3:9f:9c:41:ed:e0:8d:53:ba:48:75:
50:74:e9:15:d0:d0:26:c4:7c:8c:cb:84:3b:d3:71:
00:ed:7b:8f:0a:a6:af:b0:84:2a:e9:77:6e:03:67:
c4:a2:35:93:8f:ce:fb:dc:67:6f:d9:26:69:b2:ee:
a8:03:ae:3e:61:5f:c2:3a:ce:11:0a:a7:6c:53:d7:
c2:80:22:17:73:1e:82:97:05:54:ae:8e:dd:bb:5c:
ca:fa:51:41:1d:f5:91:f5:b9:1c:2c:ef:60:78:56:
56:f4:a7:66:0e:e5:de:80:7d:65:8a:1a:ea:bd:be:
1c:79:f2:c1:22:04:d2:e1:59:25:4f:fc:72:5a:ea:
62:34:fc:ea:a8:99:48:bd:38:1b:4a:9c:63:95:bc:
70:ea:8c:0d:c8:04:74:99:8f:63:b8:76:50:68:64:
37:8e:12:f7:07:30:dc:7a:f5:36:6d:b7:23:b1:7e:
30:24:9f:f9:91:a6:66:48:61:15:84:9c:3b:07:e8:
5d:99:f7:51:f8:c7:c5:be:fa:9d:ce:b6:fc:67:ac:
5f:37:60:cb:c7:97:f7:96:47:ff:73:34:57:23:cb:
d2:a3:20:1d:38:e9:fc:22:f3:4f:00:b0:73:53:f9:
b8:7e:e1:33:ce:86:11:ab:4f:11:e0:75:36:9e:31:
67:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:01:25:A7:BD:1E:47:1D:74:8E:44:34:6A:97:76:A6:EB:73:90:EC
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/igElp70eRx10jkQ0apd2putzkOw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:41:01:e9:4e:f5:5b:7a:18:cc:88:ff:cc:ae:2b:f1:71:6e:
34:0d:a5:e7:36:3d:17:14:02:7d:b3:b9:88:de:5c:0f:9d:3e:
1f:5d:23:df:d1:5b:54:cf:b3:1d:8c:34:0b:63:27:ca:fb:7e:
92:b3:11:6c:7c:73:d7:30:14:fa:30:dc:27:86:7c:a1:c0:90:
66:8e:2f:cc:3a:a0:c4:e2:10:63:33:2f:0f:e3:63:3f:f5:f2:
4a:6c:66:62:88:ff:0b:b0:bb:07:8d:cb:5c:d9:27:ed:2e:1e:
38:ac:62:ff:4a:d4:80:8c:61:b3:20:56:ad:51:e4:e2:57:34:
b4:b3:c1:83:47:28:05:78:01:de:26:f0:17:e4:7d:ca:3d:2b:
f5:f3:ac:0b:04:c5:39:58:42:5f:b6:d4:9c:18:dd:3d:c5:33:
47:f6:bb:26:89:d5:c5:e2:1a:18:1b:2d:ac:1a:fc:02:fd:a0:
82:76:f0:1f:57:1c:b0:a7:d4:00:91:ef:d5:b2:05:60:e7:d6:
d4:1a:a1:e9:c1:7f:23:0d:55:2f:1e:d3:bd:cc:f3:77:35:c8:
aa:5f:24:8b:93:5e:6a:db:2b:c2:d7:1e:fd:8c:14:9e:b8:8c:
db:d2:15:9d:e5:62:77:b9:3f:d2:fc:aa:ed:08:c3:0f:7a:1d:
88:f0:a6:d4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkx
NDUyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBMDEyNUE3QkQxRTQ3
MUQ3NDhFNDQzNDZBOTc3NkE2RUI3MzkwRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUc7DDn5xB7eCNU7pIdVB06RXQ0CbEfIzLhDvTcQDte48Kpq+w
hCrpd24DZ8SiNZOPzvvcZ2/ZJmmy7qgDrj5hX8I6zhEKp2xT18KAIhdzHoKXBVSu
jt27XMr6UUEd9ZH1uRws72B4Vlb0p2YO5d6AfWWKGuq9vhx58sEiBNLhWSVP/HJa
6mI0/OqomUi9OBtKnGOVvHDqjA3IBHSZj2O4dlBoZDeOEvcHMNx69TZttyOxfjAk
n/mRpmZIYRWEnDsH6F2Z91H4x8W++p3OtvxnrF83YMvHl/eWR/9zNFcjy9KjIB04
6fwi808AsHNT+bh+4TPOhhGrTxHgdTaeMWeJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUigElp70eRx10jkQ0apd2putzkOwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2lnRWxwNzBlUngxMGpr
UTBhcGQycHV0emtPdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKUEB6U71W3oYzIj/zK4r8XFuNA2l5zY9
FxQCfbO5iN5cD50+H10j39FbVM+zHYw0C2Mnyvt+krMRbHxz1zAU+jDcJ4Z8ocCQ
Zo4vzDqgxOIQYzMvD+NjP/XySmxmYoj/C7C7B43LXNkn7S4eOKxi/0rUgIxhsyBW
rVHk4lc0tLPBg0coBXgB3ibwF+R9yj0r9fOsCwTFOVhCX7bUnBjdPcUzR/a7JonV
xeIaGBstrBr8Av2ggnbwH1ccsKfUAJHv1bIFYOfW1Bqh6cF/Iw1VLx7TvczzdzXI
ql8ki5Neatsrwtce/YwUnriM29IVneVid7k/0vyq7QjDD3odiPCm1A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 20:37:21 2024 by rpki-client on console-fra.rpki-client.org