Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/sRN5YspvJg2BG63gVu1mes-Kxt0.roa
File: sRN5YspvJg2BG63gVu1mes-Kxt0.roa (raw, json)
Hash identifier: iDvuwD3e+wkAUIUE3jBDV+3Ckd16DzM01F2J+HlL5RQ=
Subject key identifier: B1:13:79:62:CA:6F:26:0D:81:1B:AD:E0:56:ED:66:7A:CF:8A:C6:DD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0DF2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/sRN5YspvJg2BG63gVu1mes-Kxt0.roa
Signing time: Thu 28 Mar 2024 03:52:24 +0000
ROA not before: Thu 28 Mar 2024 03:52:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3570 (0xdf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 28 03:52:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B1137962CA6F260D811BADE056ED667ACF8AC6DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4c:bc:b8:76:9f:87:0d:14:e8:bb:8a:0b:ed:
b8:7a:f6:bb:5e:96:8a:ae:aa:a5:74:e4:50:13:e2:
a4:be:d5:eb:d7:17:3b:13:38:51:74:ce:2b:5e:ae:
f5:67:67:36:e3:c2:c0:11:49:ac:99:f2:9b:dc:9d:
63:c0:bc:ab:e0:ee:fc:f3:9a:0e:c4:38:45:fd:75:
76:3b:1d:09:9e:51:59:b3:8a:8d:31:29:50:76:94:
43:78:55:84:41:d7:58:48:7f:9a:0e:c7:e1:14:c0:
ed:c1:4f:11:bf:a4:2d:7c:78:94:05:b2:18:d6:b4:
86:3e:5a:5f:3f:a3:21:b2:cd:c2:8d:0d:7a:ba:a2:
60:d3:f0:8a:2e:84:da:01:71:98:a5:22:e3:e2:1e:
e7:e4:a0:5a:86:04:8d:0c:cf:20:40:8f:12:55:bb:
d9:5e:55:31:b2:30:27:26:dd:47:2d:d1:42:9d:d8:
3b:9e:82:d5:b6:0b:7f:3d:e0:a7:b5:ba:d3:a5:7e:
c3:dc:3e:fd:7b:47:64:a4:c3:87:27:4a:8a:b3:7d:
ca:60:52:33:d0:1f:f3:d1:b2:a4:ab:83:15:c6:a3:
0b:7a:83:25:53:3c:c5:77:27:b9:08:4d:73:fb:31:
5c:f5:3b:69:ad:cb:ec:46:14:3d:cb:14:04:84:dd:
39:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:13:79:62:CA:6F:26:0D:81:1B:AD:E0:56:ED:66:7A:CF:8A:C6:DD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/sRN5YspvJg2BG63gVu1mes-Kxt0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:a7:46:47:70:84:5a:69:0d:e8:a6:65:af:cb:d0:23:40:7d:
d8:d7:7c:02:62:4b:6b:8b:66:97:12:32:17:03:55:24:5c:92:
05:e0:29:c5:ed:8c:53:6f:c1:63:65:56:dd:c8:91:2d:6f:b4:
7c:28:c6:f1:ed:30:47:e7:7b:02:1b:d1:3a:d8:13:aa:64:c1:
b9:ba:9b:21:81:4d:42:71:cd:4d:57:4b:8b:48:81:c0:58:96:
05:9f:18:93:ee:31:70:93:4a:0c:30:51:aa:0c:9a:12:d4:0a:
f9:38:f8:b8:6f:16:d6:73:c1:99:3a:f6:0e:36:35:17:e4:4a:
2b:60:08:46:4b:d4:6e:82:23:ce:95:90:19:4f:f9:2c:9e:8d:
60:15:a2:c9:97:ec:4a:17:88:0d:2d:fe:ba:47:69:70:bf:f6:
ef:a5:30:0c:d4:2c:da:f4:eb:b9:b8:3c:2f:a1:d1:88:b9:d5:
0e:41:e5:6f:78:16:13:04:26:9d:00:87:a7:1f:87:96:3c:87:
87:d6:e8:93:38:79:8e:f4:78:2d:4b:99:6b:42:37:ed:84:ef:
b5:ed:e0:f9:04:6c:b0:97:e7:9f:b4:82:0e:c5:08:2e:2e:96:
db:50:55:7c:06:71:cd:b5:2f:37:23:d7:3d:88:29:df:06:76:
52:ae:d7:39
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjgw
MzUyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIxMTM3OTYyQ0E2RjI2
MEQ4MTFCQURFMDU2RUQ2NjdBQ0Y4QUM2REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrTLy4dp+HDRTou4oL7bh69rteloquqqV05FAT4qS+1evXFzsT
OFF0zitervVnZzbjwsARSayZ8pvcnWPAvKvg7vzzmg7EOEX9dXY7HQmeUVmzio0x
KVB2lEN4VYRB11hIf5oOx+EUwO3BTxG/pC18eJQFshjWtIY+Wl8/oyGyzcKNDXq6
omDT8IouhNoBcZilIuPiHufkoFqGBI0MzyBAjxJVu9leVTGyMCcm3Uct0UKd2Due
gtW2C3894Ke1utOlfsPcPv17R2Skw4cnSoqzfcpgUjPQH/PRsqSrgxXGowt6gyVT
PMV3J7kITXP7MVz1O2mty+xGFD3LFASE3TntAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsRN5YspvJg2BG63gVu1mes+Kxt0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3NSTjVZc3B2SmcyQkc2
M2dWdTFtZXMtS3h0MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAtKdGR3CEWmkN6KZlr8vQI0B92Nd8AmJL
a4tmlxIyFwNVJFySBeApxe2MU2/BY2VW3ciRLW+0fCjG8e0wR+d7AhvROtgTqmTB
ubqbIYFNQnHNTVdLi0iBwFiWBZ8Yk+4xcJNKDDBRqgyaEtQK+Tj4uG8W1nPBmTr2
DjY1F+RKK2AIRkvUboIjzpWQGU/5LJ6NYBWiyZfsSheIDS3+ukdpcL/276UwDNQs
2vTrubg8L6HRiLnVDkHlb3gWEwQmnQCHpx+HljyHh9bokzh5jvR4LUuZa0I37YTv
te3g+QRssJfnn7SCDsUILi6W21BVfAZxzbUvNyPXPYgp3wZ2Uq7XOQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 05:24:58 2024 by rpki-client on console-fra.rpki-client.org