Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/8DTsqWYMco8iJ4LBC_6a3BtQl1Y.roa
File: 8DTsqWYMco8iJ4LBC_6a3BtQl1Y.roa (raw, json)
Hash identifier: 4lzyITtOB7v6SMSP7A253oyY8tWitAr5PyKJKGQmF64=
Subject key identifier: F0:34:EC:A9:66:0C:72:8F:22:27:82:C1:0B:FE:9A:DC:1B:50:97:56
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 12FA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/8DTsqWYMco8iJ4LBC_6a3BtQl1Y.roa
Signing time: Wed 10 Apr 2024 13:53:12 +0000
ROA not before: Wed 10 Apr 2024 13:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4858 (0x12fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 13:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F034ECA9660C728F222782C10BFE9ADC1B509756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:79:e7:65:e4:21:1e:96:cb:7b:1d:c0:e0:
ff:1b:53:0e:c8:32:b5:7a:fa:cc:03:1b:55:8a:b7:
b1:26:40:bc:15:e8:3a:dc:8e:95:2b:8a:3a:d0:db:
6a:15:15:6a:40:84:70:de:8a:30:10:de:a7:07:0a:
32:93:e9:5f:e2:91:a3:b4:80:7d:f8:c9:5e:00:f3:
05:fe:7b:dc:ed:8e:c4:cf:f2:03:02:29:62:b1:c8:
f7:bc:66:12:d8:4c:55:60:d0:38:11:59:21:6a:a4:
2a:7b:94:ef:0c:4e:f9:61:c8:bb:f5:56:0e:7d:d7:
74:5f:26:fd:e9:ef:fc:e4:94:6c:4b:25:89:04:48:
10:72:ca:60:82:bc:9a:19:55:e9:8c:41:66:fe:4b:
10:ec:9d:e8:f5:a2:70:4b:d1:e6:2a:89:af:ac:f5:
5c:30:f2:0f:00:f3:9b:fd:f7:13:28:52:0e:24:90:
0b:44:a3:5e:f7:98:d7:9e:ed:a1:c5:7b:2a:6d:0d:
8e:67:70:92:88:cb:7d:eb:c8:df:e8:37:05:59:44:
8b:d3:fc:5d:b9:1f:c2:d7:4d:80:f2:56:fd:9e:35:
80:91:19:5e:55:8c:07:a7:81:ff:4d:4d:83:fc:c6:
72:2f:d7:3f:ed:e6:89:1c:e4:c3:c1:7b:0a:4c:e7:
a8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:34:EC:A9:66:0C:72:8F:22:27:82:C1:0B:FE:9A:DC:1B:50:97:56
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/8DTsqWYMco8iJ4LBC_6a3BtQl1Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:c3:c6:7b:93:e3:73:3c:a4:c6:37:ca:ec:b6:ed:c2:06:e7:
0e:85:34:46:77:2f:30:b2:63:f0:c9:93:b2:a7:7d:91:b0:f8:
cb:56:ba:ed:ad:bb:14:57:e6:01:f4:ab:45:38:be:8a:4f:5a:
46:52:27:0f:92:5e:46:1d:81:a1:7a:98:d3:86:30:e8:82:79:
e2:49:27:ef:54:f5:7a:0e:df:4f:ec:69:d9:63:e4:75:42:06:
14:53:b8:8a:6c:45:0a:7e:a1:0d:f3:98:d3:f2:4c:4c:83:02:
6d:5c:96:eb:10:4c:04:b8:40:85:46:58:9a:6b:0a:ab:65:7b:
a5:27:92:b1:19:03:6f:8d:8b:b7:c0:bd:d2:a5:f9:91:15:7e:
2d:e6:10:7a:b0:cc:c8:da:58:bc:e8:46:64:0f:2d:3b:25:0c:
01:7f:44:ee:35:c6:8d:13:97:83:8a:d0:de:9b:d6:c8:65:4b:
ee:08:bd:46:7f:cd:92:44:be:16:34:c1:2d:ce:23:b7:fd:74:
ec:95:ca:f8:3f:1c:f1:ca:0b:69:38:09:b9:9c:2b:67:14:23:
39:46:bd:b1:0f:01:7c:18:46:05:3b:a5:b7:25:66:0a:07:20:
e9:ea:ec:ab:f9:e6:63:3c:83:b9:db:79:9f:e4:e6:8e:e8:33:
62:83:fb:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAx
MzUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwMzRFQ0E5NjYwQzcy
OEYyMjI3ODJDMTBCRkU5QURDMUI1MDk3NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCus3nnZeQhHpbLex3A4P8bUw7IMrV6+swDG1WKt7EmQLwV6Drc
jpUrijrQ22oVFWpAhHDeijAQ3qcHCjKT6V/ikaO0gH34yV4A8wX+e9ztjsTP8gMC
KWKxyPe8ZhLYTFVg0DgRWSFqpCp7lO8MTvlhyLv1Vg5913RfJv3p7/zklGxLJYkE
SBByymCCvJoZVemMQWb+SxDsnej1onBL0eYqia+s9Vww8g8A85v99xMoUg4kkAtE
o173mNee7aHFeyptDY5ncJKIy33ryN/oNwVZRIvT/F25H8LXTYDyVv2eNYCRGV5V
jAengf9NTYP8xnIv1z/t5okc5MPBewpM56jxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8DTsqWYMco8iJ4LBC/6a3BtQl1YwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzhEVHNxV1lNY284aUo0
TEJDXzZhM0J0UWwxWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAccPGe5PjczykxjfK7LbtwgbnDoU0Rncv
MLJj8MmTsqd9kbD4y1a67a27FFfmAfSrRTi+ik9aRlInD5JeRh2BoXqY04Yw6IJ5
4kkn71T1eg7fT+xp2WPkdUIGFFO4imxFCn6hDfOY0/JMTIMCbVyW6xBMBLhAhUZY
mmsKq2V7pSeSsRkDb42Lt8C90qX5kRV+LeYQerDMyNpYvOhGZA8tOyUMAX9E7jXG
jROXg4rQ3pvWyGVL7gi9Rn/NkkS+FjTBLc4jt/107JXK+D8c8coLaTgJuZwrZxQj
OUa9sQ8BfBhGBTultyVmCgcg6ersq/nmYzyDudt5n+TmjugzYoP7xg==
-----END CERTIFICATE-----
Generated at Wed Apr 10 19:33:13 2024 by rpki-client on console-fra.rpki-client.org