Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/x-_mI-ICGhcJ-WGfKP6migtPkSs.roa
File: x-_mI-ICGhcJ-WGfKP6migtPkSs.roa (raw, json)
Hash identifier: s9ZoIokNThme6n7a/PCaBfIbkGzWvIJcgE5+vAtHPjs=
Subject key identifier: C7:EF:E6:23:E2:02:1A:17:09:F9:61:9F:28:FE:A6:8A:0B:4F:91:2B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 123C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/x-_mI-ICGhcJ-WGfKP6migtPkSs.roa
Signing time: Mon 08 Apr 2024 14:22:57 +0000
ROA not before: Mon 08 Apr 2024 14:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4668 (0x123c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 14:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C7EFE623E2021A1709F9619F28FEA68A0B4F912B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:42:be:f6:f8:9a:2f:9f:4d:52:06:f6:c9:
58:be:ea:0c:15:b5:7d:8c:b0:4a:97:1d:b3:d5:3b:
a3:88:5e:51:92:fd:c0:c4:80:b8:b1:e5:22:7b:bc:
f9:35:6d:32:e5:f1:ba:d3:51:3d:d4:0d:7f:e5:de:
6b:37:33:8f:93:6f:1b:bc:39:7a:de:03:59:4f:d4:
17:08:af:f9:6c:b0:af:d0:b8:c3:9e:24:eb:73:42:
4a:ea:62:82:51:0e:bf:a5:cc:a8:b4:eb:89:e8:4b:
ff:6e:d8:a2:35:3f:59:09:1c:37:48:72:5c:a8:77:
7a:3d:a7:da:d3:e1:72:00:51:f8:a1:f8:88:b8:35:
71:4a:60:b4:b2:d6:f1:aa:8d:d6:77:15:8e:5a:a3:
b8:79:0c:0a:bf:c6:40:45:b8:f1:0c:b4:dd:0f:cf:
bf:52:ca:6a:4e:f9:5e:9c:46:c2:b6:a3:04:65:d8:
04:4e:b3:f6:9b:80:07:51:fd:bb:ed:63:9c:b5:e7:
91:ba:ce:87:8c:28:20:be:a6:fa:78:0b:8a:ba:cb:
61:ab:dd:a6:bb:69:a7:32:4d:3a:8a:e6:b9:f4:6a:
1a:84:ca:1e:bf:50:60:c1:65:f1:a3:64:24:8d:b5:
8e:4b:35:72:1f:4d:4f:85:1e:83:c4:46:03:7e:18:
1e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:EF:E6:23:E2:02:1A:17:09:F9:61:9F:28:FE:A6:8A:0B:4F:91:2B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/x-_mI-ICGhcJ-WGfKP6migtPkSs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:c2:1d:c0:6b:1b:1a:8f:8f:96:17:e4:13:e2:34:91:3c:e0:
1d:f4:0c:cf:88:82:dd:52:c8:00:3c:3a:74:0c:d0:8c:bc:6c:
88:f9:e4:c1:50:48:a7:6f:cb:2d:af:5c:3f:e5:2d:29:e9:7f:
b0:5b:af:77:4f:e8:14:e4:0f:ff:9b:15:6a:c6:16:9b:5c:c7:
e5:5a:2b:ea:6e:ca:dd:c1:a5:af:8e:f6:5f:9e:87:95:be:15:
3c:a0:94:e3:a2:c9:31:f4:9f:a5:a5:f7:01:c8:b1:a6:89:a7:
05:6a:39:46:1e:ad:81:32:58:37:8e:27:7b:34:8b:2a:ec:df:
95:ce:e3:bf:20:26:ad:19:0d:43:b2:ae:aa:78:cb:33:de:03:
27:5e:06:19:76:b0:7b:70:4b:3b:21:aa:3d:58:18:eb:5a:3d:
7c:b8:89:6f:b1:08:55:73:a4:6d:91:16:5d:bd:93:20:5c:d7:
08:15:fe:1a:80:3b:2a:af:38:6e:4c:e4:ea:71:ae:5d:5e:52:
b6:0b:52:5c:f6:3a:dc:52:5b:37:b3:dd:2a:30:09:38:54:e7:
cc:26:f9:ad:1b:f5:57:6a:a4:b2:09:16:bc:52:4a:5f:cd:17:
38:e1:cd:0f:14:28:a2:50:43:10:31:d5:fd:be:e4:ee:6a:72:
53:e3:e6:78
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgx
NDIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3RUZFNjIzRTIwMjFB
MTcwOUY5NjE5RjI4RkVBNjhBMEI0RjkxMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7TUK+9viaL59NUgb2yVi+6gwVtX2MsEqXHbPVO6OIXlGS/cDE
gLix5SJ7vPk1bTLl8brTUT3UDX/l3ms3M4+Tbxu8OXreA1lP1BcIr/lssK/QuMOe
JOtzQkrqYoJRDr+lzKi064noS/9u2KI1P1kJHDdIclyod3o9p9rT4XIAUfih+Ii4
NXFKYLSy1vGqjdZ3FY5ao7h5DAq/xkBFuPEMtN0Pz79SympO+V6cRsK2owRl2ARO
s/abgAdR/bvtY5y155G6zoeMKCC+pvp4C4q6y2Gr3aa7aacyTTqK5rn0ahqEyh6/
UGDBZfGjZCSNtY5LNXIfTU+FHoPERgN+GB5jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUx+/mI+ICGhcJ+WGfKP6migtPkSswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3gtX21JLUlDR2hjSi1X
R2ZLUDZtaWd0UGtTcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAncIdwGsbGo+PlhfkE+I0kTzgHfQMz4iC
3VLIADw6dAzQjLxsiPnkwVBIp2/LLa9cP+UtKel/sFuvd0/oFOQP/5sVasYWm1zH
5Vor6m7K3cGlr472X56Hlb4VPKCU46LJMfSfpaX3AcixpomnBWo5Rh6tgTJYN44n
ezSLKuzflc7jvyAmrRkNQ7KuqnjLM94DJ14GGXawe3BLOyGqPVgY61o9fLiJb7EI
VXOkbZEWXb2TIFzXCBX+GoA7Kq84bkzk6nGuXV5StgtSXPY63FJbN7PdKjAJOFTn
zCb5rRv1V2qksgkWvFJKX80XOOHNDxQoolBDEDHV/b7k7mpyU+PmeA==
-----END CERTIFICATE-----
Generated at Mon Apr 8 20:02:50 2024 by rpki-client on console-fra.rpki-client.org