Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ug-gHGncGc6FWk2AtU86kyHnpaY.roa
File: ug-gHGncGc6FWk2AtU86kyHnpaY.roa (raw, json)
Hash identifier: zhvEcTYiCUZhR8MnRF0ljVY/9bsJK3EZ7j6UnwIaKJY=
Subject key identifier: BA:0F:A0:1C:69:DC:19:CE:85:5A:4D:80:B5:4F:3A:93:21:E7:A5:A6
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B90
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ug-gHGncGc6FWk2AtU86kyHnpaY.roa
Signing time: Fri 03 May 2024 11:24:10 +0000
ROA not before: Fri 03 May 2024 11:24:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7056 (0x1b90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 11:24:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BA0FA01C69DC19CE855A4D80B54F3A9321E7A5A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f2:94:d9:94:9d:35:98:cf:70:05:51:10:8a:
d7:61:eb:29:da:12:e1:c2:38:1f:85:da:8e:c9:e1:
03:67:5c:a8:9a:44:d2:8d:07:a5:01:53:bb:b3:24:
9a:5b:3d:c6:c5:7d:f7:a6:1a:e5:17:b7:22:70:56:
3d:77:a9:a8:47:9f:c9:96:57:76:d1:60:05:15:f6:
10:a6:d7:3c:c0:b1:05:4a:87:fe:bf:86:05:40:99:
ad:82:d4:67:dd:7b:7d:44:cb:4a:11:36:d9:3e:7e:
f3:ed:bf:e9:f4:d9:96:22:45:37:fe:fb:dd:bd:5d:
7f:83:1a:8c:f0:20:6c:f9:0d:37:87:c3:18:7a:32:
2e:38:1b:a9:3e:41:d8:0b:31:94:7f:f3:fe:af:e4:
41:10:e4:b7:ec:65:26:09:33:5d:05:56:78:5e:c8:
81:f1:55:aa:bf:17:fb:25:3d:88:17:3c:ab:b9:44:
26:f1:ad:b5:39:1e:87:d3:6b:f5:81:d5:c7:6c:f8:
e9:79:09:78:05:ba:67:57:b1:72:58:fd:48:ae:bb:
2f:89:fa:aa:23:81:0b:ff:0a:89:29:22:4c:b1:30:
53:d3:1e:db:a2:fb:70:e9:4d:0a:7d:bd:3a:36:5e:
af:2f:2f:db:ea:91:fa:e2:5d:2b:32:07:7f:6c:fc:
8d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:0F:A0:1C:69:DC:19:CE:85:5A:4D:80:B5:4F:3A:93:21:E7:A5:A6
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ug-gHGncGc6FWk2AtU86kyHnpaY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:96:9c:4c:28:58:20:52:7f:db:64:f3:f3:c8:dc:70:b1:df:
59:a6:71:ea:62:85:5f:1f:64:14:06:c2:1a:d7:17:a3:4f:a0:
27:f1:1d:b1:12:3e:1c:86:cd:2d:b2:de:07:2f:2f:5a:0a:8e:
24:5c:8e:e4:a7:18:d4:d1:51:9c:5d:cc:75:fa:33:0a:2a:93:
5c:40:25:97:b8:e8:d1:ee:65:f1:a5:80:ff:9f:ec:fa:5a:63:
aa:07:55:09:f7:7c:85:c4:75:f0:79:52:1f:ea:05:68:1b:92:
48:42:a5:9b:18:e2:4a:2c:66:61:45:da:24:b9:b2:91:e6:73:
39:5c:af:4b:a6:d6:a1:c5:9d:c7:8d:a1:3c:9c:0d:b8:ed:3b:
4d:40:38:39:dd:07:11:86:59:e5:d7:1e:80:b6:81:20:f0:6d:
6f:ca:51:35:32:94:be:16:da:ee:81:79:b6:23:da:09:d9:f2:
79:e6:fe:22:75:86:7b:ea:3c:79:e8:34:34:5a:ae:66:8c:e1:
10:c7:b5:57:b7:79:b7:58:18:19:9a:e6:b4:bf:2c:0f:a3:25:
3f:45:30:8c:7f:d8:2e:67:ed:46:78:19:c7:68:1f:47:3b:63:
68:c4:29:00:4f:d9:7d:a3:75:6a:82:43:b6:1e:f6:4f:b8:18:
ab:4f:44:9c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG5AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMx
MTI0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJBMEZBMDFDNjlEQzE5
Q0U4NTVBNEQ4MEI1NEYzQTkzMjFFN0E1QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo8pTZlJ01mM9wBVEQitdh6ynaEuHCOB+F2o7J4QNnXKiaRNKN
B6UBU7uzJJpbPcbFffemGuUXtyJwVj13qahHn8mWV3bRYAUV9hCm1zzAsQVKh/6/
hgVAma2C1Gfde31Ey0oRNtk+fvPtv+n02ZYiRTf++929XX+DGozwIGz5DTeHwxh6
Mi44G6k+QdgLMZR/8/6v5EEQ5LfsZSYJM10FVnheyIHxVaq/F/slPYgXPKu5RCbx
rbU5HofTa/WB1cds+Ol5CXgFumdXsXJY/Uiuuy+J+qojgQv/CokpIkyxMFPTHtui
+3DpTQp9vTo2Xq8vL9vqkfriXSsyB39s/I0xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUug+gHGncGc6FWk2AtU86kyHnpaYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3VnLWdIR25jR2M2Rldr
MkF0VTg2a3lIbnBhWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAUJacTChYIFJ/22Tz88jccLHfWaZx6mKF
Xx9kFAbCGtcXo0+gJ/EdsRI+HIbNLbLeBy8vWgqOJFyO5KcY1NFRnF3MdfozCiqT
XEAll7jo0e5l8aWA/5/s+lpjqgdVCfd8hcR18HlSH+oFaBuSSEKlmxjiSixmYUXa
JLmykeZzOVyvS6bWocWdx42hPJwNuO07TUA4Od0HEYZZ5dcegLaBIPBtb8pRNTKU
vhba7oF5tiPaCdnyeeb+InWGe+o8eeg0NFquZozhEMe1V7d5t1gYGZrmtL8sD6Ml
P0UwjH/YLmftRngZx2gfRztjaMQpAE/ZfaN1aoJDth72T7gYq09EnA==
-----END CERTIFICATE-----
Generated at Fri May 3 17:14:10 2024 by rpki-client on console-fra.rpki-client.org