Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/vDb3vqCXwZzTsQEYJ_c1fOlInI4.roa
File: vDb3vqCXwZzTsQEYJ_c1fOlInI4.roa (raw, json)
Hash identifier: ifUbH757CtkJe8BRhC+7fw6PYbJOE4tyj6D/c5RVqcU=
Subject key identifier: BC:36:F7:BE:A0:97:C1:9C:D3:B1:01:18:27:F7:35:7C:E9:48:9C:8E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E94
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/vDb3vqCXwZzTsQEYJ_c1fOlInI4.roa
Signing time: Fri 29 Mar 2024 20:22:30 +0000
ROA not before: Fri 29 Mar 2024 20:22:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3732 (0xe94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 20:22:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BC36F7BEA097C19CD3B1011827F7357CE9489C8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:11:a0:33:43:3f:e7:c2:f1:25:a3:43:57:9c:
31:36:ad:90:d3:f5:7c:a9:d9:f5:15:15:e9:31:82:
48:1a:4e:3d:ee:f6:b4:a4:04:1f:42:3d:70:ad:4b:
ad:13:c7:81:42:6b:07:21:71:51:75:82:c5:7e:de:
26:06:c6:72:1e:d7:c9:5f:f1:1b:37:ac:36:21:44:
54:20:a7:46:36:66:33:0d:45:f6:7f:14:b3:d6:3a:
9e:c7:cc:c5:fe:55:a5:57:6a:2a:03:10:10:fd:25:
ae:77:e1:8c:e7:d3:0b:13:0f:7a:4b:b7:7b:5e:8a:
21:ac:3a:23:70:67:39:9d:12:6f:69:c7:c4:9e:90:
8a:a9:81:3a:c8:e0:6b:35:3f:71:44:ec:4d:3e:a3:
a6:6e:9b:ac:dd:a8:e1:52:44:d9:1a:09:a5:8e:56:
f8:d1:73:fc:2e:07:5e:f7:2c:89:0e:ac:2c:0d:c6:
39:62:c8:7e:7d:58:78:f3:8c:36:38:26:29:75:c1:
b6:dd:bc:89:86:ea:bc:cf:f1:42:ec:d0:40:12:ee:
24:4f:d3:07:33:d9:10:ae:89:b2:95:9a:b6:3c:28:
68:34:b0:69:6c:6b:04:b5:9f:2c:50:6a:45:ae:24:
ac:a9:b7:44:9b:50:cb:0b:5e:0d:51:7c:2b:61:d0:
54:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:36:F7:BE:A0:97:C1:9C:D3:B1:01:18:27:F7:35:7C:E9:48:9C:8E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/vDb3vqCXwZzTsQEYJ_c1fOlInI4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:a0:5e:fc:d7:4a:e4:e3:38:e3:66:ca:0b:69:23:52:6f:31:
aa:ce:8a:64:c7:96:bd:84:cd:18:70:6f:18:cd:25:60:14:b5:
d2:65:5b:8b:e6:16:a5:62:98:f5:de:b5:62:a6:c9:bf:89:48:
c3:97:4a:52:fc:46:0b:89:06:b6:ea:ca:c1:94:5d:09:8f:42:
e8:b5:f3:e7:aa:c0:d7:23:c1:9c:23:48:a2:dc:82:e0:a4:91:
5d:2f:65:89:16:97:f2:33:37:c5:71:46:66:1e:2e:c8:d8:5b:
a4:85:84:6c:33:2e:61:c4:b1:b0:2d:a7:c8:17:ce:c8:bf:84:
b1:cb:05:d2:b1:e8:3b:91:5c:a7:61:8c:fc:c4:70:0c:75:de:
54:47:98:ca:78:e2:4e:52:ae:32:7a:d5:80:aa:be:fe:54:16:
89:70:f4:46:65:0f:e4:d3:35:28:c9:46:c9:ec:0a:51:8c:7c:
bc:d3:48:65:34:50:29:b7:3f:7f:a0:90:09:1d:e5:e9:0e:4a:
23:1c:53:e1:6f:2f:df:39:c5:c6:97:21:96:df:72:01:11:b2:
9c:aa:2a:79:fd:b3:75:d8:55:30:4a:58:1b:87:eb:b8:ee:50:
f3:31:f1:24:98:a5:0e:61:ae:d2:c2:4a:f9:f0:7e:9a:a9:a5:
6f:c0:94:08
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDpQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjky
MDIyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDMzZGN0JFQTA5N0Mx
OUNEM0IxMDExODI3RjczNTdDRTk0ODlDOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEEaAzQz/nwvElo0NXnDE2rZDT9Xyp2fUVFekxgkgaTj3u9rSk
BB9CPXCtS60Tx4FCawchcVF1gsV+3iYGxnIe18lf8Rs3rDYhRFQgp0Y2ZjMNRfZ/
FLPWOp7HzMX+VaVXaioDEBD9Ja534Yzn0wsTD3pLt3teiiGsOiNwZzmdEm9px8Se
kIqpgTrI4Gs1P3FE7E0+o6Zum6zdqOFSRNkaCaWOVvjRc/wuB173LIkOrCwNxjli
yH59WHjzjDY4Jil1wbbdvImG6rzP8ULs0EAS7iRP0wcz2RCuibKVmrY8KGg0sGls
awS1nyxQakWuJKypt0SbUMsLXg1RfCth0FRhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvDb3vqCXwZzTsQEYJ/c1fOlInI4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3ZEYjN2cUNYd1p6VHNR
RVlKX2MxZk9sSW5JNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXaBe/NdK5OM442bKC2kjUm8xqs6KZMeW
vYTNGHBvGM0lYBS10mVbi+YWpWKY9d61YqbJv4lIw5dKUvxGC4kGturKwZRdCY9C
6LXz56rA1yPBnCNIotyC4KSRXS9liRaX8jM3xXFGZh4uyNhbpIWEbDMuYcSxsC2n
yBfOyL+EscsF0rHoO5Fcp2GM/MRwDHXeVEeYynjiTlKuMnrVgKq+/lQWiXD0RmUP
5NM1KMlGyewKUYx8vNNIZTRQKbc/f6CQCR3l6Q5KIxxT4W8v3znFxpchlt9yARGy
nKoqef2zddhVMEpYG4fruO5Q8zHxJJilDmGu0sJK+fB+mqmlb8CUCA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 22:10:33 2024 by rpki-client on console-fra.rpki-client.org