Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/xHwwshax7A_U7_LS-iu46eQN2iA.roa
File: xHwwshax7A_U7_LS-iu46eQN2iA.roa (raw, json)
Hash identifier: HPTd1nn4FX34Hl0hEcdDLEGXr8KwdwiV2iWvwD0sME4=
Subject key identifier: C4:7C:30:B2:16:B1:EC:0F:D4:EF:F2:D2:FA:2B:B8:E9:E4:0D:DA:20
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 12D8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xHwwshax7A_U7_LS-iu46eQN2iA.roa
Signing time: Wed 10 Apr 2024 05:23:07 +0000
ROA not before: Wed 10 Apr 2024 05:23:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4824 (0x12d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 05:23:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C47C30B216B1EC0FD4EFF2D2FA2BB8E9E40DDA20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:ca:4e:0d:5e:07:0f:da:6e:5e:33:12:81:
77:e6:30:1f:f6:2b:fc:79:b4:25:49:67:94:40:ca:
95:82:ec:79:e2:e7:44:c5:02:b1:83:fa:bd:de:3e:
19:33:d6:23:33:ae:cb:90:b0:fb:55:5c:c1:6a:ce:
b8:a8:ad:2f:20:db:36:b7:8c:55:3c:4f:8d:76:20:
e0:1e:c5:1b:a6:2f:47:a0:8b:17:ca:03:74:8a:78:
5f:1f:25:2b:2f:1e:e4:13:92:c4:98:d6:91:17:a0:
40:66:bb:27:43:0b:83:e1:86:56:3f:06:94:b4:23:
b8:fe:97:39:27:4e:95:53:92:00:72:27:47:2d:c7:
ce:0a:c1:ae:37:09:2b:75:ba:62:1a:34:4b:4e:03:
a7:e1:06:ce:c6:b8:04:c3:af:57:65:cd:ff:73:12:
8f:3d:f3:31:52:6b:74:4a:16:fd:a5:2c:1c:d6:ae:
71:06:c8:34:67:bd:5f:21:9e:d0:48:fb:e1:e0:24:
38:46:58:fe:b3:d5:35:5b:17:e8:bc:f3:c1:03:50:
20:81:1b:d3:36:cb:a0:3d:2a:f5:70:ae:72:4e:c7:
53:ae:75:1e:9d:ab:30:94:80:a9:5a:68:66:0b:46:
75:e5:e8:09:b5:2f:f5:24:bd:1d:22:a1:c3:33:e8:
6a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7C:30:B2:16:B1:EC:0F:D4:EF:F2:D2:FA:2B:B8:E9:E4:0D:DA:20
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xHwwshax7A_U7_LS-iu46eQN2iA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:a7:56:80:b8:e8:05:6d:74:8d:9f:37:47:75:fa:e7:43:36:
44:67:da:d5:84:b6:00:23:af:32:c8:1c:40:38:1f:c1:f7:50:
a9:5e:ba:13:8e:25:cf:3b:f4:a1:0d:8e:ff:2b:cd:c9:3a:10:
e6:71:3b:2e:74:78:ce:1e:e9:f0:ad:41:7e:8d:d4:a7:5d:cf:
54:4d:b7:be:4c:af:4f:39:7e:59:84:76:54:85:e1:ce:11:06:
28:fe:f9:5b:82:5b:88:36:cb:45:ef:b1:91:b2:3a:49:6d:07:
10:ea:d6:53:59:48:17:10:ef:ee:c0:c7:0f:29:a7:4d:72:01:
6f:fa:2e:5f:15:62:09:93:34:76:d8:c1:83:6b:a5:d0:f9:95:
76:6d:6b:c1:ed:09:11:94:df:9f:61:8e:70:b7:7e:40:81:9c:
e8:34:67:cb:78:75:04:67:fd:83:de:6d:e9:91:cc:fd:b4:bc:
e2:7f:8a:0f:1a:87:73:66:11:e1:2e:f6:11:c5:4b:7d:84:ef:
de:3d:2e:0b:b4:82:5f:a6:0c:d5:77:3e:b7:5b:f9:44:ab:46:
70:7e:af:d7:49:52:30:ef:57:96:56:e2:ea:62:16:a6:3b:fb:
87:6a:bf:51:34:6a:64:a1:cc:49:a3:ac:39:68:29:ec:b7:be:
0d:f5:3f:18
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEtgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAw
NTIzMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0N0MzMEIyMTZCMUVD
MEZENEVGRjJEMkZBMkJCOEU5RTQwRERBMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbp8pODV4HD9puXjMSgXfmMB/2K/x5tCVJZ5RAypWC7Hni50TF
ArGD+r3ePhkz1iMzrsuQsPtVXMFqzriorS8g2za3jFU8T412IOAexRumL0egixfK
A3SKeF8fJSsvHuQTksSY1pEXoEBmuydDC4PhhlY/BpS0I7j+lzknTpVTkgByJ0ct
x84Kwa43CSt1umIaNEtOA6fhBs7GuATDr1dlzf9zEo898zFSa3RKFv2lLBzWrnEG
yDRnvV8hntBI++HgJDhGWP6z1TVbF+i888EDUCCBG9M2y6A9KvVwrnJOx1OudR6d
qzCUgKlaaGYLRnXl6Am1L/UkvR0iocMz6GozAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxHwwshax7A/U7/LS+iu46eQN2iAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3hId3dzaGF4N0FfVTdf
TFMtaXU0NmVRTjJpQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAIqdWgLjoBW10jZ83R3X650M2RGfa1YS2
ACOvMsgcQDgfwfdQqV66E44lzzv0oQ2O/yvNyToQ5nE7LnR4zh7p8K1Bfo3Up13P
VE23vkyvTzl+WYR2VIXhzhEGKP75W4JbiDbLRe+xkbI6SW0HEOrWU1lIFxDv7sDH
DymnTXIBb/ouXxViCZM0dtjBg2ul0PmVdm1rwe0JEZTfn2GOcLd+QIGc6DRny3h1
BGf9g95t6ZHM/bS84n+KDxqHc2YR4S72EcVLfYTv3j0uC7SCX6YM1Xc+t1v5RKtG
cH6v10lSMO9Xllbi6mIWpjv7h2q/UTRqZKHMSaOsOWgp7Le+DfU/GA==
-----END CERTIFICATE-----
Generated at Wed Apr 10 08:40:14 2024 by rpki-client on console-ams.rpki-client.org