Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/3rjBU6YuoAf2ZXdrbWu6w1uAcFE.roa
File: 3rjBU6YuoAf2ZXdrbWu6w1uAcFE.roa (raw, json)
Hash identifier: XFCUi03FoTwICPdy73KyJe9t98LVgq6p3gkenp+37Ek=
Subject key identifier: DE:B8:C1:53:A6:2E:A0:07:F6:65:77:6B:6D:6B:BA:C3:5B:80:70:51
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 131A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/3rjBU6YuoAf2ZXdrbWu6w1uAcFE.roa
Signing time: Wed 10 Apr 2024 21:53:11 +0000
ROA not before: Wed 10 Apr 2024 21:53:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4890 (0x131a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 21:53:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DEB8C153A62EA007F665776B6D6BBAC35B807051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a3:a9:b3:d9:7e:3d:d0:53:b7:b6:a7:98:d6:
bc:5a:56:f0:e5:09:ea:4f:d3:fc:1d:2c:e3:fd:ef:
f1:a6:c0:26:cf:e3:a4:5a:3f:40:20:51:d1:28:90:
af:df:45:5e:e0:c6:4a:b8:78:63:91:fd:24:fb:f5:
04:2c:4e:b0:b2:46:cc:29:5a:32:37:9f:ef:7d:e0:
14:17:63:ce:bb:ba:e2:7a:18:d1:42:c5:68:4e:11:
53:14:08:be:fe:98:e5:ac:7a:9a:2c:cb:ae:cf:a7:
b7:46:a5:98:c2:f4:5a:f7:9e:88:92:bf:ee:85:05:
0c:cf:42:6c:d0:1c:da:2f:80:df:0b:ed:14:94:60:
29:c5:f4:2c:a0:a5:15:3d:62:82:e9:a1:91:18:c7:
06:3d:df:a7:bb:e6:e5:07:ef:bb:14:9d:36:4b:59:
1d:0c:b6:b4:30:6f:ee:43:46:b8:20:25:6e:bf:ce:
cd:a6:ca:94:73:72:cc:8b:2e:82:34:96:59:da:8e:
65:74:ab:b8:f3:17:57:6f:2d:e0:1d:94:bf:0e:78:
9f:ee:33:a8:a0:ca:6c:57:a7:63:e7:c9:4f:59:72:
de:cf:9b:2e:45:12:ee:47:19:66:5f:2a:f8:45:52:
72:68:99:a5:27:1d:fe:92:f0:8a:c1:3e:3e:79:22:
fe:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B8:C1:53:A6:2E:A0:07:F6:65:77:6B:6D:6B:BA:C3:5B:80:70:51
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/3rjBU6YuoAf2ZXdrbWu6w1uAcFE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
db:d7:8a:ce:25:cd:b7:af:35:a8:d5:8e:db:68:ab:56:10:d6:
de:df:86:b9:5d:55:b0:03:83:94:fb:39:60:a6:a4:9a:72:91:
48:34:2e:ad:5a:cf:4d:be:78:0b:d6:8d:a8:37:80:79:8d:2e:
9d:75:fd:bd:4d:b5:c6:fc:6b:6f:bc:92:da:db:93:f5:e1:22:
cd:14:83:6a:3d:2f:bf:9c:3f:b6:e0:75:70:7e:eb:0e:ee:63:
31:79:df:6a:ac:69:16:b8:84:1e:a0:5e:c2:25:8a:cb:d9:b2:
2e:7d:1d:eb:82:b3:3c:b9:8e:ae:8c:f5:45:df:d8:1e:ec:ef:
f3:32:9a:4b:c6:98:7d:4a:53:04:9d:dd:02:94:e3:e1:5f:d2:
fe:93:f1:45:77:14:86:37:24:ff:9c:19:bc:7a:a3:8a:d4:6f:
b8:8b:8e:99:4a:03:7c:87:b5:53:e4:6b:50:48:d7:0e:b9:9c:
8e:00:e1:84:b8:30:ab:79:c0:45:c9:46:b9:f2:92:a2:76:a8:
66:0c:8b:25:6b:38:89:84:bf:f8:1f:92:47:98:d1:bc:94:2e:
00:ac:7a:37:0d:ae:60:ad:f9:61:7c:ed:70:0e:68:88:a2:63:
18:8e:a5:77:77:a3:33:a7:f1:cf:11:80:df:24:59:ff:37:ff:
14:03:95:08
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICExowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAy
MTUzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFQjhDMTUzQTYyRUEw
MDdGNjY1Nzc2QjZENkJCQUMzNUI4MDcwNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOo6mz2X490FO3tqeY1rxaVvDlCepP0/wdLOP97/GmwCbP46Ra
P0AgUdEokK/fRV7gxkq4eGOR/ST79QQsTrCyRswpWjI3n+994BQXY867uuJ6GNFC
xWhOEVMUCL7+mOWseposy67Pp7dGpZjC9Fr3noiSv+6FBQzPQmzQHNovgN8L7RSU
YCnF9CygpRU9YoLpoZEYxwY936e75uUH77sUnTZLWR0MtrQwb+5DRrggJW6/zs2m
ypRzcsyLLoI0llnajmV0q7jzF1dvLeAdlL8OeJ/uM6igymxXp2PnyU9Zct7Pmy5F
Eu5HGWZfKvhFUnJomaUnHf6S8IrBPj55Iv6TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3rjBU6YuoAf2ZXdrbWu6w1uAcFEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzNyakJVNll1b0FmMlpY
ZHJiV3U2dzF1QWNGRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA29eKziXNt681qNWO22irVhDW3t+GuV1V
sAODlPs5YKakmnKRSDQurVrPTb54C9aNqDeAeY0unXX9vU21xvxrb7yS2tuT9eEi
zRSDaj0vv5w/tuB1cH7rDu5jMXnfaqxpFriEHqBewiWKy9myLn0d64KzPLmOroz1
Rd/YHuzv8zKaS8aYfUpTBJ3dApTj4V/S/pPxRXcUhjck/5wZvHqjitRvuIuOmUoD
fIe1U+RrUEjXDrmcjgDhhLgwq3nARclGufKSonaoZgyLJWs4iYS/+B+SR5jRvJQu
AKx6Nw2uYK35YXztcA5oiKJjGI6ld3ejM6fxzxGA3yRZ/zf/FAOVCA==
-----END CERTIFICATE-----
Generated at Wed Apr 10 23:36:29 2024 by rpki-client on console-fra.rpki-client.org