Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/pEtBaPL4lKDt8szbTccIl92crEk.roa
File: pEtBaPL4lKDt8szbTccIl92crEk.roa (raw, json)
Hash identifier: tCFoZqvAP/zUVhMlhCB61TDN6h1C6nnp3kP+hGfkMD4=
Subject key identifier: A4:4B:41:68:F2:F8:94:A0:ED:F2:CC:DB:4D:C7:08:97:DD:9C:AC:49
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BF4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/pEtBaPL4lKDt8szbTccIl92crEk.roa
Signing time: Sat 04 May 2024 12:24:16 +0000
ROA not before: Sat 04 May 2024 12:24:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7156 (0x1bf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 12:24:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A44B4168F2F894A0EDF2CCDB4DC70897DD9CAC49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:73:fe:44:e4:e2:27:8a:a9:ee:d3:db:b7:ae:
4c:9c:a1:83:1b:f8:06:26:42:b4:4f:69:6e:b9:04:
67:e3:c2:f0:39:1a:17:6c:d0:bf:02:ce:2d:84:f1:
96:25:db:62:a9:c0:2e:9a:6c:e8:fa:0e:cc:1d:6f:
1c:41:40:0f:ad:88:12:d6:26:99:86:82:29:79:94:
26:4b:1d:90:e2:89:74:2f:24:71:65:24:7c:3a:1f:
61:5a:ab:d3:92:cf:39:d1:df:30:a4:3f:d7:01:48:
5a:b0:1c:7f:f6:0f:1e:92:34:c1:a5:00:f5:a7:de:
7b:b5:6a:22:f4:29:75:cb:54:63:9e:46:2e:d9:af:
61:36:df:c3:63:d9:f0:e6:b7:92:75:23:65:98:e8:
c7:5a:4c:01:d7:84:ae:e9:c7:f7:77:58:24:89:f6:
86:22:99:ba:9f:9e:37:98:e5:33:c6:60:f0:bd:03:
f9:7d:fe:99:4b:be:af:e0:30:4d:3d:ea:ce:e1:06:
1b:1a:1d:3f:25:dc:cf:49:bc:28:8c:34:37:01:70:
b0:7c:43:92:e2:f4:dd:46:3a:a2:0f:21:66:ae:8e:
f5:a0:28:89:9a:3f:3d:0d:e4:3d:f6:ad:6f:07:1f:
54:10:b4:39:ba:25:bf:70:c6:b2:3b:08:f7:cc:9f:
2f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4B:41:68:F2:F8:94:A0:ED:F2:CC:DB:4D:C7:08:97:DD:9C:AC:49
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/pEtBaPL4lKDt8szbTccIl92crEk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:8f:3c:10:cb:6a:2a:a7:22:33:01:02:43:f2:68:d1:71:c8:
99:9f:c4:c7:f7:f9:f9:8a:e3:c0:d7:67:5f:e2:f1:98:b4:9e:
38:f0:4a:40:8a:58:10:90:10:2f:2d:58:2b:d6:48:4c:2e:97:
e4:57:8b:14:81:95:bf:38:3b:c0:d5:4d:b7:6f:84:8a:b6:64:
48:99:f7:ad:c0:f8:e8:c2:ac:0c:a4:f0:0e:27:c5:b0:be:31:
50:84:84:97:05:81:79:bd:b6:ba:d4:fc:e8:e5:24:e0:ed:3f:
0b:04:1e:74:ac:68:3b:8b:06:a7:05:9b:14:85:09:62:7c:ed:
24:80:4c:58:f5:91:54:ab:d1:e0:be:67:e7:8d:45:c2:0d:81:
ea:b1:20:48:2c:17:8f:47:e8:17:75:fa:7f:5a:8f:b5:d9:39:
23:19:f7:e4:6b:2d:9f:d0:42:fb:47:53:d5:60:9f:a8:2f:66:
46:6c:31:bd:be:f5:c3:c0:bd:3d:b4:11:e2:21:57:ee:c4:6e:
ea:59:bb:e8:fe:87:a7:0b:fc:e3:de:6d:cc:dd:93:e1:3f:ba:
8a:d3:08:1f:6b:b1:c0:2b:e3:95:c0:7b:73:a8:7e:3f:fc:91:
53:d2:60:a5:91:b6:1a:be:f5:ab:ed:ee:31:67:98:74:d6:7b:
4c:7a:e5:30
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQx
MjI0MTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE0NEI0MTY4RjJGODk0
QTBFREYyQ0NEQjREQzcwODk3REQ5Q0FDNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWc/5E5OIniqnu09u3rkycoYMb+AYmQrRPaW65BGfjwvA5Ghds
0L8Czi2E8ZYl22KpwC6abOj6DswdbxxBQA+tiBLWJpmGgil5lCZLHZDiiXQvJHFl
JHw6H2Faq9OSzznR3zCkP9cBSFqwHH/2Dx6SNMGlAPWn3nu1aiL0KXXLVGOeRi7Z
r2E238Nj2fDmt5J1I2WY6MdaTAHXhK7px/d3WCSJ9oYimbqfnjeY5TPGYPC9A/l9
/plLvq/gME096s7hBhsaHT8l3M9JvCiMNDcBcLB8Q5Li9N1GOqIPIWaujvWgKIma
Pz0N5D32rW8HH1QQtDm6Jb9wxrI7CPfMny8LAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpEtBaPL4lKDt8szbTccIl92crEkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3BFdEJhUEw0bEtEdDhz
emJUY2NJbDkyY3JFay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEANo88EMtqKqciMwECQ/Jo0XHImZ/Ex/f5
+YrjwNdnX+LxmLSeOPBKQIpYEJAQLy1YK9ZITC6X5FeLFIGVvzg7wNVNt2+EirZk
SJn3rcD46MKsDKTwDifFsL4xUISElwWBeb22utT86OUk4O0/CwQedKxoO4sGpwWb
FIUJYnztJIBMWPWRVKvR4L5n541Fwg2B6rEgSCwXj0foF3X6f1qPtdk5Ixn35Gst
n9BC+0dT1WCfqC9mRmwxvb71w8C9PbQR4iFX7sRu6lm76P6Hpwv8495tzN2T4T+6
itMIH2uxwCvjlcB7c6h+P/yRU9JgpZG2Gr71q+3uMWeYdNZ7THrlMA==
-----END CERTIFICATE-----
Generated at Sat May 4 14:04:18 2024 by rpki-client on console-fra.rpki-client.org