Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/GY9YMvZePYPl1mADX4TqSIFm64s.roa
File: GY9YMvZePYPl1mADX4TqSIFm64s.roa (raw, json)
Hash identifier: pLrtlwlcTDnebPj4tuZr2uiuXk9j9C6ZxzqIn1pS2KI=
Subject key identifier: 19:8F:58:32:F6:5E:3D:83:E5:D6:60:03:5F:84:EA:48:81:66:EB:8B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1692
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GY9YMvZePYPl1mADX4TqSIFm64s.roa
Signing time: Sat 20 Apr 2024 03:53:31 +0000
ROA not before: Sat 20 Apr 2024 03:53:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5778 (0x1692)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 03:53:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=198F5832F65E3D83E5D660035F84EA488166EB8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d8:cd:dd:f5:65:03:81:38:bd:0e:14:95:76:
85:7f:41:35:bd:92:e9:46:d6:65:e9:4c:a9:b8:b7:
88:04:48:66:ef:cd:39:3a:56:a3:be:07:97:6f:ff:
99:bb:93:57:50:2b:73:eb:21:ec:0e:e7:ba:1d:19:
3e:a3:e9:57:33:bc:bd:1c:3d:f9:08:af:27:99:65:
ce:55:32:e8:35:7a:2e:ab:21:a2:db:d7:da:46:fb:
7d:53:78:97:32:d7:d3:29:d7:cb:e1:15:ab:b9:b4:
7b:d5:b5:2f:04:98:a7:1d:8b:56:ab:fc:f7:45:11:
cf:37:66:92:e5:a4:a1:aa:0c:dc:c2:3d:9e:e8:6d:
29:98:4d:b3:bb:f0:fd:e4:fc:f0:c9:2b:13:0b:d0:
93:a9:ca:ca:39:34:86:2e:34:6e:e7:5f:d3:eb:4c:
3e:6a:02:b8:8e:c0:9a:74:31:b5:06:06:e1:00:d3:
1f:77:81:22:a8:dc:17:05:80:0c:5e:51:36:f4:2f:
1a:dc:10:71:21:3c:36:d0:97:d0:03:76:02:b4:8b:
99:0f:01:37:b9:f6:2b:0a:bc:c1:56:dd:15:9e:4f:
89:f5:32:87:b2:79:ba:b2:ba:a2:f0:dd:f3:8c:d3:
89:e8:c5:aa:10:ac:e2:73:dd:f5:87:a3:9c:f2:7d:
9e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8F:58:32:F6:5E:3D:83:E5:D6:60:03:5F:84:EA:48:81:66:EB:8B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GY9YMvZePYPl1mADX4TqSIFm64s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:b3:44:b1:33:25:95:26:37:1c:c1:b2:67:23:fc:52:d8:4b:
d0:b6:5d:ac:b0:30:63:00:17:0c:22:34:00:53:77:be:4f:03:
51:3f:25:22:12:28:87:1a:57:c7:4c:ea:8e:5f:5c:3d:a1:eb:
ea:5c:de:e9:05:bb:dc:9e:d3:c3:8d:98:65:49:ca:ac:be:d8:
0d:99:db:3e:87:09:8b:da:6d:b0:73:bb:74:3a:eb:6f:f2:54:
70:36:7c:ed:34:ce:0d:b9:26:2a:78:d1:79:38:63:bd:39:79:
c9:86:5d:45:75:09:8d:19:f1:17:f9:98:e0:a6:b8:15:c9:43:
c6:15:8b:72:e3:82:5e:13:ef:a2:11:85:88:8a:8c:29:22:7d:
2f:17:15:28:5b:36:70:77:d5:db:eb:b7:af:b6:a3:1b:32:19:
b1:eb:5b:00:3a:33:16:3b:27:c9:fb:e9:ea:eb:a1:da:f7:01:
0c:cc:c5:f4:90:0a:91:ae:2d:46:2d:42:c0:38:0a:d4:c6:69:
c1:61:98:fe:05:8e:98:6e:3a:07:94:3c:fd:cf:28:fc:9b:03:
d1:18:4e:b3:92:f2:04:a1:97:54:6f:7f:7e:82:00:0e:bc:a8:
e7:a1:21:d4:1d:56:76:97:4b:1e:5e:8f:10:9a:1d:87:cc:83:
ae:b4:48:2b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAw
MzUzMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE5OEY1ODMyRjY1RTNE
ODNFNUQ2NjAwMzVGODRFQTQ4ODE2NkVCOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw2M3d9WUDgTi9DhSVdoV/QTW9kulG1mXpTKm4t4gESGbvzTk6
VqO+B5dv/5m7k1dQK3PrIewO57odGT6j6VczvL0cPfkIryeZZc5VMug1ei6rIaLb
19pG+31TeJcy19Mp18vhFau5tHvVtS8EmKcdi1ar/PdFEc83ZpLlpKGqDNzCPZ7o
bSmYTbO78P3k/PDJKxML0JOpyso5NIYuNG7nX9PrTD5qAriOwJp0MbUGBuEA0x93
gSKo3BcFgAxeUTb0LxrcEHEhPDbQl9ADdgK0i5kPATe59isKvMFW3RWeT4n1Moey
ebqyuqLw3fOM04noxaoQrOJz3fWHo5zyfZ7XAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGY9YMvZePYPl1mADX4TqSIFm64swHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0dZOVlNdlplUFlQbDFt
QURYNFRxU0lGbTY0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAFbNEsTMllSY3HMGyZyP8UthL0LZdrLAw
YwAXDCI0AFN3vk8DUT8lIhIohxpXx0zqjl9cPaHr6lze6QW73J7Tw42YZUnKrL7Y
DZnbPocJi9ptsHO7dDrrb/JUcDZ87TTODbkmKnjReThjvTl5yYZdRXUJjRnxF/mY
4Ka4FclDxhWLcuOCXhPvohGFiIqMKSJ9LxcVKFs2cHfV2+u3r7ajGzIZsetbADoz
Fjsnyfvp6uuh2vcBDMzF9JAKka4tRi1CwDgK1MZpwWGY/gWOmG46B5Q8/c8o/JsD
0RhOs5LyBKGXVG9/foIADryo56Eh1B1WdpdLHl6PEJodh8yDrrRIKw==
-----END CERTIFICATE-----
Generated at Sat Apr 20 05:14:59 2024 by rpki-client on console-fra.rpki-client.org