Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/vSldAeWHssIU5u8wSyjXmcDPt14.roa
File: vSldAeWHssIU5u8wSyjXmcDPt14.roa (raw, json)
Hash identifier: W83u06nbUjrn7lTV/nlNZnM9euSPMaKxXGC41c6xufo=
Subject key identifier: BD:29:5D:01:E5:87:B2:C2:14:E6:EF:30:4B:28:D7:99:C0:CF:B7:5E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 153A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/vSldAeWHssIU5u8wSyjXmcDPt14.roa
Signing time: Tue 16 Apr 2024 13:53:21 +0000
ROA not before: Tue 16 Apr 2024 13:53:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5434 (0x153a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 16 13:53:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BD295D01E587B2C214E6EF304B28D799C0CFB75E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:34:e1:aa:68:13:e0:d2:79:6e:12:d8:a8:37:
b9:e2:b1:e0:75:47:f0:64:53:fe:cb:be:c9:1b:25:
75:ce:a0:6d:21:30:5b:14:f9:67:fe:ad:19:69:18:
46:8e:68:1a:3c:58:05:11:3c:00:a5:f2:4b:4d:6e:
2e:d8:b3:3b:62:41:89:ee:70:6e:a2:28:bb:d8:0f:
b2:2b:99:e4:47:3e:1c:d6:0c:e6:b9:8b:16:cb:22:
65:b0:11:c7:37:49:9a:c8:41:9b:a3:a8:a4:43:b5:
1c:75:82:a1:18:34:03:f4:81:8a:40:62:08:95:de:
12:77:30:aa:cc:cb:3d:ab:c4:cd:24:bc:49:28:dd:
67:30:ac:42:39:bc:a2:30:d4:2d:e3:d3:ab:96:cc:
93:cd:1d:ea:f6:05:30:60:e7:52:bc:0e:14:3a:93:
6e:f2:e7:82:0d:26:21:06:8f:a8:a6:6f:30:1d:58:
fe:80:5e:24:3b:95:ac:f2:7e:f6:9f:54:8f:12:c1:
f2:ae:ee:3e:1c:9f:06:fa:bb:a8:9b:22:6d:10:db:
9c:e0:2a:f3:03:7a:31:0d:d9:a3:ec:8e:2f:da:49:
79:b4:d4:84:e3:76:0e:3f:63:75:bd:24:f3:6d:b1:
67:fb:60:4b:c0:c9:6a:c6:af:70:78:ea:1e:75:df:
53:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:29:5D:01:E5:87:B2:C2:14:E6:EF:30:4B:28:D7:99:C0:CF:B7:5E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/vSldAeWHssIU5u8wSyjXmcDPt14.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:34:a6:c2:b5:b4:09:b9:84:7a:43:f7:34:39:5d:d8:b4:30:
9d:ba:2c:04:3b:74:91:ad:91:23:8e:ca:bf:26:f2:a2:57:85:
59:88:93:76:e0:59:76:ad:c9:e2:a1:dc:0f:b4:98:e0:0f:62:
3a:a4:87:c7:a0:2f:10:c2:1d:47:e9:5e:00:24:60:e9:b0:66:
d8:0c:2a:5c:c2:2d:0a:22:f1:02:88:08:17:d5:ae:91:e7:0f:
f3:3a:4c:0c:e3:2b:d9:6b:c8:ec:10:5b:75:98:f8:82:3b:01:
9f:b5:96:0a:7c:36:be:9d:19:e1:0c:8a:58:6a:a0:82:c8:c4:
a3:ad:c3:13:a3:61:4b:df:47:4f:86:cc:3d:79:3c:df:7c:b6:
8f:4c:d2:d1:01:c7:f1:e3:b5:f4:1c:00:be:72:92:5a:30:78:
93:f5:98:c2:21:6d:86:68:16:2e:66:64:4f:65:6c:10:47:9d:
6d:0d:ae:00:23:7c:4f:9a:7e:0d:87:4c:8b:7f:86:96:35:d8:
80:06:6c:3a:b2:f4:1a:d2:e6:cf:c0:db:80:86:b0:30:e4:bb:
41:a6:f4:94:4d:fd:44:2f:b0:76:ea:4a:a3:58:4e:8a:43:ce:
5a:b5:7d:3b:3c:a4:a5:98:79:72:9c:cd:08:bb:9e:93:13:64:
1e:92:fd:7a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTYx
MzUzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJEMjk1RDAxRTU4N0Iy
QzIxNEU2RUYzMDRCMjhENzk5QzBDRkI3NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQNOGqaBPg0nluEtioN7niseB1R/BkU/7LvskbJXXOoG0hMFsU
+Wf+rRlpGEaOaBo8WAURPACl8ktNbi7YsztiQYnucG6iKLvYD7IrmeRHPhzWDOa5
ixbLImWwEcc3SZrIQZujqKRDtRx1gqEYNAP0gYpAYgiV3hJ3MKrMyz2rxM0kvEko
3WcwrEI5vKIw1C3j06uWzJPNHer2BTBg51K8DhQ6k27y54INJiEGj6imbzAdWP6A
XiQ7lazyfvafVI8SwfKu7j4cnwb6u6ibIm0Q25zgKvMDejEN2aPsji/aSXm01ITj
dg4/Y3W9JPNtsWf7YEvAyWrGr3B46h5131PNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvSldAeWHssIU5u8wSyjXmcDPt14wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3ZTbGRBZVdIc3NJVTV1
OHdTeWpYbWNEUHQxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAqTSmwrW0CbmEekP3NDld2LQwnbosBDt0
ka2RI47KvybyoleFWYiTduBZdq3J4qHcD7SY4A9iOqSHx6AvEMIdR+leACRg6bBm
2AwqXMItCiLxAogIF9WukecP8zpMDOMr2WvI7BBbdZj4gjsBn7WWCnw2vp0Z4QyK
WGqggsjEo63DE6NhS99HT4bMPXk833y2j0zS0QHH8eO19BwAvnKSWjB4k/WYwiFt
hmgWLmZkT2VsEEedbQ2uACN8T5p+DYdMi3+GljXYgAZsOrL0GtLmz8DbgIawMOS7
Qab0lE39RC+wdupKo1hOikPOWrV9OzykpZh5cpzNCLuekxNkHpL9eg==
-----END CERTIFICATE-----
Generated at Tue Apr 16 17:52:07 2024 by rpki-client on console-fra.rpki-client.org