Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/m1AlFsO-I-6CGKGg28nRM3vAsBM.roa
File: m1AlFsO-I-6CGKGg28nRM3vAsBM.roa (raw, json)
Hash identifier: Af68oNiXtIC+yi2pIK8uBUB90/ZgnTtF4USPF0+VqPc=
Subject key identifier: 9B:50:25:16:C3:BE:23:EE:82:18:A1:A0:DB:C9:D1:33:7B:C0:B0:13
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 18B2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/m1AlFsO-I-6CGKGg28nRM3vAsBM.roa
Signing time: Thu 25 Apr 2024 19:53:44 +0000
ROA not before: Thu 25 Apr 2024 19:53:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6322 (0x18b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 25 19:53:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9B502516C3BE23EE8218A1A0DBC9D1337BC0B013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1f:3e:7c:8c:7d:a6:b9:aa:53:1f:67:15:ef:
69:27:10:56:1b:6b:4b:14:6a:62:97:22:eb:f5:69:
be:ef:15:c2:0f:65:dd:20:58:ee:05:45:2a:e8:c9:
7a:7c:61:70:04:93:6c:bc:5f:93:44:65:df:fc:e1:
db:aa:81:1a:22:d2:41:49:81:e4:74:18:01:be:27:
c8:0a:bf:48:47:cb:8c:ce:38:78:10:95:be:43:12:
f9:11:e2:fe:71:5e:a4:9b:c3:c8:b3:c4:15:48:99:
5f:ec:7e:7b:1c:f6:a2:f6:46:75:9d:e3:4f:ed:31:
3f:fd:93:2e:c5:04:94:0d:2f:10:3b:e1:39:78:51:
9a:a2:09:1e:30:8c:fe:e3:a8:dd:1e:de:7f:eb:a0:
96:9d:1f:da:b8:b6:39:33:c7:a3:c3:aa:71:e5:5a:
1f:bc:2a:4d:ba:d9:cb:33:91:73:90:93:a7:de:05:
36:8c:6e:ac:48:50:a0:4c:ba:27:cf:1a:fb:4b:09:
26:fb:56:f3:79:10:f4:f8:7a:22:80:3a:a3:c3:29:
50:a5:f8:ad:c2:9e:cf:b9:4e:2e:6a:c7:83:13:41:
6f:fa:70:bd:87:51:75:1e:aa:c2:13:f6:76:a0:79:
d2:a0:20:bb:3d:5f:58:7e:7e:e9:02:78:90:32:eb:
1c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:50:25:16:C3:BE:23:EE:82:18:A1:A0:DB:C9:D1:33:7B:C0:B0:13
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/m1AlFsO-I-6CGKGg28nRM3vAsBM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:93:81:bd:41:a2:3a:60:58:ce:3c:f0:bb:5c:5f:4f:42:f5:
70:16:a2:82:3a:a7:d9:15:39:0d:b7:26:e5:25:93:37:dd:26:
e1:b7:a4:f7:eb:1e:cc:a5:b5:10:fc:d6:98:aa:f9:27:dd:9a:
bf:e9:b3:d3:dd:23:cc:bb:41:e1:11:33:ce:e9:83:a1:6a:55:
d3:d8:85:5a:29:cd:00:32:e8:e5:36:48:52:08:c1:72:0c:1c:
54:47:29:4a:64:86:1e:cc:4d:ad:23:7f:b2:0b:c3:86:a9:a6:
7f:c5:fd:91:7f:d8:23:e9:b9:38:01:6c:35:52:eb:81:54:24:
0a:48:92:79:23:58:7b:3c:74:c6:54:7e:95:45:e9:3f:ea:77:
32:5d:5c:ec:8d:39:25:c9:14:84:ab:40:72:6a:ff:8d:46:0c:
73:da:3e:a9:e4:d8:95:b9:68:88:e2:01:55:8e:ef:58:8b:a5:
c3:dc:5f:f8:56:e3:61:7a:09:d0:b1:93:fc:7f:ad:7c:39:d6:
e2:9e:c3:a9:d9:09:43:7e:b8:df:ac:3e:2d:28:be:49:63:21:
bb:a7:65:97:eb:d7:b7:f5:8e:a0:d2:9a:50:9e:55:ff:a6:45:
2a:88:43:59:55:09:8a:bc:c8:4f:22:72:fb:db:77:f1:69:ba:
54:d8:fc:78
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjUx
OTUzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlCNTAyNTE2QzNCRTIz
RUU4MjE4QTFBMERCQzlEMTMzN0JDMEIwMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIHz58jH2muapTH2cV72knEFYba0sUamKXIuv1ab7vFcIPZd0g
WO4FRSroyXp8YXAEk2y8X5NEZd/84duqgRoi0kFJgeR0GAG+J8gKv0hHy4zOOHgQ
lb5DEvkR4v5xXqSbw8izxBVImV/sfnsc9qL2RnWd40/tMT/9ky7FBJQNLxA74Tl4
UZqiCR4wjP7jqN0e3n/roJadH9q4tjkzx6PDqnHlWh+8Kk262cszkXOQk6feBTaM
bqxIUKBMuifPGvtLCSb7VvN5EPT4eiKAOqPDKVCl+K3Cns+5Ti5qx4MTQW/6cL2H
UXUeqsIT9nagedKgILs9X1h+fukCeJAy6xzHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUm1AlFsO+I+6CGKGg28nRM3vAsBMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL20xQWxGc08tSS02Q0dL
R2cyOG5STTN2QXNCTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAFJOBvUGiOmBYzjzwu1xfT0L1cBaigjqn
2RU5Dbcm5SWTN90m4bek9+sezKW1EPzWmKr5J92av+mz090jzLtB4REzzumDoWpV
09iFWinNADLo5TZIUgjBcgwcVEcpSmSGHsxNrSN/sgvDhqmmf8X9kX/YI+m5OAFs
NVLrgVQkCkiSeSNYezx0xlR+lUXpP+p3Ml1c7I05JckUhKtAcmr/jUYMc9o+qeTY
lbloiOIBVY7vWIulw9xf+FbjYXoJ0LGT/H+tfDnW4p7DqdkJQ36436w+LSi+SWMh
u6dll+vXt/WOoNKaUJ5V/6ZFKohDWVUJirzITyJy+9t38Wm6VNj8eA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 20:39:32 2024 by rpki-client on console-fra.rpki-client.org