Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/x-6p1vgO09i63Nu18LnkB6W-JY0.roa
File: x-6p1vgO09i63Nu18LnkB6W-JY0.roa (raw, json)
Hash identifier: XvduKouDy81gyK2yFoH9udftru27/6TyQg5O9G+8Lls=
Subject key identifier: C7:EE:A9:D6:F8:0E:D3:D8:BA:DC:DB:B5:F0:B9:E4:07:A5:BE:25:8D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 14C0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/x-6p1vgO09i63Nu18LnkB6W-JY0.roa
Signing time: Mon 15 Apr 2024 07:23:18 +0000
ROA not before: Mon 15 Apr 2024 07:23:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5312 (0x14c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 07:23:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C7EEA9D6F80ED3D8BADCDBB5F0B9E407A5BE258D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b8:2e:02:4b:ad:4c:33:57:ca:da:2c:74:51:
55:e8:0d:68:de:9d:1e:07:c7:bf:0c:e7:6d:45:02:
8a:25:35:8e:2d:e6:2b:7d:9e:69:3e:f0:cc:9a:29:
bb:56:07:ad:be:c1:07:da:6b:4b:b2:f8:4b:00:61:
00:5c:af:71:08:d7:a7:d7:a2:81:72:27:b4:b9:44:
7c:46:40:3a:08:fb:b0:17:93:86:4c:51:79:b7:3f:
b9:0c:50:77:ec:a6:18:94:b1:90:94:b1:b5:d9:3f:
27:3f:3a:80:0c:c7:6b:18:63:9f:4c:b7:33:a2:36:
af:ca:d9:3d:10:2e:8d:3c:33:54:df:e1:2a:8f:41:
c8:b8:d9:ef:f1:8a:45:e1:3c:e4:a2:18:86:e2:cf:
06:64:b1:94:88:6d:cf:4c:a6:f3:98:53:d4:19:c5:
2e:93:be:be:ef:12:b2:dc:c4:a6:8b:a9:52:c6:b6:
4b:2d:10:a0:a1:e3:51:61:87:18:fa:ed:b1:9e:fc:
75:7d:72:2d:7e:2f:16:c6:47:9e:5e:3a:d6:5f:a6:
26:71:5d:af:9f:7b:22:76:ba:8f:5d:82:80:21:b9:
2e:9b:b8:01:7b:5f:58:54:c6:1f:df:50:b9:16:20:
23:89:1b:0d:8e:f7:db:d9:2c:86:a6:e0:dc:b2:78:
93:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:EE:A9:D6:F8:0E:D3:D8:BA:DC:DB:B5:F0:B9:E4:07:A5:BE:25:8D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/x-6p1vgO09i63Nu18LnkB6W-JY0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:40:62:53:1b:6d:ec:c0:85:e4:b3:5c:d2:16:91:67:32:86:
c7:49:88:fc:31:07:bc:c5:1a:c5:ed:3b:95:fe:b6:9d:18:d9:
37:c6:18:45:d0:aa:03:2e:74:61:5a:5d:a6:59:ae:31:70:7c:
95:65:5e:b4:71:b0:60:e5:6e:1f:00:9a:14:8e:8c:36:ee:62:
ef:40:92:32:b2:5a:97:77:27:b5:61:d2:58:ff:8e:bf:79:2c:
4a:61:18:45:73:98:1f:29:7a:35:b3:c8:ad:7c:b6:51:e0:bb:
a9:f3:72:bb:30:9d:d6:e1:cc:a9:6d:6f:e0:56:92:a8:25:c5:
05:25:3d:e2:67:bd:3d:f2:a8:e6:03:b1:ea:a2:72:2f:13:b6:
6a:2f:2f:2c:78:3c:de:c0:ed:25:a4:e0:2f:75:19:cf:aa:a4:
91:04:3d:c4:dc:f6:49:02:d2:89:47:81:37:ce:bd:2a:00:bc:
80:ef:85:63:7d:fb:2d:3b:c3:1d:05:4c:43:ba:a4:e9:96:df:
73:76:09:d4:79:cd:86:b5:ef:28:fa:bc:ea:fd:ca:fb:ba:06:
d0:87:99:dc:41:5c:ef:6b:6a:25:0e:24:38:54:8f:07:63:37:
0a:ff:9f:43:6c:fd:93:a7:18:63:71:78:a3:fd:45:28:2d:91:
20:40:47:c9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUw
NzIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3RUVBOUQ2RjgwRUQz
RDhCQURDREJCNUYwQjlFNDA3QTVCRTI1OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYuC4CS61MM1fK2ix0UVXoDWjenR4Hx78M521FAoolNY4t5it9
nmk+8MyaKbtWB62+wQfaa0uy+EsAYQBcr3EI16fXooFyJ7S5RHxGQDoI+7AXk4ZM
UXm3P7kMUHfsphiUsZCUsbXZPyc/OoAMx2sYY59MtzOiNq/K2T0QLo08M1Tf4SqP
Qci42e/xikXhPOSiGIbizwZksZSIbc9MpvOYU9QZxS6Tvr7vErLcxKaLqVLGtkst
EKCh41Fhhxj67bGe/HV9ci1+LxbGR55eOtZfpiZxXa+feyJ2uo9dgoAhuS6buAF7
X1hUxh/fULkWICOJGw2O99vZLIam4NyyeJNNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUx+6p1vgO09i63Nu18LnkB6W+JY0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3gtNnAxdmdPMDlpNjNO
dTE4TG5rQjZXLUpZMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAb0BiUxtt7MCF5LNc0haRZzKGx0mI/DEH
vMUaxe07lf62nRjZN8YYRdCqAy50YVpdplmuMXB8lWVetHGwYOVuHwCaFI6MNu5i
70CSMrJal3cntWHSWP+Ov3ksSmEYRXOYHyl6NbPIrXy2UeC7qfNyuzCd1uHMqW1v
4FaSqCXFBSU94me9PfKo5gOx6qJyLxO2ai8vLHg83sDtJaTgL3UZz6qkkQQ9xNz2
SQLSiUeBN869KgC8gO+FY337LTvDHQVMQ7qk6Zbfc3YJ1HnNhrXvKPq86v3K+7oG
0IeZ3EFc72tqJQ4kOFSPB2M3Cv+fQ2z9k6cYY3F4o/1FKC2RIEBHyQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 11:25:17 2024 by rpki-client on console-fra.rpki-client.org