Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/xrMNvTUwB0fmzZiAEd9_XlpHhFI.roa
File: xrMNvTUwB0fmzZiAEd9_XlpHhFI.roa (raw, json)
Hash identifier: 2mhFMHwTXtZuf9e/M7eW8KkpCzvrQED82oKZYKHbK9w=
Subject key identifier: C6:B3:0D:BD:35:30:07:47:E6:CD:98:80:11:DF:7F:5E:5A:47:84:52
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1DA8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xrMNvTUwB0fmzZiAEd9_XlpHhFI.roa
Signing time: Thu 09 May 2024 01:24:22 +0000
ROA not before: Thu 09 May 2024 01:24:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7592 (0x1da8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 9 01:24:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C6B30DBD35300747E6CD988011DF7F5E5A478452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4c:c0:bb:44:30:03:ee:e3:b6:14:82:78:86:
b1:38:27:67:7b:a8:67:e5:45:33:68:ea:d5:c1:db:
0b:f2:c6:3d:e8:5c:9b:35:eb:c1:f8:11:98:16:9a:
3c:bb:22:94:e5:68:ec:9e:82:9f:77:77:87:f2:f8:
9f:9d:eb:f4:47:ce:fd:c6:10:96:24:4c:0a:f3:97:
07:ca:38:6a:b1:39:ab:3e:62:1f:6f:b9:41:bd:9e:
ac:03:74:a3:14:bd:9b:ce:aa:76:8f:b2:8a:02:34:
ea:ec:0c:23:d4:fa:3d:5c:76:68:28:b2:fd:36:66:
ec:56:a2:b0:db:a9:44:dd:50:db:6e:bc:84:1c:2d:
fa:3d:9c:43:5c:c5:da:6e:0d:2e:f0:b8:da:3f:49:
4f:7c:c0:33:e5:7d:14:f1:4d:ce:2a:1b:a8:b7:6b:
ec:4a:7e:55:e8:57:8f:31:28:15:c5:75:56:1e:b1:
ce:91:bd:44:90:05:40:81:e1:9a:61:89:70:8d:27:
a4:9b:8a:30:71:45:c7:76:16:f0:32:bf:3c:92:5f:
8e:82:44:b2:db:4e:83:fb:b9:b1:66:bc:77:a4:74:
88:cb:f1:cf:cc:07:df:f2:c7:fe:ed:b4:4b:07:56:
45:79:70:95:69:14:ca:86:8a:51:2b:ed:fb:30:13:
f6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B3:0D:BD:35:30:07:47:E6:CD:98:80:11:DF:7F:5E:5A:47:84:52
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xrMNvTUwB0fmzZiAEd9_XlpHhFI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:1b:e7:80:f4:2d:9f:76:25:0e:88:b5:d0:99:d3:7f:70:06:
db:2b:15:5d:8e:77:bb:51:02:9d:f8:e5:47:43:ed:bc:f3:d0:
c7:7c:82:4c:78:cb:97:f9:85:20:60:29:56:20:67:3e:52:c9:
74:46:c2:40:e9:bf:c4:63:ea:ae:f0:7c:e9:f4:3d:a4:44:ed:
f0:fe:7a:ce:1f:9a:16:57:db:df:5b:6f:f0:c3:e2:d6:d6:56:
6f:a1:28:27:c3:d3:94:e0:26:6e:f3:b6:34:79:01:92:d6:4d:
23:5a:82:b2:db:ef:70:dd:c5:63:3d:6b:82:62:c2:79:3d:ce:
fb:4a:8c:19:09:83:ab:2d:7c:60:5e:81:85:65:4c:64:7e:b3:
00:23:48:b8:f2:11:4e:81:ee:9d:ca:69:7f:4f:52:fe:82:68:
e6:e2:c2:94:5c:74:b0:88:dc:aa:5c:34:90:8d:bb:af:75:f1:
d6:9b:21:5e:70:b5:c0:d5:3a:18:65:c2:bd:a4:de:10:f5:41:
d3:f1:ba:43:13:51:68:43:52:c7:38:44:02:5b:5c:28:68:47:
96:ce:df:04:ef:95:cb:92:f9:e6:7c:ab:9b:7f:82:2a:17:ad:
8e:9a:29:43:f8:bc:0c:93:e2:3a:82:f7:7b:15:9a:7b:16:b1:
ce:4f:46:28
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDkw
MTI0MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2QjMwREJEMzUzMDA3
NDdFNkNEOTg4MDExREY3RjVFNUE0Nzg0NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+TMC7RDAD7uO2FIJ4hrE4J2d7qGflRTNo6tXB2wvyxj3oXJs1
68H4EZgWmjy7IpTlaOyegp93d4fy+J+d6/RHzv3GEJYkTArzlwfKOGqxOas+Yh9v
uUG9nqwDdKMUvZvOqnaPsooCNOrsDCPU+j1cdmgosv02ZuxWorDbqUTdUNtuvIQc
Lfo9nENcxdpuDS7wuNo/SU98wDPlfRTxTc4qG6i3a+xKflXoV48xKBXFdVYesc6R
vUSQBUCB4ZphiXCNJ6SbijBxRcd2FvAyvzySX46CRLLbToP7ubFmvHekdIjL8c/M
B9/yx/7ttEsHVkV5cJVpFMqGilEr7fswE/ZTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxrMNvTUwB0fmzZiAEd9/XlpHhFIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3hyTU52VFV3QjBmbXpa
aUFFZDlfWGxwSGhGSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAuhvngPQtn3YlDoi10JnTf3AG2ysVXY53
u1ECnfjlR0PtvPPQx3yCTHjLl/mFIGApViBnPlLJdEbCQOm/xGPqrvB86fQ9pETt
8P56zh+aFlfb31tv8MPi1tZWb6EoJ8PTlOAmbvO2NHkBktZNI1qCstvvcN3FYz1r
gmLCeT3O+0qMGQmDqy18YF6BhWVMZH6zACNIuPIRToHuncppf09S/oJo5uLClFx0
sIjcqlw0kI27r3Xx1pshXnC1wNU6GGXCvaTeEPVB0/G6QxNRaENSxzhEAltcKGhH
ls7fBO+Vy5L55nyrm3+CKhetjpopQ/i8DJPiOoL3exWaexaxzk9GKA==
-----END CERTIFICATE-----
Generated at Thu May 9 03:44:54 2024 by rpki-client on console-ams.rpki-client.org