Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/l9emeBao_sgh91iFdXDrfrNjOKQ.roa
File: l9emeBao_sgh91iFdXDrfrNjOKQ.roa (raw, json)
Hash identifier: F3z8V2pJo6Er105P8YKvamGrjaVVZNA+LNHs9rzUO7w=
Subject key identifier: 97:D7:A6:78:16:A8:FE:C8:21:F7:58:85:75:70:EB:7E:B3:63:38:A4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C42
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/l9emeBao_sgh91iFdXDrfrNjOKQ.roa
Signing time: Sun 05 May 2024 07:54:19 +0000
ROA not before: Sun 05 May 2024 07:54:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7234 (0x1c42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 07:54:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=97D7A67816A8FEC821F758857570EB7EB36338A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:69:13:83:96:3a:b1:99:e0:a1:c1:4e:d1:
c3:2b:97:95:b5:f7:f0:1c:00:67:37:b1:4c:5e:e5:
69:00:8d:a9:6a:05:97:9d:6d:8f:76:0e:31:c1:46:
e6:f8:1e:c4:67:c0:62:5e:1c:e1:90:60:b5:18:63:
cd:e0:1e:af:7f:28:8b:ab:bf:2e:40:a6:1d:83:8f:
a6:ca:7d:63:c8:b9:d3:05:f0:de:45:d2:73:a6:d5:
84:4f:30:76:29:b2:8a:f3:4d:a8:92:b8:d4:56:1b:
96:09:57:5c:c4:e4:c4:b8:a4:c6:c6:bd:16:b3:63:
ae:07:90:ae:d5:75:8c:92:38:52:aa:bf:80:5a:a1:
ab:22:36:0c:ec:74:33:fb:91:5b:6e:65:13:6f:1e:
1e:a5:fc:e5:ca:9d:02:d5:54:6c:7f:bb:e1:84:0d:
fe:1e:bb:67:16:a1:16:c3:8c:35:20:60:8d:3e:de:
28:48:f2:8d:43:e5:87:62:69:da:7f:81:91:7b:2d:
46:7d:6c:4a:44:93:26:76:5d:9a:c0:9b:8e:4e:4c:
80:62:d2:f1:e3:34:2b:5a:09:9a:c8:27:3c:0a:60:
24:af:a3:4c:26:df:c9:f8:da:ea:8b:51:ca:a4:5f:
e6:e7:b4:bf:74:c1:fa:b8:a7:06:e1:e7:0b:c5:2b:
bf:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D7:A6:78:16:A8:FE:C8:21:F7:58:85:75:70:EB:7E:B3:63:38:A4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/l9emeBao_sgh91iFdXDrfrNjOKQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:2c:4d:ce:6c:87:46:a1:c4:54:4c:26:1f:25:3c:fc:07:d9:
8b:35:8d:54:44:b5:82:4c:80:7a:3e:9d:72:c8:e6:70:58:c0:
79:55:e4:17:b1:0f:7e:72:8c:a4:0b:de:c9:cd:1d:55:0b:1c:
39:7c:40:84:40:df:ae:c4:fc:e8:e8:e0:51:13:68:b2:54:67:
ce:ca:3f:cf:81:5d:11:84:f2:b3:70:8b:84:24:12:f0:a3:0c:
eb:24:d0:38:ba:8b:47:d3:b0:08:84:ad:db:88:9f:19:b0:c8:
ee:25:81:d5:57:2b:0a:a6:03:74:a0:71:33:a1:bd:c8:7b:ab:
2f:ce:6f:bb:70:70:02:71:62:15:13:c5:1b:35:19:5e:35:43:
06:cf:8f:c9:67:d7:8e:56:fd:18:11:57:56:f2:8d:98:57:a8:
4e:2b:7d:c6:5e:33:2c:5d:b9:78:a4:c1:5e:ce:5f:59:d1:0e:
e7:e7:dd:e7:b9:4f:10:3e:b4:66:4e:9a:cf:d4:23:89:21:51:
1d:e3:df:c3:60:88:96:50:01:b9:48:23:f4:51:c7:8f:08:f1:
a2:2f:9e:00:bc:b8:ff:06:ca:61:19:98:00:ee:09:7b:11:3a:
2e:ef:f9:30:4a:9c:41:db:95:7c:f0:7f:f6:da:13:c6:f8:45:
9d:ed:db:57
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHEIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUw
NzU0MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3RDdBNjc4MTZBOEZF
QzgyMUY3NTg4NTc1NzBFQjdFQjM2MzM4QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC57mkTg5Y6sZngocFO0cMrl5W19/AcAGc3sUxe5WkAjalqBZed
bY92DjHBRub4HsRnwGJeHOGQYLUYY83gHq9/KIurvy5Aph2Dj6bKfWPIudMF8N5F
0nOm1YRPMHYpsorzTaiSuNRWG5YJV1zE5MS4pMbGvRazY64HkK7VdYySOFKqv4Ba
oasiNgzsdDP7kVtuZRNvHh6l/OXKnQLVVGx/u+GEDf4eu2cWoRbDjDUgYI0+3ihI
8o1D5Ydiadp/gZF7LUZ9bEpEkyZ2XZrAm45OTIBi0vHjNCtaCZrIJzwKYCSvo0wm
38n42uqLUcqkX+bntL90wfq4pwbh5wvFK7+pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUl9emeBao/sgh91iFdXDrfrNjOKQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2w5ZW1lQmFvX3NnaDkx
aUZkWERyZnJOak9LUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAkyxNzmyHRqHEVEwmHyU8/AfZizWNVES1
gkyAej6dcsjmcFjAeVXkF7EPfnKMpAveyc0dVQscOXxAhEDfrsT86OjgURNoslRn
zso/z4FdEYTys3CLhCQS8KMM6yTQOLqLR9OwCISt24ifGbDI7iWB1VcrCqYDdKBx
M6G9yHurL85vu3BwAnFiFRPFGzUZXjVDBs+PyWfXjlb9GBFXVvKNmFeoTit9xl4z
LF25eKTBXs5fWdEO5+fd57lPED60Zk6az9QjiSFRHePfw2CIllABuUgj9FHHjwjx
oi+eALy4/wbKYRmYAO4JexE6Lu/5MEqcQduVfPB/9toTxvhFne3bVw==
-----END CERTIFICATE-----
Generated at Sun May 5 10:57:49 2024 by rpki-client on console-ams.rpki-client.org