Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/8AMpJTGykliXf8Sz3cIUdr_ROMU.roa
File: 8AMpJTGykliXf8Sz3cIUdr_ROMU.roa (raw, json)
Hash identifier: 8XFv3msDjlPZiJ1AQzZqCp6f71zeagZNdpxps1EoiSI=
Subject key identifier: F0:03:29:25:31:B2:92:58:97:7F:C4:B3:DD:C2:14:76:BF:D1:38:C5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1350
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/8AMpJTGykliXf8Sz3cIUdr_ROMU.roa
Signing time: Thu 11 Apr 2024 11:23:12 +0000
ROA not before: Thu 11 Apr 2024 11:23:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4944 (0x1350)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 11 11:23:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F003292531B29258977FC4B3DDC21476BFD138C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:31:c9:4a:e0:3a:0a:ef:e6:c7:3d:a0:b2:
94:91:e4:e4:4d:58:2a:24:3c:b5:14:f7:ac:81:f3:
ec:72:9d:6b:ae:92:ba:cb:10:73:8d:ce:a0:3f:af:
07:e5:29:45:88:cf:9d:ae:c3:aa:18:78:b7:3a:02:
2c:29:88:20:77:a3:3f:83:4f:2f:00:a7:ad:c7:df:
cc:35:09:b4:73:f5:af:7a:87:61:a7:37:8d:91:1c:
2d:02:60:ba:ec:d8:64:0a:80:5b:c2:a8:a8:ee:2d:
4b:10:0c:57:97:7f:11:e0:fa:9d:de:b3:80:37:bb:
11:4c:0f:04:30:75:f2:c5:78:5c:c6:84:b5:aa:4b:
33:8a:d7:0c:e9:e0:ac:95:a3:5f:ab:b1:be:52:c5:
af:cd:42:75:da:ff:bc:05:36:07:95:21:51:10:da:
e5:22:95:fb:69:50:50:95:a7:5c:90:33:f2:2b:c9:
77:f3:54:49:b2:eb:fc:44:89:b7:4c:9f:f2:62:2d:
a6:09:7c:c5:36:29:03:6d:10:11:e9:65:bd:9e:ac:
5a:f4:2b:3f:f0:d9:10:ec:ec:66:31:4b:7a:1e:a5:
3a:53:61:e1:44:2e:c5:11:07:a1:7f:7f:02:b9:68:
ce:a9:d4:86:1f:76:1f:35:ac:c2:51:d3:a5:d0:24:
08:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:03:29:25:31:B2:92:58:97:7F:C4:B3:DD:C2:14:76:BF:D1:38:C5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/8AMpJTGykliXf8Sz3cIUdr_ROMU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:79:6d:4c:9f:40:94:b7:e9:6c:e5:82:c5:85:e4:75:0b:18:
5d:f9:fa:49:72:63:ab:9a:c6:c7:bd:74:2c:34:10:2e:f8:5d:
60:5b:6a:24:2d:36:05:84:3e:54:3c:ec:f7:c5:8a:3d:2c:4b:
6c:00:b9:9e:98:09:a3:e1:b7:1c:c4:ca:13:43:ee:d4:e5:07:
1b:d6:31:17:8d:18:f9:55:d5:c0:96:03:65:4c:eb:35:29:8f:
dd:46:68:d5:dc:37:af:9a:da:19:79:be:fb:4f:72:09:3d:9d:
ce:47:53:18:52:2d:f2:67:36:69:b9:16:03:e1:34:ce:2e:2f:
70:ca:87:b7:f8:b2:27:38:ac:35:37:53:fd:0c:84:8d:cb:da:
61:ff:06:8e:ec:86:de:d2:db:8b:b4:37:37:16:7f:fc:1f:6b:
e5:e2:a4:22:83:5c:95:4f:fb:a5:94:53:77:bb:b1:16:11:30:
74:f7:fa:31:83:dd:c4:06:91:43:08:0f:5f:fc:a4:d9:94:12:
b7:0a:59:30:f5:d1:99:ab:32:c8:62:50:3b:ea:ca:98:c5:aa:
f6:2b:de:9c:fc:51:ab:d6:5b:ba:64:d7:c4:41:5b:a6:77:41:
4e:e0:59:f8:10:24:f7:6d:02:ee:43:6a:d5:22:4b:28:5c:9a:
fa:a1:e2:2a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE1AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTEx
MTIzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwMDMyOTI1MzFCMjky
NTg5NzdGQzRCM0REQzIxNDc2QkZEMTM4QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6yjHJSuA6Cu/mxz2gspSR5ORNWCokPLUU96yB8+xynWuukrrL
EHONzqA/rwflKUWIz52uw6oYeLc6AiwpiCB3oz+DTy8Ap63H38w1CbRz9a96h2Gn
N42RHC0CYLrs2GQKgFvCqKjuLUsQDFeXfxHg+p3es4A3uxFMDwQwdfLFeFzGhLWq
SzOK1wzp4KyVo1+rsb5Sxa/NQnXa/7wFNgeVIVEQ2uUilftpUFCVp1yQM/IryXfz
VEmy6/xEibdMn/JiLaYJfMU2KQNtEBHpZb2erFr0Kz/w2RDs7GYxS3oepTpTYeFE
LsURB6F/fwK5aM6p1IYfdh81rMJR06XQJAhjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8AMpJTGykliXf8Sz3cIUdr/ROMUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzhBTXBKVEd5a2xpWGY4
U3ozY0lVZHJfUk9NVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEASHltTJ9AlLfpbOWCxYXkdQsYXfn6SXJj
q5rGx710LDQQLvhdYFtqJC02BYQ+VDzs98WKPSxLbAC5npgJo+G3HMTKE0Pu1OUH
G9YxF40Y+VXVwJYDZUzrNSmP3UZo1dw3r5raGXm++09yCT2dzkdTGFIt8mc2abkW
A+E0zi4vcMqHt/iyJzisNTdT/QyEjcvaYf8GjuyG3tLbi7Q3NxZ//B9r5eKkIoNc
lU/7pZRTd7uxFhEwdPf6MYPdxAaRQwgPX/yk2ZQStwpZMPXRmasyyGJQO+rKmMWq
9ivenPxRq9ZbumTXxEFbpndBTuBZ+BAk920C7kNq1SJLKFya+qHiKg==
-----END CERTIFICATE-----
Generated at Thu Apr 11 16:38:10 2024 by rpki-client on console-fra.rpki-client.org