Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/rzahENIMWcKIFP9tBy0tYa3z_A8.roa
File: rzahENIMWcKIFP9tBy0tYa3z_A8.roa (raw, json)
Hash identifier: sWISZouZQvqCiRzfKm/ZhRhB7fc3KtAvCB46I+eRimk=
Subject key identifier: AF:36:A1:10:D2:0C:59:C2:88:14:FF:6D:07:2D:2D:61:AD:F3:FC:0F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1146
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rzahENIMWcKIFP9tBy0tYa3z_A8.roa
Signing time: Sat 06 Apr 2024 00:52:48 +0000
ROA not before: Sat 06 Apr 2024 00:52:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4422 (0x1146)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 00:52:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AF36A110D20C59C28814FF6D072D2D61ADF3FC0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:30:c1:d1:d2:7b:cc:a6:b5:0b:a1:1f:92:55:
4d:c4:2e:f4:46:e2:57:00:9c:62:9b:8b:85:d1:bc:
ba:e8:24:4e:5d:76:af:90:23:07:bb:5e:18:a8:47:
1a:f7:ee:5a:f4:4e:91:8e:3b:73:f9:73:37:87:3f:
5d:6e:43:ab:23:a6:08:56:80:b5:90:ac:26:22:7c:
f7:e4:04:70:56:bd:f8:70:83:22:9a:b6:09:1c:ed:
4f:f3:48:0a:13:fa:98:6c:7f:70:ea:38:61:26:94:
21:4c:0c:51:08:fd:37:f0:08:88:c7:ed:c6:8e:27:
26:a1:b0:3f:84:3a:59:3f:9c:ca:d6:90:21:34:1f:
ab:13:0a:ee:8d:aa:5f:9c:36:5b:b1:84:78:ff:51:
a6:2e:eb:2f:11:d3:ef:0e:01:a1:b5:54:57:8f:10:
1a:0b:a7:23:46:81:b3:82:dc:47:74:d1:90:05:59:
23:44:5a:ac:78:71:37:73:0d:6f:01:47:98:f4:5f:
8b:d4:28:73:07:d6:d1:8c:4c:83:9e:89:0f:95:8d:
5f:65:3a:61:c9:e3:aa:58:77:98:13:a3:04:ec:1a:
bb:f5:85:98:0d:03:14:79:52:8e:8f:f8:d4:ca:56:
5f:73:43:cd:d5:f1:4d:c8:00:9d:e7:e5:bd:e6:a4:
0d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:36:A1:10:D2:0C:59:C2:88:14:FF:6D:07:2D:2D:61:AD:F3:FC:0F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rzahENIMWcKIFP9tBy0tYa3z_A8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:6d:7a:00:23:66:a2:84:91:ee:9d:58:50:57:b6:2f:bf:5d:
fd:60:7f:5d:ca:85:65:29:2b:94:ad:5f:3a:9c:80:a7:fe:8e:
ee:da:c0:00:f1:fe:37:b9:cb:ec:f7:e5:c1:65:06:2c:0d:26:
1b:10:e7:3d:93:24:f0:7d:49:66:5c:61:28:6a:c4:75:be:66:
3e:97:91:1c:45:76:3d:97:6b:cc:f0:02:4c:7c:a5:39:dc:fc:
5c:7d:11:f2:2c:cf:fe:6a:6b:35:21:29:b9:8d:c0:62:c5:89:
0a:09:99:24:dc:9e:af:27:a9:13:94:3b:63:47:58:fc:5b:19:
54:e9:e2:f5:4f:87:ce:ba:bf:b4:d6:97:b8:23:c0:ac:9e:f7:
5c:b0:d4:98:b4:84:51:38:ae:3c:35:b8:c2:de:b5:8e:77:f2:
50:04:2c:c3:9d:b5:64:71:09:ff:4f:b5:6f:9f:a4:b7:f7:5b:
c4:e3:eb:d9:d2:df:2d:fc:03:a1:0f:0a:d0:5e:8e:7f:28:ad:
d1:19:96:fe:67:42:ca:05:bd:70:e5:50:b4:1f:6b:e0:ea:78:
20:91:9a:35:21:43:bd:91:39:76:21:e9:df:4b:37:b2:3b:a3:
c9:12:0e:8e:3c:9a:b9:d0:84:ed:8f:75:62:28:b6:cc:9a:0e:
a5:d5:57:4f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEUYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYw
MDUyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGMzZBMTEwRDIwQzU5
QzI4ODE0RkY2RDA3MkQyRDYxQURGM0ZDMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxMMHR0nvMprULoR+SVU3ELvRG4lcAnGKbi4XRvLroJE5ddq+Q
Iwe7XhioRxr37lr0TpGOO3P5czeHP11uQ6sjpghWgLWQrCYifPfkBHBWvfhwgyKa
tgkc7U/zSAoT+phsf3DqOGEmlCFMDFEI/TfwCIjH7caOJyahsD+EOlk/nMrWkCE0
H6sTCu6Nql+cNluxhHj/UaYu6y8R0+8OAaG1VFePEBoLpyNGgbOC3Ed00ZAFWSNE
Wqx4cTdzDW8BR5j0X4vUKHMH1tGMTIOeiQ+VjV9lOmHJ46pYd5gTowTsGrv1hZgN
AxR5Uo6P+NTKVl9zQ83V8U3IAJ3n5b3mpA0TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrzahENIMWcKIFP9tBy0tYa3z/A8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3J6YWhFTklNV2NLSUZQ
OXRCeTB0WWEzel9BOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXm16ACNmooSR7p1YUFe2L79d/WB/XcqF
ZSkrlK1fOpyAp/6O7trAAPH+N7nL7PflwWUGLA0mGxDnPZMk8H1JZlxhKGrEdb5m
PpeRHEV2PZdrzPACTHylOdz8XH0R8izP/mprNSEpuY3AYsWJCgmZJNyeryepE5Q7
Y0dY/FsZVOni9U+Hzrq/tNaXuCPArJ73XLDUmLSEUTiuPDW4wt61jnfyUAQsw521
ZHEJ/0+1b5+kt/dbxOPr2dLfLfwDoQ8K0F6Ofyit0RmW/mdCygW9cOVQtB9r4Op4
IJGaNSFDvZE5diHp30s3sjujyRIOjjyaudCE7Y91Yii2zJoOpdVXTw==
-----END CERTIFICATE-----
Generated at Sat Apr 6 03:05:03 2024 by rpki-client on console-ams.rpki-client.org