Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/4Pfiy6uLb-JLBCEwiLq9bTnbJPM.roa
File: 4Pfiy6uLb-JLBCEwiLq9bTnbJPM.roa (raw, json)
Hash identifier: eOL7yyJa3ajwizE3a/U9YRta6xfaaQ4xJxKIuEC4kJ4=
Subject key identifier: E0:F7:E2:CB:AB:8B:6F:E2:4B:04:21:30:88:BA:BD:6D:39:DB:24:F3
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 108E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/4Pfiy6uLb-JLBCEwiLq9bTnbJPM.roa
Signing time: Thu 04 Apr 2024 02:52:42 +0000
ROA not before: Thu 04 Apr 2024 02:52:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4238 (0x108e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 02:52:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E0F7E2CBAB8B6FE24B04213088BABD6D39DB24F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:58:8c:79:64:66:02:fe:37:a8:0e:78:d7:ff:
2b:34:b7:5c:96:4b:22:71:7b:7a:a3:f1:0b:4a:33:
cc:8f:d0:f6:d6:ad:1b:22:81:a9:3e:e8:5d:66:22:
6c:86:00:8b:6f:0e:fb:b8:50:0c:75:7e:d7:df:1c:
2b:85:d3:46:54:1a:1e:81:32:f5:ca:21:5e:89:7e:
39:13:b2:b9:85:a0:0b:b6:3e:17:ed:ad:c0:71:b2:
9a:77:7f:17:6c:13:2f:e9:77:6d:7d:86:6a:1e:c9:
7d:82:22:c7:bc:fb:49:dd:92:b1:aa:0f:03:82:b5:
83:43:c7:61:57:5b:8b:71:4d:7b:5b:dd:a0:27:cf:
bf:bf:07:8a:bd:fe:ed:66:64:b7:f4:6f:d1:c5:9c:
5b:37:d0:31:54:42:a5:03:0b:49:5b:0e:bf:62:6c:
7d:01:34:2c:30:6a:f8:43:01:80:50:c3:24:7e:bd:
6e:7a:b7:fc:ca:ba:5b:60:c2:c3:dd:e0:a3:4d:8d:
13:91:d4:df:0c:aa:82:8c:98:77:ae:f1:a5:bf:f2:
66:98:be:55:bb:56:0a:bd:ff:ae:ea:c3:c5:c8:10:
5f:82:c5:46:17:4a:f4:74:2c:98:b7:29:96:1e:a4:
99:39:a5:c8:58:c2:39:5d:1e:b0:75:c4:c9:ad:1c:
a3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F7:E2:CB:AB:8B:6F:E2:4B:04:21:30:88:BA:BD:6D:39:DB:24:F3
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/4Pfiy6uLb-JLBCEwiLq9bTnbJPM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:e1:78:12:f4:de:58:1c:c9:74:6a:61:86:f6:02:11:38:ee:
b7:ab:e9:2f:69:16:88:3e:1f:b7:4c:9b:88:a5:32:85:b3:33:
42:be:35:d7:06:64:00:c1:27:30:e5:61:8d:f5:31:dc:44:9c:
df:08:6c:1c:00:c6:f7:fd:0a:59:6f:86:99:a8:88:ce:5a:6b:
dd:c5:f9:6e:9b:87:39:a7:a4:c8:d7:a8:b0:18:85:33:7e:79:
16:33:2b:23:d6:31:bb:17:dd:50:a6:29:5e:ae:54:ef:89:1d:
2b:a9:8c:da:00:9a:fd:bd:f9:45:36:90:01:b3:42:c7:5d:f5:
a7:35:e5:cc:50:33:d7:4c:45:4b:9a:fb:4a:09:f3:29:d1:de:
3f:91:64:b9:2e:97:d6:08:aa:e5:7e:25:3c:a6:b1:66:0b:35:
bb:dd:93:2d:31:2b:e5:2b:f3:9e:ff:52:44:69:50:3d:fe:88:
bc:b9:df:ae:71:26:88:8f:b0:e5:96:a3:eb:58:40:49:35:8e:
5d:71:9c:af:05:b1:f8:38:be:48:66:f9:72:21:42:5b:0b:d4:
cd:f4:cc:33:99:14:82:65:a3:94:42:8a:f1:f0:f9:b7:b3:77:
ff:62:5b:50:d9:88:ce:43:da:cf:c4:72:e8:a5:14:c7:95:f7:
3f:76:63:ca
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEI4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQw
MjUyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwRjdFMkNCQUI4QjZG
RTI0QjA0MjEzMDg4QkFCRDZEMzlEQjI0RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNWIx5ZGYC/jeoDnjX/ys0t1yWSyJxe3qj8QtKM8yP0PbWrRsi
gak+6F1mImyGAItvDvu4UAx1ftffHCuF00ZUGh6BMvXKIV6JfjkTsrmFoAu2Phft
rcBxspp3fxdsEy/pd219hmoeyX2CIse8+0ndkrGqDwOCtYNDx2FXW4txTXtb3aAn
z7+/B4q9/u1mZLf0b9HFnFs30DFUQqUDC0lbDr9ibH0BNCwwavhDAYBQwyR+vW56
t/zKultgwsPd4KNNjROR1N8MqoKMmHeu8aW/8maYvlW7Vgq9/67qw8XIEF+CxUYX
SvR0LJi3KZYepJk5pchYwjldHrB1xMmtHKNZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4Pfiy6uLb+JLBCEwiLq9bTnbJPMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzRQZml5NnVMYi1KTEJD
RXdpTHE5YlRuYkpQTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAr+F4EvTeWBzJdGphhvYCETjut6vpL2kW
iD4ft0ybiKUyhbMzQr411wZkAMEnMOVhjfUx3ESc3whsHADG9/0KWW+GmaiIzlpr
3cX5bpuHOaekyNeosBiFM355FjMrI9YxuxfdUKYpXq5U74kdK6mM2gCa/b35RTaQ
AbNCx131pzXlzFAz10xFS5r7SgnzKdHeP5FkuS6X1giq5X4lPKaxZgs1u92TLTEr
5Svznv9SRGlQPf6IvLnfrnEmiI+w5Zaj61hASTWOXXGcrwWx+Di+SGb5ciFCWwvU
zfTMM5kUgmWjlEKK8fD5t7N3/2JbUNmIzkPaz8Ry6KUUx5X3P3Zjyg==
-----END CERTIFICATE-----
Generated at Thu Apr 4 04:12:49 2024 by rpki-client on console-fra.rpki-client.org