Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/lZ7Ni18JmbUbewR6W7xiR57Uhpo.roa
File: lZ7Ni18JmbUbewR6W7xiR57Uhpo.roa (raw, json)
Hash identifier: qJnqfYXNCq64FQvDFLlZaAKjT+i2bp0GfTDl8kltPHQ=
Subject key identifier: 95:9E:CD:8B:5F:09:99:B5:1B:7B:04:7A:5B:BC:62:47:9E:D4:86:9A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1696
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/lZ7Ni18JmbUbewR6W7xiR57Uhpo.roa
Signing time: Sat 20 Apr 2024 04:54:22 +0000
ROA not before: Sat 20 Apr 2024 04:54:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5782 (0x1696)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 04:54:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=959ECD8B5F0999B51B7B047A5BBC62479ED4869A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:21:4b:03:5f:f3:22:c1:4d:07:00:a5:42:3f:
b9:9a:ef:45:a7:44:87:9d:67:5c:c7:0f:80:2d:b7:
1e:9e:41:5b:dc:71:4f:20:86:c9:d7:49:65:43:40:
00:a9:0b:0d:19:d0:b8:d1:c5:6b:d2:05:af:93:be:
6b:71:fe:e7:a3:f0:81:3f:ed:95:0d:63:0b:f9:b2:
90:0b:6c:c6:fa:b4:4d:33:ac:b8:a2:c4:b5:a9:df:
8e:1f:83:a6:87:08:e3:18:cd:61:24:05:8b:38:5e:
6c:4a:e9:cc:2e:e7:5c:4b:54:54:f6:b3:98:22:a6:
58:72:32:ab:01:45:58:ac:c3:dd:f3:96:f0:ca:e2:
fd:bc:74:17:94:65:df:a1:9a:c2:6b:cc:30:37:49:
8d:81:a1:cb:f6:ab:3c:9f:bd:8f:c6:e3:62:22:03:
83:40:0d:7f:5f:59:e4:a6:6b:e7:4e:53:d1:33:46:
60:39:c5:06:d9:1f:34:81:bd:7b:dc:2e:e2:32:bd:
ed:89:bd:ce:3c:cf:1f:21:0d:9b:43:8a:49:b8:00:
17:52:7c:1e:42:0f:39:20:91:91:e3:ee:e1:7e:b5:
9d:ce:e9:9b:87:42:eb:f3:6b:20:0c:a1:b9:2f:d5:
a0:71:04:44:d6:a7:a6:5b:5d:b8:06:a7:c3:f2:8d:
b0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9E:CD:8B:5F:09:99:B5:1B:7B:04:7A:5B:BC:62:47:9E:D4:86:9A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/lZ7Ni18JmbUbewR6W7xiR57Uhpo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:cb:86:bd:1f:63:ef:d3:2b:5e:d6:24:08:c7:ef:63:af:8d:
08:05:e1:54:80:a1:17:c5:0d:68:2b:b4:d7:f6:31:76:2e:b4:
ec:47:a1:dd:80:7e:a1:06:92:7f:c3:42:c8:a1:3b:f6:b5:fc:
3a:7e:61:01:2b:12:a5:73:ae:d6:04:dc:57:58:13:b5:b0:5d:
cd:c6:df:04:e5:2e:eb:64:fb:cd:59:31:18:82:a0:70:df:32:
70:71:4c:e8:00:21:cb:0e:7f:38:69:db:32:0f:c7:1a:06:69:
20:1a:27:db:f9:fe:45:97:df:e9:69:82:e8:2e:a0:d4:c6:43:
9b:86:f7:08:27:36:0d:40:b7:26:0e:a6:41:c8:a8:96:8c:4c:
16:c2:5a:0f:6e:fd:7e:e3:f0:ef:69:3f:98:4c:ee:ec:c6:55:
40:4d:70:48:15:54:b6:14:d6:11:f6:af:54:22:9b:7b:4c:b9:
bd:43:0d:dc:09:3d:5f:04:d7:64:c3:61:56:de:30:82:fb:d0:
27:29:63:f4:4e:d7:76:d9:ee:6a:6f:6e:5a:83:01:26:8c:a0:
1c:72:b0:c8:fa:30:e8:ad:00:c9:20:3b:b4:70:0a:56:b1:19:
60:03:94:62:a8:c5:1d:0f:18:35:f2:90:87:43:2d:b0:98:c5:
e0:2e:8b:c2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAw
NDU0MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1OUVDRDhCNUYwOTk5
QjUxQjdCMDQ3QTVCQkM2MjQ3OUVENDg2OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0IUsDX/MiwU0HAKVCP7ma70WnRIedZ1zHD4Attx6eQVvccU8g
hsnXSWVDQACpCw0Z0LjRxWvSBa+Tvmtx/uej8IE/7ZUNYwv5spALbMb6tE0zrLii
xLWp344fg6aHCOMYzWEkBYs4XmxK6cwu51xLVFT2s5giplhyMqsBRVisw93zlvDK
4v28dBeUZd+hmsJrzDA3SY2Bocv2qzyfvY/G42IiA4NADX9fWeSma+dOU9EzRmA5
xQbZHzSBvXvcLuIyve2Jvc48zx8hDZtDikm4ABdSfB5CDzkgkZHj7uF+tZ3O6ZuH
QuvzayAMobkv1aBxBETWp6ZbXbgGp8PyjbBvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlZ7Ni18JmbUbewR6W7xiR57UhpowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2xaN05pMThKbWJVYmV3
UjZXN3hpUjU3VWhwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAfMuGvR9j79MrXtYkCMfvY6+NCAXhVICh
F8UNaCu01/Yxdi607Eeh3YB+oQaSf8NCyKE79rX8On5hASsSpXOu1gTcV1gTtbBd
zcbfBOUu62T7zVkxGIKgcN8ycHFM6AAhyw5/OGnbMg/HGgZpIBon2/n+RZff6WmC
6C6g1MZDm4b3CCc2DUC3Jg6mQcioloxMFsJaD279fuPw72k/mEzu7MZVQE1wSBVU
thTWEfavVCKbe0y5vUMN3Ak9XwTXZMNhVt4wgvvQJylj9E7Xdtnuam9uWoMBJoyg
HHKwyPow6K0AySA7tHAKVrEZYAOUYqjFHQ8YNfKQh0MtsJjF4C6Lwg==
-----END CERTIFICATE-----
Generated at Sat Apr 20 06:35:52 2024 by rpki-client on console-ams.rpki-client.org