Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/xPC9L6dQbEwSCG3TX27dEECCHiQ.roa
File: xPC9L6dQbEwSCG3TX27dEECCHiQ.roa (raw, json)
Hash identifier: 2IXjvwljmVrBLGFcK4txhLnCsOQp8l7x2Ok44H1CHHQ=
Subject key identifier: C4:F0:BD:2F:A7:50:6C:4C:12:08:6D:D3:5F:6E:DD:10:40:82:1E:24
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1452
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xPC9L6dQbEwSCG3TX27dEECCHiQ.roa
Signing time: Sun 14 Apr 2024 03:53:19 +0000
ROA not before: Sun 14 Apr 2024 03:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5202 (0x1452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 03:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C4F0BD2FA7506C4C12086DD35F6EDD1040821E24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:32:36:e7:4e:6a:af:da:27:8a:04:df:d7:ef:
6b:b4:61:d1:99:13:bf:3a:13:03:63:1b:0e:9c:64:
7d:c4:dc:0d:7b:06:9f:6d:38:d4:55:59:33:d5:f8:
4f:c0:2b:8d:c4:99:d8:38:78:41:48:65:b5:28:8f:
b2:41:01:ef:a9:04:12:f5:b7:94:e0:17:4b:16:00:
2a:6d:06:4c:b9:a9:38:6c:da:1e:33:16:40:52:e6:
b0:55:93:ff:d2:0b:f9:35:e5:7d:81:bf:38:18:60:
78:1b:8a:2d:bc:6c:b2:d9:1f:0b:5b:86:c6:15:9b:
b7:8a:ec:1b:aa:fb:e6:52:50:eb:a6:5c:ee:5d:7a:
fa:55:ff:cc:cf:ee:d4:4c:56:2c:9c:4a:3c:73:61:
2d:c9:d5:33:46:5e:ae:19:67:8d:d7:a8:1d:e8:07:
37:67:7f:5f:9a:4d:c7:97:86:62:f1:75:62:44:1c:
aa:2c:10:e2:e7:0f:1f:da:ac:75:fd:e2:a4:09:3f:
9f:cf:cb:b4:6d:79:6a:69:60:74:ab:43:30:37:57:
2b:47:b7:6b:9e:7f:55:ee:17:6e:5a:25:04:a0:2f:
89:cd:a5:5a:63:fc:9b:33:88:fd:26:81:bb:b4:0f:
1f:7b:b9:2c:d1:4e:e5:35:70:65:01:e9:df:4c:ad:
e1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F0:BD:2F:A7:50:6C:4C:12:08:6D:D3:5F:6E:DD:10:40:82:1E:24
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xPC9L6dQbEwSCG3TX27dEECCHiQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:2b:6f:89:60:83:0f:91:ab:b1:d1:c2:89:ca:10:94:0e:57:
cf:5d:e8:41:d3:32:ba:92:9e:b2:c3:e8:1a:90:8f:24:3c:47:
e2:6d:5e:89:d3:3c:e7:fd:70:00:dc:f0:f6:ea:1f:fa:f7:c6:
28:b9:5d:7a:79:20:b7:c4:25:65:25:58:00:86:2d:7d:2a:6b:
09:6a:8c:0d:54:48:6e:05:27:57:5d:fd:27:a5:d3:e3:79:1a:
ea:f6:d8:8e:c2:f9:25:16:2f:be:50:c8:53:df:92:15:bd:01:
63:b1:56:07:a0:b8:8a:cb:45:ee:ed:8d:d7:7f:8b:92:45:bf:
d1:41:46:15:f0:68:17:27:1d:53:8f:2d:a7:d7:72:15:30:09:
8e:41:a0:ba:a4:cb:6d:9a:d9:ad:fe:bd:47:d9:e9:aa:97:82:
2f:15:c5:ed:24:63:15:3b:a0:e4:30:a3:1a:9c:3e:de:74:90:
66:fb:80:bd:5d:38:ee:ca:2f:75:2a:98:a0:a1:06:8e:68:be:
f6:c9:fe:a7:86:b2:06:21:fd:e7:9a:2d:ea:e8:7f:9c:2d:37:
ec:aa:e5:64:52:33:52:b7:ea:52:af:db:1e:36:4f:37:d7:48:
b7:f4:ec:97:e8:02:14:6c:3f:08:78:8e:69:8c:ff:a4:43:ac:
a6:b1:6d:1b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFFIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQw
MzUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0RjBCRDJGQTc1MDZD
NEMxMjA4NkREMzVGNkVERDEwNDA4MjFFMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnMjbnTmqv2ieKBN/X72u0YdGZE786EwNjGw6cZH3E3A17Bp9t
ONRVWTPV+E/AK43Emdg4eEFIZbUoj7JBAe+pBBL1t5TgF0sWACptBky5qThs2h4z
FkBS5rBVk//SC/k15X2BvzgYYHgbii28bLLZHwtbhsYVm7eK7Buq++ZSUOumXO5d
evpV/8zP7tRMViycSjxzYS3J1TNGXq4ZZ43XqB3oBzdnf1+aTceXhmLxdWJEHKos
EOLnDx/arHX94qQJP5/Py7RteWppYHSrQzA3VytHt2uef1XuF25aJQSgL4nNpVpj
/JsziP0mgbu0Dx97uSzRTuU1cGUB6d9MreG1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxPC9L6dQbEwSCG3TX27dEECCHiQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3hQQzlMNmRRYkV3U0NH
M1RYMjdkRUVDQ0hpUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA1CtviWCDD5GrsdHCicoQlA5Xz13oQdMy
upKessPoGpCPJDxH4m1eidM85/1wANzw9uof+vfGKLldenkgt8QlZSVYAIYtfSpr
CWqMDVRIbgUnV139J6XT43ka6vbYjsL5JRYvvlDIU9+SFb0BY7FWB6C4istF7u2N
13+LkkW/0UFGFfBoFycdU48tp9dyFTAJjkGguqTLbZrZrf69R9npqpeCLxXF7SRj
FTug5DCjGpw+3nSQZvuAvV047sovdSqYoKEGjmi+9sn+p4ayBiH955ot6uh/nC03
7KrlZFIzUrfqUq/bHjZPN9dIt/Tsl+gCFGw/CHiOaYz/pEOsprFtGw==
Generated at Sun Apr 14 05:27:23 2024 by rpki-client on console-fra.rpki-client.org