Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/6Y6QJu8zHrzCmehKl-s_NtmgRn4.roa
File: 6Y6QJu8zHrzCmehKl-s_NtmgRn4.roa (raw, json)
Hash identifier: TUKtYClHphqPMKUuVty0SC0txjUxX5AoxBY/Z60FBhk=
Subject key identifier: E9:8E:90:26:EF:33:1E:BC:C2:99:E8:4A:97:EB:3F:36:D9:A0:46:7E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10B2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/6Y6QJu8zHrzCmehKl-s_NtmgRn4.roa
Signing time: Thu 04 Apr 2024 11:52:44 +0000
ROA not before: Thu 04 Apr 2024 11:52:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4274 (0x10b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 11:52:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E98E9026EF331EBCC299E84A97EB3F36D9A0467E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c7:05:8b:1b:31:f1:88:3f:80:ba:b3:e8:e7:
6b:a3:f2:78:08:84:9d:af:54:a9:3b:84:6c:a6:f8:
a1:58:a9:55:ce:ea:ee:97:49:3d:14:58:48:47:d1:
af:ea:3e:06:76:4f:f5:51:ac:c6:12:d3:cf:b6:2e:
7e:53:73:98:f4:1a:3a:21:3b:10:d9:7f:a2:d2:c9:
76:e6:93:d0:62:f6:19:97:52:ae:fb:6c:92:95:34:
ca:4b:0e:b1:bd:e6:6b:d7:07:45:a4:d9:76:6d:c6:
86:e7:a2:99:28:78:30:7c:34:39:ac:db:18:0c:58:
1b:9d:71:f0:ab:12:32:a5:eb:0a:b2:c7:a8:45:83:
0d:e8:40:7b:17:b1:13:6d:bf:28:1f:a2:bf:51:70:
52:b2:83:7b:df:54:d7:0e:8a:ae:37:a4:35:c2:0d:
ba:bd:c5:aa:5e:4a:51:e3:db:3b:c3:73:3f:6e:9c:
ca:df:b4:7a:31:20:6a:75:ea:8f:72:44:9a:84:70:
df:b9:37:dd:84:02:9a:38:1d:5c:3a:c9:67:2c:c4:
b7:80:b5:e0:b5:25:8e:9b:d1:a0:8a:3d:cb:f4:4e:
8c:87:2b:fe:2e:6b:4a:13:78:53:56:b1:04:5b:a0:
c3:d2:e1:89:bc:da:79:c5:39:36:79:b4:fb:da:d5:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8E:90:26:EF:33:1E:BC:C2:99:E8:4A:97:EB:3F:36:D9:A0:46:7E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/6Y6QJu8zHrzCmehKl-s_NtmgRn4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:51:59:67:e2:cf:e2:c9:82:a8:7a:e8:24:96:15:36:54:f0:
ed:be:17:54:82:3f:eb:3d:74:74:96:7a:c9:a6:79:b9:aa:f0:
c1:a1:ae:f8:45:6b:21:e7:5a:f1:3c:5e:e1:7b:49:ab:19:91:
38:9f:b4:5c:10:dd:ff:6c:86:ed:5b:c9:bf:bc:53:e3:7f:fe:
a2:bf:5d:a1:1e:56:0c:11:59:3f:c8:1c:7a:78:b8:a6:47:9f:
18:8f:69:d0:e0:4a:b3:65:ec:9d:4a:a7:60:f6:c8:6c:f6:7d:
c7:fb:f3:c6:7d:f4:f3:74:23:02:9d:5a:7c:b3:2e:12:4c:9c:
c7:34:34:18:56:66:15:ce:e1:20:26:20:14:70:a1:c0:90:08:
f7:96:51:ff:8a:64:3b:3a:2b:cf:2f:90:77:3a:d3:0b:9d:90:
68:ec:87:6d:d3:17:1c:86:83:79:95:fa:7c:ec:0a:cf:4f:42:
a0:06:55:a9:6a:53:fd:fc:46:c2:fc:2b:ee:0d:d8:79:2c:c3:
c2:b5:bd:82:d8:af:f3:15:a5:9c:6a:ac:63:fa:6d:b9:66:20:
2c:2c:c6:19:50:e0:51:27:e7:f8:8f:17:06:f2:53:48:e2:d3:
98:01:a1:fe:db:d5:ef:0a:c4:c7:4d:8c:b8:70:5c:ad:bf:b3:
40:1c:9e:b9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICELIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQx
MTUyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU5OEU5MDI2RUYzMzFF
QkNDMjk5RTg0QTk3RUIzRjM2RDlBMDQ2N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1xwWLGzHxiD+AurPo52uj8ngIhJ2vVKk7hGym+KFYqVXO6u6X
ST0UWEhH0a/qPgZ2T/VRrMYS08+2Ln5Tc5j0GjohOxDZf6LSyXbmk9Bi9hmXUq77
bJKVNMpLDrG95mvXB0Wk2XZtxobnopkoeDB8NDms2xgMWBudcfCrEjKl6wqyx6hF
gw3oQHsXsRNtvygfor9RcFKyg3vfVNcOiq43pDXCDbq9xapeSlHj2zvDcz9unMrf
tHoxIGp16o9yRJqEcN+5N92EApo4HVw6yWcsxLeAteC1JY6b0aCKPcv0ToyHK/4u
a0oTeFNWsQRboMPS4Ym82nnFOTZ5tPva1WY3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6Y6QJu8zHrzCmehKl+s/NtmgRn4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzZZNlFKdTh6SHJ6Q21l
aEtsLXNfTnRtZ1JuNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAIVFZZ+LP4smCqHroJJYVNlTw7b4XVII/
6z10dJZ6yaZ5uarwwaGu+EVrIeda8Txe4XtJqxmROJ+0XBDd/2yG7VvJv7xT43/+
or9doR5WDBFZP8gceni4pkefGI9p0OBKs2XsnUqnYPbIbPZ9x/vzxn3083QjAp1a
fLMuEkycxzQ0GFZmFc7hICYgFHChwJAI95ZR/4pkOzorzy+QdzrTC52QaOyHbdMX
HIaDeZX6fOwKz09CoAZVqWpT/fxGwvwr7g3YeSzDwrW9gtiv8xWlnGqsY/ptuWYg
LCzGGVDgUSfn+I8XBvJTSOLTmAGh/tvV7wrEx02MuHBcrb+zQByeuQ==
-----END CERTIFICATE-----
Generated at Thu Apr 4 17:26:15 2024 by rpki-client on console-ams.rpki-client.org