Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/oPD5Jnx3H6WcIdwc1CEkem00HKM.roa
File: oPD5Jnx3H6WcIdwc1CEkem00HKM.roa (raw, json)
Hash identifier: lKBzgSSTCZehaojUHXRvgc+9FgE95BFfRm68RhTF/i4=
Subject key identifier: A0:F0:F9:26:7C:77:1F:A5:9C:21:DC:1C:D4:21:24:7A:6D:34:1C:A3
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 126E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/oPD5Jnx3H6WcIdwc1CEkem00HKM.roa
Signing time: Tue 09 Apr 2024 02:53:17 +0000
ROA not before: Tue 09 Apr 2024 02:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4718 (0x126e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 9 02:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A0F0F9267C771FA59C21DC1CD421247A6D341CA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b6:17:9d:b6:7d:3c:bb:4a:c3:18:c8:56:e4:
38:11:6d:8b:fa:a5:81:ff:b6:f0:4a:02:62:b5:4c:
6a:cf:3e:9b:86:37:e2:e9:ce:fd:4d:ea:a0:80:95:
ba:83:84:33:7e:27:9d:43:75:27:98:38:9e:cc:dd:
78:27:4a:d3:31:16:3f:8b:46:7c:63:c7:63:c6:00:
fe:72:3c:10:27:39:d9:3f:f5:29:89:67:6d:e0:68:
f1:44:9f:ca:17:2d:15:c2:51:32:c6:88:a5:32:22:
66:39:c4:cc:52:c5:c0:72:08:84:cd:49:25:3d:d8:
37:87:a3:af:2e:66:46:b9:cc:1d:b5:90:ce:0f:62:
19:83:73:25:21:fb:90:69:a3:e6:c1:36:b9:c7:71:
17:25:aa:af:f3:94:19:2b:9a:40:6e:ec:37:f9:dc:
9f:a9:33:3b:8c:00:d8:3d:26:93:67:4d:53:94:3e:
53:91:e3:2b:c6:29:63:7d:df:ec:d7:5e:9c:57:f2:
55:9b:44:51:15:b0:fb:4e:20:09:ec:97:d2:fe:de:
0e:85:79:4e:bf:16:3f:03:cd:87:d0:25:16:64:0a:
46:19:c1:5b:77:fd:14:6e:17:03:91:ca:7c:82:59:
e3:65:dd:ec:1b:a7:6d:95:bc:e2:99:b5:0f:6e:94:
4e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F0:F9:26:7C:77:1F:A5:9C:21:DC:1C:D4:21:24:7A:6D:34:1C:A3
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/oPD5Jnx3H6WcIdwc1CEkem00HKM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:2c:a7:a7:96:3b:8a:43:f4:28:cd:34:f5:ac:2f:51:ee:16:
6a:cf:30:d0:95:53:e0:d1:a0:71:91:66:44:1d:8f:aa:6d:0c:
48:aa:29:30:56:31:21:69:2b:a8:d2:a3:5b:1c:f6:1a:13:6f:
1a:f8:8c:17:f0:14:81:b8:dd:e8:3b:1e:91:21:6f:37:21:30:
d0:7a:66:77:ba:f9:1a:4f:8c:ab:df:cd:ff:5f:b3:7e:e4:ac:
c3:7e:7d:1e:6d:90:6b:56:89:20:c7:fe:53:a5:e2:a7:9c:58:
f0:d2:3d:96:4c:82:74:30:be:4a:b0:f2:6b:a5:82:62:f0:93:
61:b3:c7:a9:96:cc:37:8b:01:aa:d2:60:7e:0f:03:bf:f6:fa:
27:63:23:82:e5:9f:be:a6:82:b8:2c:c5:cb:49:b5:04:8d:86:
dc:5e:59:f4:40:99:b8:68:2d:88:43:de:8e:25:eb:e0:a8:89:
6d:89:90:9d:5d:e0:24:60:6a:3e:a6:8a:77:0a:f4:a3:c4:d9:
59:5f:fa:d3:68:e7:45:17:18:2f:ab:bf:00:e7:aa:be:6a:89:
c3:60:91:bf:a9:02:9e:e5:23:c6:6a:c1:f2:f0:4d:b1:e1:af:
31:c0:dd:f2:c6:33:92:43:5d:6e:b1:3a:cf:67:f6:1a:6e:4a:
73:77:c8:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDkw
MjUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwRjBGOTI2N0M3NzFG
QTU5QzIxREMxQ0Q0MjEyNDdBNkQzNDFDQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+thedtn08u0rDGMhW5DgRbYv6pYH/tvBKAmK1TGrPPpuGN+Lp
zv1N6qCAlbqDhDN+J51DdSeYOJ7M3XgnStMxFj+LRnxjx2PGAP5yPBAnOdk/9SmJ
Z23gaPFEn8oXLRXCUTLGiKUyImY5xMxSxcByCITNSSU92DeHo68uZka5zB21kM4P
YhmDcyUh+5Bpo+bBNrnHcRclqq/zlBkrmkBu7Df53J+pMzuMANg9JpNnTVOUPlOR
4yvGKWN93+zXXpxX8lWbRFEVsPtOIAnsl9L+3g6FeU6/Fj8DzYfQJRZkCkYZwVt3
/RRuFwORynyCWeNl3ewbp22VvOKZtQ9ulE6fAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUoPD5Jnx3H6WcIdwc1CEkem00HKMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL29QRDVKbngzSDZXY0lk
d2MxQ0VrZW0wMEhLTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXCynp5Y7ikP0KM009awvUe4Was8w0JVT
4NGgcZFmRB2Pqm0MSKopMFYxIWkrqNKjWxz2GhNvGviMF/AUgbjd6DsekSFvNyEw
0Hpmd7r5Gk+Mq9/N/1+zfuSsw359Hm2Qa1aJIMf+U6Xip5xY8NI9lkyCdDC+SrDy
a6WCYvCTYbPHqZbMN4sBqtJgfg8Dv/b6J2MjguWfvqaCuCzFy0m1BI2G3F5Z9ECZ
uGgtiEPejiXr4KiJbYmQnV3gJGBqPqaKdwr0o8TZWV/602jnRRcYL6u/AOeqvmqJ
w2CRv6kCnuUjxmrB8vBNseGvMcDd8sYzkkNdbrE6z2f2Gm5Kc3fIdg==
-----END CERTIFICATE-----
Generated at Tue Apr 9 03:58:32 2024 by rpki-client on console-fra.rpki-client.org