Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/exJztpCSixg2tnQX7le1T4EV8Nw.roa
File: exJztpCSixg2tnQX7le1T4EV8Nw.roa (raw, json)
Hash identifier: VvCHNoFHhSTBu86yPWl1tGTL3WFsDSPR8ns+p/cphmg=
Subject key identifier: 7B:12:73:B6:90:92:8B:18:36:B6:74:17:EE:57:B5:4F:81:15:F0:DC
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1AE6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/exJztpCSixg2tnQX7le1T4EV8Nw.roa
Signing time: Wed 01 May 2024 16:54:17 +0000
ROA not before: Wed 01 May 2024 16:54:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6886 (0x1ae6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 16:54:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7B1273B690928B1836B67417EE57B54F8115F0DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:db:11:99:f9:ea:60:16:32:ac:77:98:18:02:
aa:97:c7:44:a1:9c:f2:b6:eb:c2:f2:fd:37:15:4e:
66:08:62:02:20:ff:8f:73:e3:71:15:64:03:7f:2b:
55:a3:b6:7d:5c:23:71:9c:1d:2c:05:ef:86:19:87:
88:ae:5c:b5:06:fa:a6:9b:78:a9:27:b8:7a:d6:9d:
51:74:5f:a3:ec:2c:b3:be:ac:b2:77:68:65:21:25:
dd:72:5c:2d:eb:02:3e:0e:21:9c:93:9d:8c:e0:73:
58:d4:42:96:43:4e:11:36:21:fa:5c:56:99:ec:ce:
12:87:5d:ac:c3:72:a6:40:8b:81:56:72:ab:54:bc:
9c:1c:09:99:fb:95:33:4a:83:b5:7f:83:60:4c:ae:
a0:74:5c:3e:83:f9:5b:dc:49:83:5b:2f:5f:2b:d1:
04:ad:d1:70:8a:eb:f1:91:1f:44:8b:94:eb:1f:f2:
97:a6:d1:99:e7:65:e5:16:1f:c9:de:7c:00:df:35:
14:ab:aa:61:c5:0a:5c:60:4a:25:8e:eb:9b:df:7b:
c0:03:02:8e:95:47:1c:64:66:b5:99:91:e4:85:c2:
4a:7d:d8:f9:e2:02:16:24:ce:ac:be:a9:44:19:e0:
20:99:cc:17:9f:68:99:a1:19:97:9e:94:f9:83:e5:
c6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:12:73:B6:90:92:8B:18:36:B6:74:17:EE:57:B5:4F:81:15:F0:DC
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/exJztpCSixg2tnQX7le1T4EV8Nw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:41:ad:94:41:30:f4:a3:a5:4b:2e:0d:9f:ac:42:f3:d8:bc:
c5:a2:e1:b1:9c:e2:58:ed:9d:00:fb:f9:69:64:28:ad:7e:90:
74:55:84:d2:28:9c:a6:69:16:5d:5e:5f:f5:28:51:c2:ce:c5:
fa:6c:cd:a0:20:f8:dc:a4:a4:1b:33:77:70:7d:04:20:98:35:
7d:58:3b:86:09:6d:7e:40:d7:fd:a1:72:70:f8:35:1a:e5:75:
9a:3b:92:fe:52:5e:58:84:76:85:b3:42:d2:f0:cd:2a:c9:eb:
f1:51:f8:b7:60:f9:1c:a5:af:af:eb:24:b1:26:22:1c:5b:08:
25:d6:8e:1c:79:78:8e:d5:5b:3b:eb:fb:8f:ab:62:73:2a:94:
31:39:5b:b8:d5:21:59:f6:16:27:2f:40:eb:2c:6f:59:85:e4:
cf:3a:c7:9b:82:bd:60:5c:4e:32:53:7a:87:ff:73:b0:7b:42:
37:33:01:87:82:e1:00:a5:9c:26:d6:0b:a4:12:45:9d:e8:6a:
d3:f6:dc:e8:42:54:15:9d:3f:96:d9:d1:8c:5b:b1:4d:92:13:
46:77:ab:a9:65:0c:d6:cb:da:a0:9b:d5:0d:cb:1c:9c:d8:91:
6d:bb:2c:14:05:b5:25:67:54:0d:e3:4f:08:fc:8a:62:d4:79:
cb:af:50:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGuYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEx
NjU0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdCMTI3M0I2OTA5MjhC
MTgzNkI2NzQxN0VFNTdCNTRGODExNUYwREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU2xGZ+epgFjKsd5gYAqqXx0ShnPK268Ly/TcVTmYIYgIg/49z
43EVZAN/K1Wjtn1cI3GcHSwF74YZh4iuXLUG+qabeKknuHrWnVF0X6PsLLO+rLJ3
aGUhJd1yXC3rAj4OIZyTnYzgc1jUQpZDThE2IfpcVpnszhKHXazDcqZAi4FWcqtU
vJwcCZn7lTNKg7V/g2BMrqB0XD6D+VvcSYNbL18r0QSt0XCK6/GRH0SLlOsf8pem
0ZnnZeUWH8nefADfNRSrqmHFClxgSiWO65vfe8ADAo6VRxxkZrWZkeSFwkp92Pni
AhYkzqy+qUQZ4CCZzBefaJmhGZeelPmD5cZDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUexJztpCSixg2tnQX7le1T4EV8NwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2V4Snp0cENTaXhnMnRu
UVg3bGUxVDRFVjhOdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEALEGtlEEw9KOlSy4Nn6xC89i8xaLhsZzi
WO2dAPv5aWQorX6QdFWE0iicpmkWXV5f9ShRws7F+mzNoCD43KSkGzN3cH0EIJg1
fVg7hgltfkDX/aFycPg1GuV1mjuS/lJeWIR2hbNC0vDNKsnr8VH4t2D5HKWvr+sk
sSYiHFsIJdaOHHl4jtVbO+v7j6ticyqUMTlbuNUhWfYWJy9A6yxvWYXkzzrHm4K9
YFxOMlN6h/9zsHtCNzMBh4LhAKWcJtYLpBJFnehq0/bc6EJUFZ0/ltnRjFuxTZIT
RnerqWUM1svaoJvVDcscnNiRbbssFAW1JWdUDeNPCPyKYtR5y69Qxg==
-----END CERTIFICATE-----
Generated at Thu May 2 00:08:41 2024 by rpki-client on console.sobornost.net