Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/9jupoygMFAPIuiCttjJkEHaHYds.roa
File: 9jupoygMFAPIuiCttjJkEHaHYds.roa (raw, json)
Hash identifier: nEsPJ0wXmS2akrksp2xXgUrV5Wy0pf4lTkP6O4eFiNo=
Subject key identifier: F6:3B:A9:A3:28:0C:14:03:C8:BA:20:AD:B6:32:64:10:76:87:61:DB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 181A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9jupoygMFAPIuiCttjJkEHaHYds.roa
Signing time: Wed 24 Apr 2024 05:53:38 +0000
ROA not before: Wed 24 Apr 2024 05:53:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6170 (0x181a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 05:53:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F63BA9A3280C1403C8BA20ADB6326410768761DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:53:46:f6:39:44:cc:2e:a3:53:30:8b:8e:6f:
7c:51:99:69:6f:c8:d7:36:9e:cd:09:2a:d9:fb:16:
67:c9:29:ac:6d:51:b9:15:a9:a7:fe:08:23:bb:b4:
81:7d:67:53:bd:4b:54:33:b1:c6:8c:18:75:0c:15:
cb:ca:46:04:5e:5b:61:d8:e0:ce:36:93:66:f1:bf:
e7:98:50:3d:7b:b2:0f:49:b8:8f:8f:f3:0a:63:e4:
6b:fe:19:f1:f8:d2:20:21:1e:4a:4e:1d:0c:09:1e:
75:53:04:90:20:36:10:25:d3:cd:9f:71:eb:ca:e9:
d4:b4:f3:36:04:fe:9a:43:79:5e:3a:14:09:10:6f:
a2:97:7c:22:7d:6b:6d:bb:22:a2:59:c3:83:5e:62:
db:ee:16:70:b1:32:7a:a8:4f:8d:bb:fd:b9:aa:41:
1b:fb:6c:7a:c0:68:db:d8:63:58:b4:3a:65:39:9b:
c8:38:0f:df:34:26:65:43:80:6a:55:2f:ca:22:cb:
0d:51:64:12:87:39:59:8c:5f:af:b8:40:29:c3:2d:
54:a1:2d:7a:60:e1:df:4c:df:91:d9:12:f7:ca:1f:
64:7b:be:6b:06:8d:25:ae:65:d0:e5:79:22:80:31:
19:45:5a:3c:3a:32:d4:80:ac:8f:f0:a3:8e:db:e8:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:3B:A9:A3:28:0C:14:03:C8:BA:20:AD:B6:32:64:10:76:87:61:DB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9jupoygMFAPIuiCttjJkEHaHYds.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:7b:aa:ff:53:fc:85:cb:8a:b4:52:be:3a:ce:74:be:aa:28:
3e:30:22:1f:a6:ae:d6:e9:48:80:1c:a2:b8:b9:d2:d0:79:a5:
32:88:e9:e7:d2:32:31:8e:47:8c:ac:5b:57:ff:82:37:1b:cd:
28:f9:8e:d8:5d:58:ba:5b:35:64:cb:42:a5:85:6c:3c:88:a6:
1a:4d:89:28:3e:49:41:e1:c7:ec:c5:7f:3e:24:ae:6e:3b:ee:
0d:66:be:ff:80:75:99:7d:90:cd:41:63:db:71:5a:1d:3f:c8:
a9:70:06:08:17:0d:ce:0a:25:64:45:5f:22:31:d4:1b:b9:f4:
22:6d:cd:2b:8b:89:28:4a:86:14:de:04:9a:9a:47:55:75:93:
41:6a:54:ee:db:66:38:99:c4:30:8b:83:53:a8:da:56:e0:30:
e5:78:91:fd:f1:6f:51:96:9a:54:0d:a0:31:63:9d:50:54:ab:
85:e9:59:7b:1b:b6:f2:52:00:7b:14:aa:47:37:40:98:91:1f:
17:9e:72:28:e7:b9:9b:f7:87:13:9e:3e:79:77:98:a4:e8:0c:
1a:8d:85:b2:8d:96:26:dc:82:8d:33:0f:e1:0f:78:57:2a:32:
0f:9b:7e:33:8b:45:ff:ac:48:a7:60:87:15:d2:1e:83:4b:3d:
93:b2:14:2d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQw
NTUzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY2M0JBOUEzMjgwQzE0
MDNDOEJBMjBBREI2MzI2NDEwNzY4NzYxREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhU0b2OUTMLqNTMIuOb3xRmWlvyNc2ns0JKtn7FmfJKaxtUbkV
qaf+CCO7tIF9Z1O9S1QzscaMGHUMFcvKRgReW2HY4M42k2bxv+eYUD17sg9JuI+P
8wpj5Gv+GfH40iAhHkpOHQwJHnVTBJAgNhAl082fcevK6dS08zYE/ppDeV46FAkQ
b6KXfCJ9a227IqJZw4NeYtvuFnCxMnqoT427/bmqQRv7bHrAaNvYY1i0OmU5m8g4
D980JmVDgGpVL8oiyw1RZBKHOVmMX6+4QCnDLVShLXpg4d9M35HZEvfKH2R7vmsG
jSWuZdDleSKAMRlFWjw6MtSArI/wo47b6ATHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9jupoygMFAPIuiCttjJkEHaHYdswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzlqdXBveWdNRkFQSXVp
Q3R0akprRUhhSFlkcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEATnuq/1P8hcuKtFK+Os50vqooPjAiH6au
1ulIgByiuLnS0HmlMojp59IyMY5HjKxbV/+CNxvNKPmO2F1Yuls1ZMtCpYVsPIim
Gk2JKD5JQeHH7MV/PiSubjvuDWa+/4B1mX2QzUFj23FaHT/IqXAGCBcNzgolZEVf
IjHUG7n0Im3NK4uJKEqGFN4EmppHVXWTQWpU7ttmOJnEMIuDU6jaVuAw5XiR/fFv
UZaaVA2gMWOdUFSrhelZexu28lIAexSqRzdAmJEfF55yKOe5m/eHE54+eXeYpOgM
Go2Fso2WJtyCjTMP4Q94VyoyD5t+M4tF/6xIp2CHFdIeg0s9k7IULQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 10:11:21 2024 by rpki-client on console-ams.rpki-client.org