Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/oxTZhRG93ac0gMuwtaWBajTBcqE.roa
File: oxTZhRG93ac0gMuwtaWBajTBcqE.roa (raw, json)
Hash identifier: XQWplU+lwGeXuvjDd/N+t6DWd8BrpBqFWoPeiqTsTbI=
Subject key identifier: A3:14:D9:85:11:BD:DD:A7:34:80:CB:B0:B5:A5:81:6A:34:C1:72:A1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A96
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/oxTZhRG93ac0gMuwtaWBajTBcqE.roa
Signing time: Tue 30 Apr 2024 20:54:00 +0000
ROA not before: Tue 30 Apr 2024 20:54:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6806 (0x1a96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 20:54:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A314D98511BDDDA73480CBB0B5A5816A34C172A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:35:4d:41:0e:4e:aa:80:6f:e6:28:03:f6:80:
57:1f:a6:64:ff:90:e9:3b:35:a5:82:6f:49:f0:f9:
4a:b6:45:24:86:49:61:f2:ff:cf:c8:72:f4:b5:a8:
86:77:a2:e0:c0:a3:1c:8f:f9:59:dd:1d:56:ef:33:
91:98:d4:64:00:e8:99:01:94:5f:3d:32:7d:fd:ff:
dd:c1:62:b5:fd:bb:20:fc:46:c2:73:bc:29:ff:23:
39:5e:dc:3f:54:7d:00:1d:5b:da:87:c9:fd:0d:91:
8d:89:db:59:2f:21:8c:41:e5:21:a0:79:20:77:15:
50:91:c6:bc:2b:ed:47:7b:ae:4d:ef:48:33:45:08:
73:db:a9:e5:bf:26:10:b4:e9:10:03:f8:6a:ec:d5:
77:e1:a5:09:d0:48:68:03:83:61:16:32:29:dc:0b:
85:15:4b:85:92:87:4b:7c:dd:48:37:c7:0a:41:13:
2c:37:c9:20:06:f9:f4:a0:0c:23:c5:bf:e0:a6:cc:
49:3a:b3:70:f5:57:6d:7a:32:72:3d:15:0a:f5:a3:
fe:cf:97:5d:f9:55:35:99:d0:ca:5e:72:21:c0:ed:
f9:2e:c9:f5:e3:ae:2a:fb:be:03:f0:3d:63:68:6a:
9c:34:1e:46:5e:93:9c:de:89:5c:80:1f:e4:93:a1:
8f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:14:D9:85:11:BD:DD:A7:34:80:CB:B0:B5:A5:81:6A:34:C1:72:A1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/oxTZhRG93ac0gMuwtaWBajTBcqE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:1b:e8:2a:ff:62:1d:1d:16:f5:33:e4:47:b8:67:c3:94:44:
a3:06:fb:38:22:ff:98:7e:2c:5b:b9:ff:e7:55:c0:a4:8e:72:
89:e3:f2:75:ef:82:18:86:b3:6b:73:09:9e:ad:26:81:1a:96:
8b:c9:9d:fe:02:ec:bb:16:53:01:25:9a:9c:ff:1a:21:3b:b6:
f4:1e:19:2b:90:ca:30:d6:9a:7d:94:48:f5:30:5a:8e:5d:61:
d6:a4:7e:16:5d:23:0e:29:8e:10:41:cd:2d:5f:2f:fc:a9:b9:
e8:0b:0a:f8:b7:cd:ba:c5:9f:e4:4c:c6:10:1b:35:ae:94:69:
e1:00:7b:cb:5d:8e:b7:3c:bf:9a:10:92:15:0a:ff:78:5f:8e:
01:7a:41:7d:aa:0f:fb:0a:79:f7:c0:73:14:6d:db:7f:4e:c6:
ed:f5:6f:da:a2:90:73:46:76:db:67:02:5e:70:c0:7e:7b:de:
9d:e2:c1:74:78:61:86:ed:25:5f:e2:ee:5a:a6:21:43:2e:58:
ee:49:57:e1:3c:ac:4a:58:c2:89:5c:76:97:bd:80:80:07:42:
7e:75:32:f6:8a:40:ac:eb:e9:29:e3:c6:1a:eb:04:2d:ab:a2:
33:ad:9a:d0:16:62:f0:56:d4:0b:d4:51:18:6c:b3:ca:35:59:
eb:aa:62:13
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAy
MDU0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEzMTREOTg1MTFCRERE
QTczNDgwQ0JCMEI1QTU4MTZBMzRDMTcyQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqNU1BDk6qgG/mKAP2gFcfpmT/kOk7NaWCb0nw+Uq2RSSGSWHy
/8/IcvS1qIZ3ouDAoxyP+VndHVbvM5GY1GQA6JkBlF89Mn39/93BYrX9uyD8RsJz
vCn/Izle3D9UfQAdW9qHyf0NkY2J21kvIYxB5SGgeSB3FVCRxrwr7Ud7rk3vSDNF
CHPbqeW/JhC06RAD+Grs1XfhpQnQSGgDg2EWMincC4UVS4WSh0t83Ug3xwpBEyw3
ySAG+fSgDCPFv+CmzEk6s3D1V216MnI9FQr1o/7Pl135VTWZ0MpeciHA7fkuyfXj
rir7vgPwPWNoapw0HkZek5zeiVyAH+SToY8jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUoxTZhRG93ac0gMuwtaWBajTBcqEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL294VFpoUkc5M2FjMGdN
dXd0YVdCYWpUQmNxRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAYhvoKv9iHR0W9TPkR7hnw5REowb7OCL/
mH4sW7n/51XApI5yiePyde+CGIaza3MJnq0mgRqWi8md/gLsuxZTASWanP8aITu2
9B4ZK5DKMNaafZRI9TBajl1h1qR+Fl0jDimOEEHNLV8v/Km56AsK+LfNusWf5EzG
EBs1rpRp4QB7y12Otzy/mhCSFQr/eF+OAXpBfaoP+wp598BzFG3bf07G7fVv2qKQ
c0Z222cCXnDAfnveneLBdHhhhu0lX+LuWqYhQy5Y7klX4TysSljCiVx2l72AgAdC
fnUy9opArOvpKePGGusELauiM62a0BZi8FbUC9RRGGyzyjVZ66piEw==
-----END CERTIFICATE-----
Generated at Tue Apr 30 23:03:43 2024 by rpki-client on console-fra.rpki-client.org