Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/sHkyT3m1mcSmvGd-ENjQKXz5bKM.roa
File: sHkyT3m1mcSmvGd-ENjQKXz5bKM.roa (raw, json)
Hash identifier: NATv/sXU0PHLM+dZi2TrrFZNXEupKmnTtUJppIJHNOU=
Subject key identifier: B0:79:32:4F:79:B5:99:C4:A6:BC:67:7E:10:D8:D0:29:7C:F9:6C:A3
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15B4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/sHkyT3m1mcSmvGd-ENjQKXz5bKM.roa
Signing time: Wed 17 Apr 2024 20:23:25 +0000
ROA not before: Wed 17 Apr 2024 20:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5556 (0x15b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 20:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B079324F79B599C4A6BC677E10D8D0297CF96CA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dd:89:18:a2:3d:ef:53:5b:e8:4c:74:18:76:
3a:aa:e7:ed:55:65:92:bb:de:1a:1b:34:82:94:e5:
b2:a9:0e:28:3f:bf:eb:00:a9:e2:f8:4f:43:fe:68:
e6:e9:fe:7f:c5:6e:4e:90:b6:be:bc:18:c8:a3:e5:
4d:97:7d:5f:aa:4a:8d:17:9a:e0:da:d1:e9:ac:45:
f1:b7:70:28:c4:6b:e5:a0:b4:9f:66:0b:c5:d0:0c:
66:66:63:ed:56:24:8d:0d:db:64:13:a2:d3:2d:92:
30:e0:5c:fa:ea:fe:98:35:ba:74:da:c7:9f:60:19:
74:94:30:61:29:6c:f4:31:68:89:fd:b5:56:c2:6d:
7d:62:81:30:1b:fa:2a:af:68:5c:55:52:35:86:93:
5c:ca:0d:7b:ad:28:8b:86:1f:d8:ff:d2:73:fd:93:
56:24:80:55:b5:fb:70:24:cc:e7:f3:49:52:e7:63:
3f:99:44:f4:3d:e8:8c:8b:61:5b:df:85:e9:69:22:
94:63:68:05:98:c5:e6:ae:ae:82:ac:ec:51:d0:f7:
74:3e:f7:e4:58:9f:5b:39:5c:69:99:60:1d:81:c1:
9a:a5:16:92:2d:fd:54:37:3f:cc:58:33:38:64:6d:
b1:a0:7e:7a:d4:2f:a7:12:79:ab:91:59:84:b9:f5:
7d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:79:32:4F:79:B5:99:C4:A6:BC:67:7E:10:D8:D0:29:7C:F9:6C:A3
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/sHkyT3m1mcSmvGd-ENjQKXz5bKM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:69:b4:d4:3a:11:45:0c:91:ac:0b:b0:0b:8a:70:ad:e9:5f:
af:e4:2f:0b:8b:b5:8a:0a:93:82:a4:ff:19:d9:f8:69:3f:4b:
8b:cc:0e:24:08:32:b9:c7:d0:57:16:a9:58:20:11:57:69:0a:
58:42:72:14:64:24:fd:89:9a:67:12:7e:25:95:91:57:78:74:
bc:31:82:6c:0d:13:ae:68:26:b1:de:e9:9d:36:b7:f4:db:c3:
a5:f7:3b:00:13:9b:c0:05:5c:ce:11:58:25:dc:9d:b7:c7:d6:
2d:ec:6d:81:b0:0a:af:2e:a7:3f:05:ad:46:34:e7:6f:61:af:
ed:46:70:36:87:4c:8e:b7:25:e6:10:fe:ab:b8:b1:89:be:ad:
98:0c:03:5e:24:ff:e9:b1:75:dd:f7:0a:66:19:1f:e4:aa:cd:
92:3a:7d:9c:2f:e6:5a:74:b9:03:b9:0c:a2:19:18:9c:98:32:
32:5f:4f:86:a7:21:8a:b1:e1:83:e0:5c:93:21:25:37:71:74:
ae:6f:3d:75:8c:89:5d:fb:0d:12:42:9d:a9:a2:3d:03:14:25:
e3:61:28:4c:e8:0e:48:2c:a4:10:31:1f:34:f6:6d:47:51:e2:
67:d5:51:b5:48:d5:36:6d:1a:eb:91:19:f0:c9:8d:8c:f3:1c:
c2:70:e8:47
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcy
MDIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwNzkzMjRGNzlCNTk5
QzRBNkJDNjc3RTEwRDhEMDI5N0NGOTZDQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC3YkYoj3vU1voTHQYdjqq5+1VZZK73hobNIKU5bKpDig/v+sA
qeL4T0P+aObp/n/Fbk6Qtr68GMij5U2XfV+qSo0XmuDa0emsRfG3cCjEa+WgtJ9m
C8XQDGZmY+1WJI0N22QTotMtkjDgXPrq/pg1unTax59gGXSUMGEpbPQxaIn9tVbC
bX1igTAb+iqvaFxVUjWGk1zKDXutKIuGH9j/0nP9k1YkgFW1+3AkzOfzSVLnYz+Z
RPQ96IyLYVvfhelpIpRjaAWYxeauroKs7FHQ93Q+9+RYn1s5XGmZYB2BwZqlFpIt
/VQ3P8xYMzhkbbGgfnrUL6cSeauRWYS59X0NAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsHkyT3m1mcSmvGd+ENjQKXz5bKMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3NIa3lUM20xbWNTbXZH
ZC1FTmpRS1h6NWJLTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEACGm01DoRRQyRrAuwC4pwrelfr+QvC4u1
igqTgqT/Gdn4aT9Li8wOJAgyucfQVxapWCARV2kKWEJyFGQk/YmaZxJ+JZWRV3h0
vDGCbA0Trmgmsd7pnTa39NvDpfc7ABObwAVczhFYJdydt8fWLextgbAKry6nPwWt
RjTnb2Gv7UZwNodMjrcl5hD+q7ixib6tmAwDXiT/6bF13fcKZhkf5KrNkjp9nC/m
WnS5A7kMohkYnJgyMl9PhqchirHhg+BckyElN3F0rm89dYyJXfsNEkKdqaI9AxQl
42EoTOgOSCykEDEfNPZtR1HiZ9VRtUjVNm0a65EZ8MmNjPMcwnDoRw==
-----END CERTIFICATE-----
Generated at Wed Apr 17 22:20:47 2024 by rpki-client on console-ams.rpki-client.org