Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/nsCazs4IVMiuVHK_p591CJYi3sQ.roa
File: nsCazs4IVMiuVHK_p591CJYi3sQ.roa (raw, json)
Hash identifier: U7K71Gf5VtV2Uo1WyNvVAm1+reBf68r+KQrTqvuSGfo=
Subject key identifier: 9E:C0:9A:CE:CE:08:54:C8:AE:54:72:BF:A7:9F:75:08:96:22:DE:C4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1800
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nsCazs4IVMiuVHK_p591CJYi3sQ.roa
Signing time: Tue 23 Apr 2024 23:23:42 +0000
ROA not before: Tue 23 Apr 2024 23:23:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6144 (0x1800)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 23 23:23:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9EC09ACECE0854C8AE5472BFA79F75089622DEC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4b:6a:e3:47:cc:53:9a:c2:0d:60:5e:d4:20:
3a:3e:6f:56:5f:ae:2a:e4:e5:a6:4f:18:b0:10:98:
8a:ae:3f:2f:28:97:54:fa:6c:bb:8e:a6:d9:6d:41:
75:f1:aa:d5:9b:df:a9:6e:b5:81:d0:9c:c7:9e:c1:
f7:bf:b4:24:8a:e2:0b:02:48:dc:45:d2:0a:fb:3a:
65:4e:d9:12:58:7e:07:12:23:db:6a:5b:eb:58:3e:
e3:d3:5b:a2:75:ea:c0:0e:e3:4c:20:68:a2:ab:e6:
15:58:af:01:ca:89:c7:3c:87:e4:17:50:7e:94:a2:
66:2e:a7:4e:c7:28:92:dd:41:ee:97:dd:8d:71:57:
7b:2a:a3:d1:fa:86:c6:d4:8a:72:49:3d:dc:2d:59:
1d:78:b0:bd:95:0d:da:f6:2d:ab:0d:bf:7d:41:41:
64:b6:27:e4:4f:34:8f:2e:f0:44:e9:c2:44:a1:ff:
08:d9:e8:50:f9:0a:fc:aa:d3:ff:62:12:bd:73:dc:
21:47:29:b4:6a:34:4b:a0:a0:a5:00:fe:9a:c4:46:
de:8e:8e:79:51:13:9e:90:a4:bc:bd:b0:67:29:1b:
60:9c:4a:19:48:37:27:f7:ce:3e:d8:8b:e2:f9:2b:
41:ef:00:19:24:b6:52:61:8b:56:39:e8:06:7d:c0:
6e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C0:9A:CE:CE:08:54:C8:AE:54:72:BF:A7:9F:75:08:96:22:DE:C4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nsCazs4IVMiuVHK_p591CJYi3sQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:2e:9f:ae:45:7f:92:f7:ac:66:56:43:16:17:b5:98:d9:55:
f1:7c:74:92:a0:a7:b2:50:cb:15:c3:6a:49:dd:e6:50:7c:02:
f7:6c:f8:6e:2f:1f:bb:b8:3f:5f:08:f8:8c:7e:c9:f4:e5:33:
d4:bd:50:ee:b9:fb:6f:16:53:77:a9:c2:b1:9b:b9:e6:f1:21:
d5:63:c3:67:0c:2c:cb:17:22:95:83:5c:61:8b:55:13:b0:e8:
e8:8f:5d:4c:9c:2a:5e:68:bb:76:5c:1c:92:4d:99:0b:99:31:
0e:43:a3:62:cc:94:bf:cc:42:5d:ea:b8:d9:3c:2d:19:6b:2f:
5e:0e:df:17:fd:be:53:3a:78:f0:be:5b:2a:0d:f0:a9:66:89:
35:62:7c:75:cf:ef:0b:8d:60:3f:1c:a0:4f:67:0a:5e:cc:28:
21:a3:ca:1e:9d:25:11:da:ef:9e:e9:71:75:ab:59:fd:1b:64:
2f:27:8e:9f:cc:d7:5b:02:e6:6a:d1:2d:06:ea:60:d5:cb:7e:
2b:cb:de:f1:fd:ca:e4:06:1a:05:2c:b1:d9:e4:ab:c1:66:ef:
7f:91:f7:b1:00:d3:e3:1d:d8:59:42:bb:41:ff:7e:42:76:21:
b3:c6:bb:14:06:0d:b4:f8:b5:67:9a:8b:13:f3:29:6a:a8:46:
3d:39:a0:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGAAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjMy
MzIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFQzA5QUNFQ0UwODU0
QzhBRTU0NzJCRkE3OUY3NTA4OTYyMkRFQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8S2rjR8xTmsINYF7UIDo+b1Zfrirk5aZPGLAQmIquPy8ol1T6
bLuOptltQXXxqtWb36lutYHQnMeewfe/tCSK4gsCSNxF0gr7OmVO2RJYfgcSI9tq
W+tYPuPTW6J16sAO40wgaKKr5hVYrwHKicc8h+QXUH6UomYup07HKJLdQe6X3Y1x
V3sqo9H6hsbUinJJPdwtWR14sL2VDdr2LasNv31BQWS2J+RPNI8u8ETpwkSh/wjZ
6FD5Cvyq0/9iEr1z3CFHKbRqNEugoKUA/prERt6OjnlRE56QpLy9sGcpG2CcShlI
Nyf3zj7Yi+L5K0HvABkktlJhi1Y56AZ9wG5FAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnsCazs4IVMiuVHK/p591CJYi3sQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL25zQ2F6czRJVk1pdVZI
S19wNTkxQ0pZaTNzUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAlC6frkV/kvesZlZDFhe1mNlV8Xx0kqCn
slDLFcNqSd3mUHwC92z4bi8fu7g/Xwj4jH7J9OUz1L1Q7rn7bxZTd6nCsZu55vEh
1WPDZwwsyxcilYNcYYtVE7Do6I9dTJwqXmi7dlwckk2ZC5kxDkOjYsyUv8xCXeq4
2TwtGWsvXg7fF/2+Uzp48L5bKg3wqWaJNWJ8dc/vC41gPxygT2cKXswoIaPKHp0l
EdrvnulxdatZ/RtkLyeOn8zXWwLmatEtBupg1ct+K8ve8f3K5AYaBSyx2eSrwWbv
f5H3sQDT4x3YWUK7Qf9+QnYhs8a7FAYNtPi1Z5qLE/MpaqhGPTmgFg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 02:19:32 2024 by rpki-client on console-fra.rpki-client.org