Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2j_hmb8ZsCDozuFKDAeS4k0lis4.roa
File: 2j_hmb8ZsCDozuFKDAeS4k0lis4.roa (raw, json)
Hash identifier: tq2BAh1ZBtUjzpp0r9sDryTRZTp7hgtJXT/ohVq/Lvk=
Subject key identifier: DA:3F:E1:99:BF:19:B0:20:E8:CE:E1:4A:0C:07:92:E2:4D:25:8A:CE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1698
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2j_hmb8ZsCDozuFKDAeS4k0lis4.roa
Signing time: Sat 20 Apr 2024 05:23:30 +0000
ROA not before: Sat 20 Apr 2024 05:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5784 (0x1698)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 05:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DA3FE199BF19B020E8CEE14A0C0792E24D258ACE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:52:10:75:8a:95:39:8d:8a:2f:4b:14:a9:4e:
41:e0:f7:a3:12:10:2e:b6:ee:d2:ba:02:fa:cd:2b:
3d:f6:f1:53:1d:03:0f:c9:ee:f6:71:69:a7:b2:f2:
48:82:26:ee:f2:9f:6d:93:90:72:f5:a0:7f:f6:e9:
01:57:3f:7c:73:ee:d4:1c:11:bc:7c:b3:77:86:e2:
23:43:e3:fe:74:74:4e:c9:ea:95:39:4b:92:0d:de:
da:f1:ca:db:f9:e0:12:57:46:31:28:81:a9:b6:d9:
57:fc:7c:78:85:1f:ce:d4:60:56:f4:1d:a2:7e:7e:
4c:32:9f:ec:f0:71:a5:58:7c:2c:56:12:36:13:9d:
f8:ca:db:3d:43:43:00:81:ae:f7:aa:fe:9a:c7:bd:
af:17:d2:2b:14:a0:80:fc:09:54:2c:79:27:d2:7f:
48:57:b6:e5:8a:62:b5:07:16:c0:30:2b:03:7f:47:
db:26:ad:67:5f:8c:b0:d8:91:be:09:b8:92:23:99:
53:5d:28:8d:c4:50:e1:d2:92:24:e8:ec:56:93:cf:
a7:48:49:dc:35:5a:1b:60:ad:cb:c7:52:26:6f:81:
bd:f6:b1:ba:dc:15:fb:80:ab:0c:a0:d1:18:c4:75:
e5:82:0c:f2:a8:59:47:4f:ba:3e:04:36:5c:32:ae:
96:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3F:E1:99:BF:19:B0:20:E8:CE:E1:4A:0C:07:92:E2:4D:25:8A:CE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2j_hmb8ZsCDozuFKDAeS4k0lis4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:69:ad:4a:56:c0:28:5e:54:17:45:ab:d0:dd:87:3e:f3:84:
84:7f:af:65:89:46:2c:22:1f:df:c7:5e:6e:7a:f8:62:5c:6d:
75:c4:48:30:63:c3:98:bc:43:f9:24:46:a1:0f:4d:c3:99:f9:
ca:57:b6:4a:ce:a1:cc:af:90:d1:5d:b3:44:b0:d4:40:08:bf:
86:ec:76:66:46:ae:41:6f:40:b8:2b:d6:a3:51:bb:e3:de:6e:
f7:a2:06:4d:94:a6:40:3e:14:1f:1f:71:5b:0b:2e:c5:03:a3:
8e:22:f5:4c:33:ff:ed:11:e5:40:0e:68:73:2b:78:8d:4d:f3:
11:3f:a2:25:29:b2:87:38:4b:07:0b:7b:35:62:66:cb:b7:58:
7b:c6:75:1b:1e:3e:2f:fb:41:ff:64:5c:d6:1f:07:b2:fb:08:
0a:35:c3:75:7d:16:25:73:44:a2:53:76:ec:52:86:00:df:d0:
a1:f8:c3:be:48:f4:a6:5e:88:76:aa:91:9e:9f:11:88:8b:b0:
ce:59:0a:1a:a2:75:77:7a:c2:04:a9:0a:28:9b:9d:d7:50:2c:
53:a2:ce:b8:49:92:9c:c5:f5:3b:5c:16:ff:48:cf:99:1d:49:
3c:3a:a1:78:2d:59:cc:3f:58:bf:70:9f:95:c3:b0:8d:7b:a8:
2a:d3:dd:8a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAw
NTIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBM0ZFMTk5QkYxOUIw
MjBFOENFRTE0QTBDMDc5MkUyNEQyNThBQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlUhB1ipU5jYovSxSpTkHg96MSEC627tK6AvrNKz328VMdAw/J
7vZxaaey8kiCJu7yn22TkHL1oH/26QFXP3xz7tQcEbx8s3eG4iND4/50dE7J6pU5
S5IN3trxytv54BJXRjEogam22Vf8fHiFH87UYFb0HaJ+fkwyn+zwcaVYfCxWEjYT
nfjK2z1DQwCBrveq/prHva8X0isUoID8CVQseSfSf0hXtuWKYrUHFsAwKwN/R9sm
rWdfjLDYkb4JuJIjmVNdKI3EUOHSkiTo7FaTz6dISdw1WhtgrcvHUiZvgb32sbrc
FfuAqwyg0RjEdeWCDPKoWUdPuj4ENlwyrpabAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2j/hmb8ZsCDozuFKDAeS4k0lis4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJqX2htYjhac0NEb3p1
RktEQWVTNGswbGlzNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAO2mtSlbAKF5UF0Wr0N2HPvOEhH+vZYlG
LCIf38debnr4YlxtdcRIMGPDmLxD+SRGoQ9Nw5n5yle2Ss6hzK+Q0V2zRLDUQAi/
hux2ZkauQW9AuCvWo1G7495u96IGTZSmQD4UHx9xWwsuxQOjjiL1TDP/7RHlQA5o
cyt4jU3zET+iJSmyhzhLBwt7NWJmy7dYe8Z1Gx4+L/tB/2Rc1h8HsvsICjXDdX0W
JXNEolN27FKGAN/QofjDvkj0pl6IdqqRnp8RiIuwzlkKGqJ1d3rCBKkKKJud11As
U6LOuEmSnMX1O1wW/0jPmR1JPDqheC1ZzD9Yv3CflcOwjXuoKtPdig==
Generated at Sat Apr 20 06:17:56 2024 by rpki-client on console-fra.rpki-client.org