Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/pxXTKR3W-d9jcOgXy5fjkvJ43Hc.roa
File: pxXTKR3W-d9jcOgXy5fjkvJ43Hc.roa (raw, json)
Hash identifier: lleZjug4igWRiO93n429U6OYQDKiDPYHCpBIjNO9g3o=
Subject key identifier: A7:15:D3:29:1D:D6:F9:DF:63:70:E8:17:CB:97:E3:92:F2:78:DC:77
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 19D4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/pxXTKR3W-d9jcOgXy5fjkvJ43Hc.roa
Signing time: Sun 28 Apr 2024 20:23:54 +0000
ROA not before: Sun 28 Apr 2024 20:23:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6612 (0x19d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 28 20:23:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A715D3291DD6F9DF6370E817CB97E392F278DC77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:2d:2d:15:52:da:6c:aa:f7:a2:cc:f1:b7:
b5:2b:01:4f:dc:5f:b4:6b:88:6b:88:38:62:9b:60:
35:c3:a4:cc:80:e0:fe:6b:9e:77:5d:64:95:6d:01:
c2:1f:ae:a9:b4:a0:96:78:f7:10:d1:50:85:04:db:
18:43:14:3f:81:2e:fd:ea:d8:b9:4a:38:77:c7:67:
bf:07:b1:70:3b:32:93:6d:40:18:b7:23:a9:9c:81:
27:57:88:29:ed:8c:6f:17:b7:8a:f8:04:7b:f7:19:
3e:8c:8e:9d:ce:79:43:80:21:1a:eb:20:80:e6:c9:
4d:87:c1:74:d5:69:d7:18:55:46:08:e1:73:d2:83:
cd:ce:a3:6e:a7:c6:03:49:6c:e8:80:d6:85:c8:1c:
90:0a:fb:98:d3:e7:13:f0:78:b9:89:cc:4f:b1:dd:
09:ef:5c:f4:9e:24:cd:fe:d0:89:d7:1e:08:3c:b4:
4a:a2:6c:20:31:72:7a:c7:12:9f:a9:34:22:d1:ac:
d7:c0:13:94:56:76:71:9d:59:6b:b4:60:84:30:2f:
ee:91:28:fb:0f:e7:ac:b5:b2:16:1b:67:cc:6a:84:
7c:5c:49:d3:e1:45:b4:97:23:83:cf:3c:fe:44:64:
17:a3:db:34:47:30:59:70:52:7f:ec:bb:6b:6b:ab:
01:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:15:D3:29:1D:D6:F9:DF:63:70:E8:17:CB:97:E3:92:F2:78:DC:77
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/pxXTKR3W-d9jcOgXy5fjkvJ43Hc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:77:88:b7:17:0a:af:87:fb:1d:8b:8a:ff:98:b3:b2:10:e9:
bb:05:3e:7e:a0:e6:4d:4e:f0:39:b0:4a:e0:15:8e:0f:d5:03:
af:bb:8b:07:e2:a1:c2:88:bd:bf:a4:a0:10:fa:d1:0a:bf:d1:
76:f9:1c:d3:06:86:af:a1:32:e6:dd:82:82:20:a8:17:59:9f:
c1:48:e8:f8:80:b6:95:31:a9:50:7e:a5:6d:e4:02:3b:38:7a:
34:96:91:a5:e1:da:85:e6:c8:31:e8:0a:37:c6:d3:d3:4c:1e:
16:a5:b5:45:d8:56:a4:5e:ed:9f:d8:ef:8d:e9:f1:fa:06:90:
7a:f0:7d:7d:2a:5f:01:b3:2f:4c:4a:f5:f4:f7:b4:1e:8b:16:
5e:e0:0b:fa:d4:b0:c5:76:d7:4b:08:a2:2b:fd:4e:6a:99:0b:
30:4c:d0:46:32:28:81:db:2f:48:3a:39:bf:2e:2b:62:b0:18:
10:07:de:c4:13:2c:d9:57:d8:6c:13:f1:47:ef:42:bd:8f:56:
60:2d:89:63:0f:9f:a4:db:e5:dd:f7:fb:fc:1d:e2:dc:e8:c9:
31:fe:a5:f7:1a:e5:46:c7:d3:68:65:ff:0b:cc:05:48:4a:a4:
97:9d:a9:40:6f:3d:ba:5a:d1:74:6e:0f:7f:c8:40:aa:63:45:
b9:28:2e:50
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGdQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjgy
MDIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE3MTVEMzI5MURENkY5
REY2MzcwRTgxN0NCOTdFMzkyRjI3OERDNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBpy0tFVLabKr3oszxt7UrAU/cX7RriGuIOGKbYDXDpMyA4P5r
nnddZJVtAcIfrqm0oJZ49xDRUIUE2xhDFD+BLv3q2LlKOHfHZ78HsXA7MpNtQBi3
I6mcgSdXiCntjG8Xt4r4BHv3GT6Mjp3OeUOAIRrrIIDmyU2HwXTVadcYVUYI4XPS
g83Oo26nxgNJbOiA1oXIHJAK+5jT5xPweLmJzE+x3QnvXPSeJM3+0InXHgg8tEqi
bCAxcnrHEp+pNCLRrNfAE5RWdnGdWWu0YIQwL+6RKPsP56y1shYbZ8xqhHxcSdPh
RbSXI4PPPP5EZBej2zRHMFlwUn/su2trqwHfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpxXTKR3W+d9jcOgXy5fjkvJ43HcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3B4WFRLUjNXLWQ5amNP
Z1h5NWZqa3ZKNDNIYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKHeItxcKr4f7HYuK/5izshDpuwU+fqDm
TU7wObBK4BWOD9UDr7uLB+Khwoi9v6SgEPrRCr/Rdvkc0waGr6Ey5t2CgiCoF1mf
wUjo+IC2lTGpUH6lbeQCOzh6NJaRpeHahebIMegKN8bT00weFqW1RdhWpF7tn9jv
jenx+gaQevB9fSpfAbMvTEr19Pe0HosWXuAL+tSwxXbXSwiiK/1OapkLMEzQRjIo
gdsvSDo5vy4rYrAYEAfexBMs2VfYbBPxR+9CvY9WYC2JYw+fpNvl3ff7/B3i3OjJ
Mf6l9xrlRsfTaGX/C8wFSEqkl52pQG89ulrRdG4Pf8hAqmNFuSguUA==
-----END CERTIFICATE-----
Generated at Sun Apr 28 21:21:26 2024 by rpki-client on console-fra.rpki-client.org