Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/xiHiOMN_RhV6dYk2MSgeqgUjLs8.roa
File: xiHiOMN_RhV6dYk2MSgeqgUjLs8.roa (raw, json)
Hash identifier: Xw1o038aF/Qol43xx7yEiiIcpDkkD/WLy2VYaqfQ0Z8=
Subject key identifier: C6:21:E2:38:C3:7F:46:15:7A:75:89:36:31:28:1E:AA:05:23:2E:CF
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15C0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xiHiOMN_RhV6dYk2MSgeqgUjLs8.roa
Signing time: Wed 17 Apr 2024 23:23:26 +0000
ROA not before: Wed 17 Apr 2024 23:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5568 (0x15c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 23:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C621E238C37F46157A75893631281EAA05232ECF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4e:27:1a:85:1c:eb:9a:b5:a6:cf:00:27:a0:
4c:e6:b1:13:34:3c:2b:0b:de:06:5b:be:86:e2:26:
9a:6b:c0:fa:00:68:2d:41:81:c0:7f:54:0a:a7:ab:
22:f5:4f:af:2c:f1:44:84:37:b4:86:83:c8:6a:59:
69:e8:69:13:6c:65:52:91:1f:04:d3:ee:39:bf:88:
75:10:a0:68:57:eb:c6:b9:44:52:c6:f5:69:6e:25:
6c:5e:ba:10:f0:ea:f0:dd:82:43:15:de:eb:08:36:
81:e2:e0:da:fa:f8:39:39:47:35:05:e4:2c:cb:55:
de:cc:ba:4d:8f:f0:e6:d3:c7:2b:f6:b5:1c:ea:75:
4b:f4:27:ba:16:33:83:69:b2:1c:db:30:e1:ff:db:
c9:10:aa:cd:16:fe:63:e6:88:bf:00:1b:d3:53:3e:
b0:77:c7:ec:0c:1f:d0:18:e7:15:ca:85:f9:74:18:
32:f1:2e:72:43:af:27:77:0e:f0:dc:d7:dd:a0:4f:
44:41:f2:84:8a:8b:93:c3:97:ff:b2:ee:e7:4e:c0:
19:a3:20:de:b0:f3:39:aa:d1:c1:9b:86:ef:88:69:
5b:7f:1b:d1:f4:0b:6f:3d:a5:99:8e:21:e2:35:cc:
6f:6f:ee:65:c9:43:36:6c:3a:e9:97:c7:40:95:d9:
fc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:21:E2:38:C3:7F:46:15:7A:75:89:36:31:28:1E:AA:05:23:2E:CF
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xiHiOMN_RhV6dYk2MSgeqgUjLs8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:81:f5:b4:17:d9:0d:49:1a:77:7e:0f:ac:e9:e9:c8:00:64:
2a:63:f0:e0:1c:cc:94:f4:d8:d5:91:85:64:37:e7:e6:85:6a:
d4:f8:39:89:d8:67:94:9a:f2:55:c0:66:4d:e6:f6:5e:d1:46:
4e:14:a2:6f:1a:1a:46:df:59:6b:29:89:53:2f:66:5c:df:dc:
ea:8f:5e:9a:90:52:9f:f5:18:2b:a0:e3:14:da:a5:41:36:b8:
04:95:ee:ce:8c:68:16:1c:b4:a5:26:96:9a:29:f7:0a:31:05:
47:7d:9d:4f:51:29:53:9a:6e:6a:17:14:b9:d5:3e:a4:b1:6e:
c4:99:9e:05:92:e0:a0:75:e3:ac:c8:52:70:e5:a2:46:d6:68:
99:3f:92:68:4e:e5:5e:5f:2e:38:9f:93:78:4b:2e:b3:7c:6d:
83:33:91:63:7e:03:10:15:f0:3e:de:d4:27:08:f7:6d:68:1d:
91:1f:26:c5:ce:1d:dc:07:db:11:50:02:7c:a6:95:b7:89:50:
e3:6c:44:a6:46:e3:b1:87:b1:42:1b:15:ad:97:2b:68:09:82:
7f:53:a4:c7:74:26:c0:9c:e7:38:d9:8c:6f:e4:69:15:4e:e4:
c6:b0:95:27:ce:04:e4:f3:a6:46:4a:af:a8:cd:ab:56:50:4a:
92:61:44:2b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcy
MzIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2MjFFMjM4QzM3RjQ2
MTU3QTc1ODkzNjMxMjgxRUFBMDUyMzJFQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHTicahRzrmrWmzwAnoEzmsRM0PCsL3gZbvobiJpprwPoAaC1B
gcB/VAqnqyL1T68s8USEN7SGg8hqWWnoaRNsZVKRHwTT7jm/iHUQoGhX68a5RFLG
9WluJWxeuhDw6vDdgkMV3usINoHi4Nr6+Dk5RzUF5CzLVd7Muk2P8ObTxyv2tRzq
dUv0J7oWM4NpshzbMOH/28kQqs0W/mPmiL8AG9NTPrB3x+wMH9AY5xXKhfl0GDLx
LnJDryd3DvDc192gT0RB8oSKi5PDl/+y7udOwBmjIN6w8zmq0cGbhu+IaVt/G9H0
C289pZmOIeI1zG9v7mXJQzZsOumXx0CV2fxfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxiHiOMN/RhV6dYk2MSgeqgUjLs8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3hpSGlPTU5fUmhWNmRZ
azJNU2dlcWdVakxzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAK4H1tBfZDUkad34PrOnpyABkKmPw4BzM
lPTY1ZGFZDfn5oVq1Pg5idhnlJryVcBmTeb2XtFGThSibxoaRt9ZaymJUy9mXN/c
6o9empBSn/UYK6DjFNqlQTa4BJXuzoxoFhy0pSaWmin3CjEFR32dT1EpU5puahcU
udU+pLFuxJmeBZLgoHXjrMhScOWiRtZomT+SaE7lXl8uOJ+TeEsus3xtgzORY34D
EBXwPt7UJwj3bWgdkR8mxc4d3AfbEVACfKaVt4lQ42xEpkbjsYexQhsVrZcraAmC
f1Okx3QmwJznONmMb+RpFU7kxrCVJ84E5POmRkqvqM2rVlBKkmFEKw==
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:13:29 2024 by rpki-client on console-fra.rpki-client.org