Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/lX4xKbV1xSgBjOKQwc7X68TW95s.roa
File: lX4xKbV1xSgBjOKQwc7X68TW95s.roa (raw, json)
Hash identifier: RXXc3WAhjSX5CqbpgnMKVszOX4ky+bts7ld3g1KhqXs=
Subject key identifier: 95:7E:31:29:B5:75:C5:28:01:8C:E2:90:C1:CE:D7:EB:C4:D6:F7:9B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 158E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/lX4xKbV1xSgBjOKQwc7X68TW95s.roa
Signing time: Wed 17 Apr 2024 10:53:32 +0000
ROA not before: Wed 17 Apr 2024 10:53:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5518 (0x158e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 10:53:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=957E3129B575C528018CE290C1CED7EBC4D6F79B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:99:ff:06:38:d3:f1:1a:ce:fa:85:c5:fb:ef:
4f:50:a2:e2:22:dc:32:f2:1c:e0:71:37:80:23:93:
10:b9:70:3d:5a:34:6d:f3:f1:14:10:2e:51:2e:68:
59:a7:aa:74:41:68:c7:39:9a:db:5c:2a:5a:51:3f:
05:5c:79:95:3b:10:8e:63:29:1d:db:db:bb:78:b1:
20:c4:d2:16:14:07:99:9b:d9:33:6c:c5:46:c3:77:
8f:b6:1a:95:02:98:14:49:e7:68:47:a6:e2:fe:0c:
75:ad:0f:ce:1d:e6:c3:fc:bb:f4:1a:5b:31:7f:42:
73:29:15:6c:70:38:58:6c:91:8d:4f:d1:69:4d:02:
9f:47:23:7e:40:cf:c3:62:c2:0f:d4:77:11:76:0d:
84:1a:7f:c5:03:80:56:38:fb:42:f6:4f:0b:25:66:
67:54:da:15:11:ff:e0:24:b5:c6:a3:29:6d:3b:22:
0a:db:89:b1:e0:c9:1e:32:20:bd:6b:1f:fd:ce:2c:
da:f4:f2:0c:50:22:22:f5:55:04:62:92:1e:db:ef:
47:c3:65:1f:54:75:1b:b9:45:7c:d1:a9:fd:f0:96:
74:87:5e:c1:0b:ae:e5:0f:cf:5b:6c:22:b7:70:49:
57:30:02:fc:ac:d2:68:66:7b:da:b0:7b:97:71:97:
ba:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7E:31:29:B5:75:C5:28:01:8C:E2:90:C1:CE:D7:EB:C4:D6:F7:9B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/lX4xKbV1xSgBjOKQwc7X68TW95s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:ff:a6:52:97:1b:ca:c3:29:aa:9f:27:7c:4a:36:45:42:74:
92:50:ec:f1:2b:77:16:09:01:8a:08:07:af:11:df:a4:db:94:
28:de:ae:59:2e:43:af:ac:1f:3a:ea:52:27:c4:26:e9:b4:b4:
28:b7:2e:34:a7:d6:dd:8a:89:26:16:d8:71:1f:e3:a6:f0:57:
d9:d9:65:c2:39:bd:16:48:a9:67:08:43:a6:b9:c7:ed:2d:d0:
3f:a5:eb:d1:7d:e5:46:e4:34:bf:51:af:61:36:15:71:ba:24:
9f:47:5b:50:15:0d:b3:31:db:c9:a8:c7:4a:a9:f0:d8:bb:85:
c5:5e:ac:07:35:51:da:09:d2:1b:e8:c2:4c:59:7a:81:6d:a9:
c7:53:eb:73:5e:9e:01:51:6a:da:e9:0c:69:48:43:e7:29:b9:
95:72:d9:e9:d2:2f:9a:cb:6f:59:df:dd:0f:45:7c:cb:58:e0:
7d:d2:46:4e:45:dc:a4:94:66:c2:b2:92:35:00:4e:ce:02:da:
e5:48:2a:8c:19:6a:50:f3:12:c6:62:82:9d:f2:6b:fb:5c:f5:
97:c2:6e:81:49:1f:da:d0:6d:7f:99:0e:93:fc:56:91:f5:9c:
96:87:43:17:00:c7:27:a2:f2:ab:27:e3:68:02:d1:d1:7c:61:
56:eb:35:78
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcx
MDUzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1N0UzMTI5QjU3NUM1
MjgwMThDRTI5MEMxQ0VEN0VCQzRENkY3OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5mf8GONPxGs76hcX7709QouIi3DLyHOBxN4AjkxC5cD1aNG3z
8RQQLlEuaFmnqnRBaMc5mttcKlpRPwVceZU7EI5jKR3b27t4sSDE0hYUB5mb2TNs
xUbDd4+2GpUCmBRJ52hHpuL+DHWtD84d5sP8u/QaWzF/QnMpFWxwOFhskY1P0WlN
Ap9HI35Az8Niwg/UdxF2DYQaf8UDgFY4+0L2TwslZmdU2hUR/+AktcajKW07Igrb
ibHgyR4yIL1rH/3OLNr08gxQIiL1VQRikh7b70fDZR9UdRu5RXzRqf3wlnSHXsEL
ruUPz1tsIrdwSVcwAvys0mhme9qwe5dxl7pvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlX4xKbV1xSgBjOKQwc7X68TW95swHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2xYNHhLYlYxeFNnQmpP
S1F3YzdYNjhUVzk1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEANf+mUpcbysMpqp8nfEo2RUJ0klDs8St3
FgkBiggHrxHfpNuUKN6uWS5Dr6wfOupSJ8Qm6bS0KLcuNKfW3YqJJhbYcR/jpvBX
2dllwjm9FkipZwhDprnH7S3QP6Xr0X3lRuQ0v1GvYTYVcbokn0dbUBUNszHbyajH
Sqnw2LuFxV6sBzVR2gnSG+jCTFl6gW2px1Prc16eAVFq2ukMaUhD5ym5lXLZ6dIv
mstvWd/dD0V8y1jgfdJGTkXcpJRmwrKSNQBOzgLa5UgqjBlqUPMSxmKCnfJr+1z1
l8JugUkf2tBtf5kOk/xWkfWclodDFwDHJ6LyqyfjaALR0XxhVus1eA==
-----END CERTIFICATE-----
Generated at Wed Apr 17 14:45:22 2024 by rpki-client on console-fra.rpki-client.org