Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2jBNGuraUB_WP0kh8JFfrb141Uc.roa
File: 2jBNGuraUB_WP0kh8JFfrb141Uc.roa (raw, json)
Hash identifier: GfTFc2hRFAu7OmJU3JcUUDlFn7pT5wy1RW0mDktYVRo=
Subject key identifier: DA:30:4D:1A:EA:DA:50:1F:D6:3F:49:21:F0:91:5F:AD:BD:78:D5:47
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1464
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2jBNGuraUB_WP0kh8JFfrb141Uc.roa
Signing time: Sun 14 Apr 2024 08:23:16 +0000
ROA not before: Sun 14 Apr 2024 08:23:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5220 (0x1464)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 08:23:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA304D1AEADA501FD63F4921F0915FADBD78D547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:01:42:70:b5:5b:4e:75:cf:88:08:14:3e:0d:
fd:15:f8:2b:14:56:a5:5a:9a:d1:c6:02:e4:bb:c0:
cd:36:78:a0:ad:74:c9:d5:37:b7:dc:b2:20:c6:77:
5d:58:f6:f4:55:de:85:bf:21:61:a9:09:f6:24:bb:
b5:66:7c:b4:ea:16:94:18:a0:8b:b9:fe:a5:32:99:
62:eb:eb:1d:3e:59:c7:74:94:d7:8b:42:5b:9e:15:
e3:f8:87:cb:1c:84:46:fe:8f:82:db:8e:17:3c:46:
e9:5f:34:9f:da:f2:ec:67:f1:b1:5a:01:47:be:77:
f5:fc:49:22:05:c9:c4:47:fb:0f:fd:a7:89:f2:33:
5d:6b:bc:06:57:f3:04:f0:ff:d7:e1:9c:58:71:e7:
40:5d:ee:2c:fe:b8:80:81:f6:86:dd:75:90:29:a9:
c5:2e:b2:17:7f:13:62:23:aa:b6:5f:38:bf:f0:0e:
b2:4f:8a:4a:5a:60:c2:52:ed:34:ac:39:b7:0b:bc:
80:f9:61:fc:cb:3d:cb:0a:55:23:12:a8:aa:f0:44:
0c:b7:22:4b:0e:5f:bb:9a:1d:f6:b1:86:7d:8c:d3:
6a:a5:d4:08:13:15:43:44:73:31:90:86:30:38:ff:
fa:7a:8c:53:af:f3:62:d9:58:fc:40:be:c7:53:7a:
6a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:30:4D:1A:EA:DA:50:1F:D6:3F:49:21:F0:91:5F:AD:BD:78:D5:47
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2jBNGuraUB_WP0kh8JFfrb141Uc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:a7:57:d1:d0:72:d7:0a:fc:fe:66:be:42:32:90:0d:28:c1:
26:41:93:cb:6a:6d:fe:3c:e8:cf:34:8d:63:c9:f0:f4:fc:45:
7a:0b:c7:4d:c1:8a:18:2d:60:7e:2c:ec:69:09:8e:c2:f9:0b:
2b:54:25:f3:9c:ca:b8:63:e4:06:8b:d6:82:90:b9:22:45:20:
93:3f:b3:e2:66:00:78:53:88:50:21:c7:e2:97:cb:d4:2a:c1:
14:39:9a:0f:b9:77:2a:1a:f0:44:57:ce:16:df:b2:09:a5:3d:
06:db:35:ea:d1:b9:38:a6:b6:64:e4:9d:64:22:93:7a:9f:db:
d5:5f:5b:e2:a0:09:25:a4:9e:da:54:98:67:4c:f7:0f:b9:b2:
61:02:d7:cb:04:73:f4:bd:00:53:1f:80:aa:f0:34:60:14:13:
b0:47:40:90:9f:47:3b:5f:6f:8a:2c:97:ad:2c:0d:24:93:d8:
e8:d8:16:55:6e:9b:c5:8e:e5:71:0c:c8:b0:e1:22:37:ab:8d:
c4:e0:6b:82:81:3e:b8:27:8e:df:e0:e2:a5:85:92:5d:cf:54:
ea:21:e4:a2:4c:78:4f:8c:d6:cf:52:6b:0b:88:31:62:d8:d4:
9c:61:15:c1:7c:c0:82:c3:33:64:e0:42:ef:65:0b:c3:c7:ca:
a5:51:13:54
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQw
ODIzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBMzA0RDFBRUFEQTUw
MUZENjNGNDkyMUYwOTE1RkFEQkQ3OEQ1NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqAUJwtVtOdc+ICBQ+Df0V+CsUVqVamtHGAuS7wM02eKCtdMnV
N7fcsiDGd11Y9vRV3oW/IWGpCfYku7VmfLTqFpQYoIu5/qUymWLr6x0+Wcd0lNeL
QlueFeP4h8schEb+j4Lbjhc8RulfNJ/a8uxn8bFaAUe+d/X8SSIFycRH+w/9p4ny
M11rvAZX8wTw/9fhnFhx50Bd7iz+uICB9obddZApqcUushd/E2IjqrZfOL/wDrJP
ikpaYMJS7TSsObcLvID5YfzLPcsKVSMSqKrwRAy3IksOX7uaHfaxhn2M02ql1AgT
FUNEczGQhjA4//p6jFOv82LZWPxAvsdTemq1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2jBNGuraUB/WP0kh8JFfrb141UcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJqQk5HdXJhVUJfV1Aw
a2g4SkZmcmIxNDFVYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAOKdX0dBy1wr8/ma+QjKQDSjBJkGTy2pt
/jzozzSNY8nw9PxFegvHTcGKGC1gfizsaQmOwvkLK1Ql85zKuGPkBovWgpC5IkUg
kz+z4mYAeFOIUCHH4pfL1CrBFDmaD7l3KhrwRFfOFt+yCaU9Bts16tG5OKa2ZOSd
ZCKTep/b1V9b4qAJJaSe2lSYZ0z3D7myYQLXywRz9L0AUx+AqvA0YBQTsEdAkJ9H
O19viiyXrSwNJJPY6NgWVW6bxY7lcQzIsOEiN6uNxOBrgoE+uCeO3+DipYWSXc9U
6iHkokx4T4zWz1JrC4gxYtjUnGEVwXzAgsMzZOBC72ULw8fKpVETVA==
-----END CERTIFICATE-----
Generated at Sun Apr 14 13:40:22 2024 by rpki-client on console-fra.rpki-client.org