Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/iwDaNfSvnqlKCc1_GWdtK6syPHY.roa
File: iwDaNfSvnqlKCc1_GWdtK6syPHY.roa (raw, json)
Hash identifier: cpYKcAeM/L2fOPOcNUwemqL8d9GIvKBAulBkvISKIGo=
Subject key identifier: 8B:00:DA:35:F4:AF:9E:A9:4A:09:CD:7F:19:67:6D:2B:AB:32:3C:76
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C30
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/iwDaNfSvnqlKCc1_GWdtK6syPHY.roa
Signing time: Sun 05 May 2024 03:24:14 +0000
ROA not before: Sun 05 May 2024 03:24:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7216 (0x1c30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 03:24:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B00DA35F4AF9EA94A09CD7F19676D2BAB323C76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2a:0f:22:c1:5c:ff:c5:a5:af:c9:19:05:a2:
ac:ea:ae:45:42:fc:9e:ef:33:f9:8a:4b:13:32:f4:
62:d6:9c:bf:9c:2a:de:2a:79:f8:75:fb:95:cd:c0:
ce:f8:ed:66:8c:ea:0d:9b:5f:68:77:2c:0e:04:ac:
08:fa:04:e2:ab:07:d1:83:cd:cd:61:e2:eb:bd:5d:
9d:cd:07:d9:df:21:fd:9a:f3:42:bc:82:62:7d:4d:
5e:e7:98:c6:52:09:18:32:6a:0e:18:1a:d9:f4:d0:
83:e4:c4:a6:69:73:bf:15:0e:3e:1e:50:0f:61:56:
f2:d3:90:91:57:4d:97:e3:88:04:71:d9:f1:ba:8f:
f7:57:bc:ec:dd:6e:f8:78:f3:34:0e:f0:c8:24:6b:
10:07:6c:ee:df:16:48:c9:6a:aa:b6:99:8f:e2:ee:
db:7c:75:9d:31:08:7d:58:ac:13:4f:71:b0:0e:26:
e2:2a:3f:40:b0:60:2e:6b:2d:47:69:b6:9e:c0:26:
80:5c:98:9f:ae:d1:94:6b:1b:fa:db:1f:83:01:25:
db:48:ba:d6:4a:30:e6:d3:b8:d3:29:51:cd:ff:75:
0b:d3:c3:1a:5e:84:17:db:86:bf:40:84:6d:7f:b1:
a1:af:00:28:32:fe:40:36:ee:18:35:c5:7f:1e:2d:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:00:DA:35:F4:AF:9E:A9:4A:09:CD:7F:19:67:6D:2B:AB:32:3C:76
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/iwDaNfSvnqlKCc1_GWdtK6syPHY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:2f:c8:39:75:28:f5:9e:14:bf:cf:3a:98:fa:7d:30:2c:f2:
22:22:24:c3:d8:6e:98:99:37:89:9b:b4:fa:c2:45:88:2a:e2:
a7:ca:cc:9f:4e:e5:8e:2f:e6:68:2a:64:a0:6d:94:98:13:84:
04:d1:ba:d6:d6:63:1b:c4:e2:0f:37:3a:2e:a5:42:ea:be:c1:
bb:96:04:35:73:33:9d:01:07:99:16:10:c5:e3:8e:d3:e0:09:
42:fb:59:cc:00:9c:30:e3:cf:8c:c2:5d:a0:29:26:cc:96:a6:
30:14:83:02:79:59:0a:02:26:a6:8e:d9:f3:3c:25:94:99:c8:
a0:88:f9:34:eb:94:c3:98:72:f1:cf:7c:d0:60:26:ca:9f:d8:
34:fa:8c:58:2a:46:1a:a2:51:2b:58:d5:24:4a:3d:0a:a7:38:
46:07:91:95:99:00:0c:c9:f3:6d:be:0e:cd:ac:1b:e4:7f:0f:
8c:6a:cc:1c:ef:93:2d:f8:f4:c2:f1:e2:22:8d:c4:c0:5e:9d:
b1:65:e7:a9:86:95:1e:ff:a2:ef:a7:6a:ac:72:2d:66:ea:96:
63:50:b7:29:39:9d:f5:5c:9c:a7:91:06:f6:76:bb:49:0a:89:
ca:41:40:c9:f6:94:c6:04:d6:9d:d0:ce:c8:00:d6:ad:d1:d9:
66:4b:24:d6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHDAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUw
MzI0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCMDBEQTM1RjRBRjlF
QTk0QTA5Q0Q3RjE5Njc2RDJCQUIzMjNDNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2Kg8iwVz/xaWvyRkFoqzqrkVC/J7vM/mKSxMy9GLWnL+cKt4q
efh1+5XNwM747WaM6g2bX2h3LA4ErAj6BOKrB9GDzc1h4uu9XZ3NB9nfIf2a80K8
gmJ9TV7nmMZSCRgyag4YGtn00IPkxKZpc78VDj4eUA9hVvLTkJFXTZfjiARx2fG6
j/dXvOzdbvh48zQO8MgkaxAHbO7fFkjJaqq2mY/i7tt8dZ0xCH1YrBNPcbAOJuIq
P0CwYC5rLUdptp7AJoBcmJ+u0ZRrG/rbH4MBJdtIutZKMObTuNMpUc3/dQvTwxpe
hBfbhr9AhG1/saGvACgy/kA27hg1xX8eLefdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUiwDaNfSvnqlKCc1/GWdtK6syPHYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2l3RGFOZlN2bnFsS0Nj
MV9HV2R0SzZzeVBIWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEACS/IOXUo9Z4Uv886mPp9MCzyIiIkw9hu
mJk3iZu0+sJFiCrip8rMn07lji/maCpkoG2UmBOEBNG61tZjG8TiDzc6LqVC6r7B
u5YENXMznQEHmRYQxeOO0+AJQvtZzACcMOPPjMJdoCkmzJamMBSDAnlZCgImpo7Z
8zwllJnIoIj5NOuUw5hy8c980GAmyp/YNPqMWCpGGqJRK1jVJEo9Cqc4RgeRlZkA
DMnzbb4Ozawb5H8PjGrMHO+TLfj0wvHiIo3EwF6dsWXnqYaVHv+i76dqrHItZuqW
Y1C3KTmd9Vycp5EG9na7SQqJykFAyfaUxgTWndDOyADWrdHZZksk1g==
-----END CERTIFICATE-----
Generated at Sun May 5 04:42:11 2024 by rpki-client on console-fra.rpki-client.org