Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/hAAlN_7HoJA0XFCxxeJzjbFMdf4.roa
File: hAAlN_7HoJA0XFCxxeJzjbFMdf4.roa (raw, json)
Hash identifier: IuvsA2u5ISh9mrlSR0If3tpPqaQ0KssEyMV1Uua0MGk=
Subject key identifier: 84:00:25:37:FE:C7:A0:90:34:5C:50:B1:C5:E2:73:8D:B1:4C:75:FE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F34
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/hAAlN_7HoJA0XFCxxeJzjbFMdf4.roa
Signing time: Sun 31 Mar 2024 12:23:16 +0000
ROA not before: Sun 31 Mar 2024 12:23:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3892 (0xf34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 12:23:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=84002537FEC7A090345C50B1C5E2738DB14C75FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:89:a4:8a:ec:de:67:64:0d:0a:ce:7a:58:
50:7b:12:c6:73:a0:13:37:f3:c0:12:e9:2c:07:62:
5c:88:b4:67:8a:5a:42:91:3a:56:37:73:f4:74:58:
48:ee:14:74:04:9c:75:8e:bc:3a:c7:af:53:7f:e1:
55:9a:42:32:f7:6c:fe:2a:f2:cd:68:a4:f1:ae:d5:
d2:82:75:f7:92:e2:32:0d:1d:87:66:bd:76:2b:ba:
49:8f:5e:b9:c8:6f:fa:2e:9b:ec:26:b0:4e:4c:1e:
a5:30:4b:a9:21:53:04:78:b5:1c:1e:dc:cd:bb:ce:
1d:1f:90:5a:df:bf:82:28:13:d0:91:05:69:51:32:
7d:9f:fc:f3:c2:c1:20:e5:39:e5:b6:d5:4b:79:33:
c7:80:17:d7:18:f5:b5:61:3e:25:9b:6f:12:c4:c8:
08:29:11:e5:6b:0a:fe:d8:b2:3a:bd:0e:c7:db:8a:
18:b4:28:00:69:79:88:d8:0c:80:33:7f:bd:3d:5e:
6f:9b:b8:f8:27:10:59:62:0e:95:c9:21:06:48:f8:
a6:6e:dc:0b:6f:4d:e5:03:99:b6:fd:b2:98:ea:7e:
41:0b:53:1c:07:c0:c1:1e:30:b7:b3:06:ee:3c:c9:
1e:08:c7:ce:86:2c:19:92:85:c9:f0:b7:55:78:d7:
d6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:00:25:37:FE:C7:A0:90:34:5C:50:B1:C5:E2:73:8D:B1:4C:75:FE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/hAAlN_7HoJA0XFCxxeJzjbFMdf4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:b9:42:04:e1:49:19:3a:19:b1:cd:86:37:a3:c4:e9:cb:f7:
0f:06:be:fe:50:ef:38:42:de:90:29:6f:51:b9:66:19:80:e3:
b8:e4:73:b1:e9:9e:1a:b6:e3:b3:2c:0a:98:87:c0:ed:dc:43:
9c:35:4b:b7:10:77:e3:13:0c:7e:c3:06:43:33:82:d5:25:af:
db:c4:7d:40:57:b4:09:17:9d:be:af:c3:3e:01:32:43:28:a6:
69:43:58:27:64:23:3b:e5:54:cf:69:33:02:7d:83:82:7f:f6:
8e:f3:bb:4b:bc:be:a6:e4:7f:24:28:fc:1a:f7:15:cd:12:70:
9b:16:92:6e:27:f6:70:d4:c3:23:3b:ab:16:58:63:17:80:35:
76:31:8f:4e:bc:0d:42:33:51:3f:37:49:c8:63:c6:73:57:dd:
6e:5d:c9:b7:5f:da:7a:97:4b:ae:87:ff:9f:5d:b5:2f:a2:7f:
74:78:a8:57:72:c9:09:7a:e2:60:e2:73:2a:60:71:7c:6f:c1:
97:1f:17:12:fe:51:4f:9d:a3:66:d0:90:08:89:d5:98:4e:15:
12:61:84:fb:c6:9d:0c:f1:2b:96:06:00:d9:7f:3f:44:1b:67:
97:0c:b0:85:90:8b:47:03:54:85:0e:16:7f:fc:c7:e2:af:c8:
27:1d:fd:4c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDzQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEx
MjIzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0MDAyNTM3RkVDN0Ew
OTAzNDVDNTBCMUM1RTI3MzhEQjE0Qzc1RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7sImkiuzeZ2QNCs56WFB7EsZzoBM388AS6SwHYlyItGeKWkKR
OlY3c/R0WEjuFHQEnHWOvDrHr1N/4VWaQjL3bP4q8s1opPGu1dKCdfeS4jINHYdm
vXYrukmPXrnIb/oum+wmsE5MHqUwS6khUwR4tRwe3M27zh0fkFrfv4IoE9CRBWlR
Mn2f/PPCwSDlOeW21Ut5M8eAF9cY9bVhPiWbbxLEyAgpEeVrCv7Ysjq9Dsfbihi0
KABpeYjYDIAzf709Xm+buPgnEFliDpXJIQZI+KZu3AtvTeUDmbb9spjqfkELUxwH
wMEeMLezBu48yR4Ix86GLBmShcnwt1V419bRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhAAlN/7HoJA0XFCxxeJzjbFMdf4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2hBQWxOXzdIb0pBMFhG
Q3h4ZUp6amJGTWRmNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKrlCBOFJGToZsc2GN6PE6cv3Dwa+/lDv
OELekClvUblmGYDjuORzsemeGrbjsywKmIfA7dxDnDVLtxB34xMMfsMGQzOC1SWv
28R9QFe0CRedvq/DPgEyQyimaUNYJ2QjO+VUz2kzAn2Dgn/2jvO7S7y+puR/JCj8
GvcVzRJwmxaSbif2cNTDIzurFlhjF4A1djGPTrwNQjNRPzdJyGPGc1fdbl3Jt1/a
epdLrof/n121L6J/dHioV3LJCXriYOJzKmBxfG/Blx8XEv5RT52jZtCQCInVmE4V
EmGE+8adDPErlgYA2X8/RBtnlwywhZCLRwNUhQ4Wf/zH4q/IJx39TA==
-----END CERTIFICATE-----
Generated at Sun Mar 31 16:50:14 2024 by rpki-client on console.sobornost.net