Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/r9wqWhMy1slAMfzlxK3w_mluUjs.roa
File: r9wqWhMy1slAMfzlxK3w_mluUjs.roa (raw, json)
Hash identifier: 9b2c986biEUaZVNOxURVIqwFJB3hucyBx67lcw94ZWk=
Subject key identifier: AF:DC:2A:5A:13:32:D6:C9:40:31:FC:E5:C4:AD:F0:FE:69:6E:52:3B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 169A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/r9wqWhMy1slAMfzlxK3w_mluUjs.roa
Signing time: Sat 20 Apr 2024 05:53:31 +0000
ROA not before: Sat 20 Apr 2024 05:53:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5786 (0x169a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 05:53:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AFDC2A5A1332D6C94031FCE5C4ADF0FE696E523B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d9:88:0d:df:32:3a:1f:ae:8f:f6:e8:8b:86:
97:aa:f8:02:50:78:09:52:ae:5c:03:19:75:5c:ec:
c0:b4:60:6f:19:83:6d:43:c3:04:3c:b0:b8:2c:23:
92:c1:ea:97:99:28:ae:b0:b0:34:cf:2c:2b:00:0e:
46:79:b8:a9:6a:03:9d:04:b6:ef:22:b5:23:4e:fb:
97:2d:79:e1:64:21:6f:7b:e1:80:1d:5a:47:0d:85:
fb:fc:ba:bd:1f:7b:28:9f:3b:6d:8f:5d:64:ab:3b:
34:a4:77:86:89:af:70:2f:d8:99:47:4b:ca:bb:2e:
fc:48:05:f9:cb:5d:40:f2:1b:b3:2f:9d:6a:38:d4:
76:d2:3d:f9:e6:83:d4:c5:10:5e:99:e3:11:92:90:
a2:10:fe:e7:62:fb:bc:6b:bc:20:1b:36:21:25:45:
fc:60:61:c0:82:a4:6c:dd:dc:07:c5:0e:a0:c6:fc:
0c:94:be:ed:23:2c:e9:fc:b1:5b:e4:57:95:f5:8c:
3d:60:eb:7d:d2:ff:e7:6d:bc:bd:b5:77:06:3f:cf:
a8:6f:05:43:18:83:ea:2c:b6:bd:88:66:f5:92:69:
e3:d8:e5:cf:02:89:88:5f:e6:a3:6b:8c:e0:9e:4c:
a1:44:c0:25:d2:d8:67:45:8f:8c:19:68:6c:76:8a:
63:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DC:2A:5A:13:32:D6:C9:40:31:FC:E5:C4:AD:F0:FE:69:6E:52:3B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/r9wqWhMy1slAMfzlxK3w_mluUjs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d0:1b:7f:ea:77:c9:da:fe:92:f9:3a:4b:ea:8a:24:9a:0d:3d:
48:22:95:be:f3:26:03:d6:08:2c:9a:da:ed:9f:86:1a:86:79:
71:13:cd:32:78:1f:ab:d4:9a:2e:a4:03:b4:7b:ba:93:c8:2d:
03:79:bf:bb:81:32:c1:a9:9e:cd:07:49:bb:0f:70:62:06:aa:
ea:36:89:32:f9:ee:58:47:fc:49:72:25:21:cf:07:c7:85:21:
ef:4b:73:ed:cd:c6:d3:71:88:35:8c:ab:3f:70:1d:97:75:cd:
5d:72:43:51:7f:9b:69:98:75:30:c7:31:57:b0:9c:97:5c:0a:
8f:5e:e9:9e:89:51:90:37:53:22:72:fe:0a:da:54:63:12:c1:
9a:6c:f6:18:2c:ce:bb:96:80:d5:f3:71:c4:0c:34:5f:d4:66:
7a:02:8b:5e:cc:ee:a1:38:61:76:98:6c:c7:e9:bb:9a:91:5e:
71:8c:34:7f:17:72:81:32:2e:f9:35:87:e5:32:27:58:90:63:
39:9a:69:2e:6d:78:51:d7:5c:9b:cf:bc:de:a7:4f:c3:ad:98:
34:f5:12:31:4e:9f:0d:a0:f1:eb:a6:37:71:e2:8e:82:d6:2f:
bc:7d:57:84:61:1d:af:8d:7f:65:ea:e2:ef:e4:23:d5:ca:f4:
48:f2:19:2b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAw
NTUzMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGREMyQTVBMTMzMkQ2
Qzk0MDMxRkNFNUM0QURGMEZFNjk2RTUyM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU2YgN3zI6H66P9uiLhpeq+AJQeAlSrlwDGXVc7MC0YG8Zg21D
wwQ8sLgsI5LB6peZKK6wsDTPLCsADkZ5uKlqA50Etu8itSNO+5cteeFkIW974YAd
WkcNhfv8ur0feyifO22PXWSrOzSkd4aJr3Av2JlHS8q7LvxIBfnLXUDyG7MvnWo4
1HbSPfnmg9TFEF6Z4xGSkKIQ/udi+7xrvCAbNiElRfxgYcCCpGzd3AfFDqDG/AyU
vu0jLOn8sVvkV5X1jD1g633S/+dtvL21dwY/z6hvBUMYg+ostr2IZvWSaePY5c8C
iYhf5qNrjOCeTKFEwCXS2GdFj4wZaGx2imN5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUr9wqWhMy1slAMfzlxK3w/mluUjswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3I5d3FXaE15MXNsQU1m
emx4SzN3X21sdVVqcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA0Bt/6nfJ2v6S+TpL6ookmg09SCKVvvMm
A9YILJra7Z+GGoZ5cRPNMngfq9SaLqQDtHu6k8gtA3m/u4EywamezQdJuw9wYgaq
6jaJMvnuWEf8SXIlIc8Hx4Uh70tz7c3G03GINYyrP3Adl3XNXXJDUX+baZh1MMcx
V7Ccl1wKj17pnolRkDdTInL+CtpUYxLBmmz2GCzOu5aA1fNxxAw0X9RmegKLXszu
oThhdphsx+m7mpFecYw0fxdygTIu+TWH5TInWJBjOZppLm14Uddcm8+83qdPw62Y
NPUSMU6fDaDx66Y3ceKOgtYvvH1XhGEdr41/Zeri7+Qj1cr0SPIZKw==
-----END CERTIFICATE-----
Generated at Sat Apr 20 06:52:42 2024 by rpki-client on console-fra.rpki-client.org