Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ntVMu3Zx-0Mpt8Hdf6k7upPcIIA.roa
File: ntVMu3Zx-0Mpt8Hdf6k7upPcIIA.roa (raw, json)
Hash identifier: tMHh8XJLGp4yS4zDxGWo1+SU7jJXpbSCJwGV+6uitcQ=
Subject key identifier: 9E:D5:4C:BB:76:71:FB:43:29:B7:C1:DD:7F:A9:3B:BA:93:DC:20:80
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16DC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ntVMu3Zx-0Mpt8Hdf6k7upPcIIA.roa
Signing time: Sat 20 Apr 2024 22:23:30 +0000
ROA not before: Sat 20 Apr 2024 22:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5852 (0x16dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 22:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9ED54CBB7671FB4329B7C1DD7FA93BBA93DC2080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ff:ac:80:4c:1a:a7:63:84:18:e3:f1:23:d9:
ff:7f:b6:56:d9:19:e5:b1:2d:ee:fd:3e:dc:6d:83:
c3:0d:1c:b7:a9:7e:e4:af:ad:29:19:57:c8:29:10:
24:6c:ac:83:b8:c5:d3:9d:04:88:76:11:fb:36:39:
2e:3c:6b:0f:db:a7:70:1b:f3:a1:a8:67:00:93:d0:
e7:5c:b1:7f:e0:1e:05:11:18:fa:51:c7:f1:6b:03:
58:77:2b:5d:f9:52:2f:6d:72:04:ec:1c:39:3d:13:
58:2c:3b:27:73:fd:b1:e5:35:d0:11:60:07:61:7b:
c4:b3:ef:88:57:9b:c1:73:68:2e:0c:e1:05:e3:7f:
17:b4:ca:4a:86:86:4e:b2:4c:cb:71:12:91:4f:d9:
0c:bb:42:56:8d:c2:89:ff:6d:2e:4a:93:2d:24:7c:
58:dc:6e:e8:f5:dc:3d:65:90:11:ea:2b:08:ac:36:
3a:54:26:3e:08:ed:99:1b:17:8e:31:98:67:d0:85:
c6:e7:08:3c:3f:18:64:62:17:1a:72:8b:3d:2e:1b:
02:90:57:90:7a:bc:34:c0:4e:80:91:7a:c4:56:8e:
fa:47:36:da:af:52:2d:8e:d8:6e:0a:2a:67:ab:3e:
5b:fa:64:53:9f:df:c4:0f:c9:0e:65:fe:c8:5a:09:
d3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D5:4C:BB:76:71:FB:43:29:B7:C1:DD:7F:A9:3B:BA:93:DC:20:80
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ntVMu3Zx-0Mpt8Hdf6k7upPcIIA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:6e:80:a6:2d:de:a9:1c:69:14:d4:22:4b:3c:31:f1:96:5b:
4c:e5:20:bc:4f:64:63:f9:a2:12:0e:d4:11:30:90:7e:4e:bf:
53:d1:07:7e:f5:1c:c0:84:b0:aa:97:00:df:a8:68:bc:25:ff:
6f:8b:a7:b9:59:9d:f2:83:81:e7:91:2b:7f:6c:58:ca:65:d3:
6e:d4:a1:ed:64:fe:95:0f:e0:59:d8:e7:78:53:ab:70:4c:75:
a2:69:4d:6e:d0:ff:a5:75:e6:85:3e:9d:a5:d1:c3:c3:b9:77:
34:5f:71:25:f3:57:18:f9:09:4e:f2:f8:43:b6:d8:e6:7e:11:
d1:95:7a:83:95:03:ff:0d:e4:fd:de:8a:03:22:b0:73:a9:67:
10:cd:6b:ab:11:92:a9:1a:9b:83:8c:09:5f:f4:4b:e9:30:8f:
93:5e:79:d7:50:5c:10:f2:1b:54:fc:1e:62:63:6b:9f:61:02:
aa:0d:cf:82:22:35:a6:c7:2d:f9:e1:78:93:dd:b8:e5:76:6d:
4e:f9:18:df:2a:b2:20:87:c9:58:65:d6:de:ee:14:84:f5:80:
f4:a9:de:8a:26:f4:32:f7:d3:02:cc:3c:c1:5e:86:59:dc:cd:
7e:9b:08:8c:24:44:f3:e6:45:74:98:14:51:55:c9:f9:e0:8d:
3d:1d:db:7b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAy
MjIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFRDU0Q0JCNzY3MUZC
NDMyOUI3QzFERDdGQTkzQkJBOTNEQzIwODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4/6yATBqnY4QY4/Ej2f9/tlbZGeWxLe79Ptxtg8MNHLepfuSv
rSkZV8gpECRsrIO4xdOdBIh2Efs2OS48aw/bp3Ab86GoZwCT0OdcsX/gHgURGPpR
x/FrA1h3K135Ui9tcgTsHDk9E1gsOydz/bHlNdARYAdhe8Sz74hXm8FzaC4M4QXj
fxe0ykqGhk6yTMtxEpFP2Qy7QlaNwon/bS5Kky0kfFjcbuj13D1lkBHqKwisNjpU
Jj4I7ZkbF44xmGfQhcbnCDw/GGRiFxpyiz0uGwKQV5B6vDTAToCResRWjvpHNtqv
Ui2O2G4KKmerPlv6ZFOf38QPyQ5l/shaCdNbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUntVMu3Zx+0Mpt8Hdf6k7upPcIIAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL250Vk11M1p4LTBNcHQ4
SGRmNms3dXBQY0lJQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAp26Api3eqRxpFNQiSzwx8ZZbTOUgvE9k
Y/miEg7UETCQfk6/U9EHfvUcwISwqpcA36hovCX/b4unuVmd8oOB55Erf2xYymXT
btSh7WT+lQ/gWdjneFOrcEx1omlNbtD/pXXmhT6dpdHDw7l3NF9xJfNXGPkJTvL4
Q7bY5n4R0ZV6g5UD/w3k/d6KAyKwc6lnEM1rqxGSqRqbg4wJX/RL6TCPk15511Bc
EPIbVPweYmNrn2ECqg3PgiI1psct+eF4k9245XZtTvkY3yqyIIfJWGXW3u4UhPWA
9Kneiib0MvfTAsw8wV6GWdzNfpsIjCRE8+ZFdJgUUVXJ+eCNPR3bew==
-----END CERTIFICATE-----
Generated at Sat Apr 20 23:15:50 2024 by rpki-client on console-ams.rpki-client.org