Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/GenoNMqKKm_Mx8qLlmYT4u3xmL4.roa
File: GenoNMqKKm_Mx8qLlmYT4u3xmL4.roa (raw, json)
Hash identifier: yGgEklUwAwRP92RedqW6Cslh9LQxLTEgpgKasTwjXH8=
Subject key identifier: 19:E9:E8:34:CA:8A:2A:6F:CC:C7:CA:8B:96:66:13:E2:ED:F1:98:BE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16B6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GenoNMqKKm_Mx8qLlmYT4u3xmL4.roa
Signing time: Sat 20 Apr 2024 12:53:38 +0000
ROA not before: Sat 20 Apr 2024 12:53:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5814 (0x16b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 12:53:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=19E9E834CA8A2A6FCCC7CA8B966613E2EDF198BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:17:c6:37:1b:fb:f8:4f:fa:71:00:e6:6e:92:
94:a1:9b:09:06:13:f7:da:34:07:e4:57:67:38:d5:
b9:ed:de:b2:cf:63:d5:cc:f9:72:48:dc:79:47:ac:
5e:f6:9f:92:a4:25:d6:25:f9:82:95:3f:f9:3a:63:
6a:78:09:f7:19:88:c0:22:43:67:7c:37:a5:3f:92:
2c:7c:f8:d5:9f:2c:23:77:49:87:b3:b2:e4:76:bf:
c5:28:6b:7b:8d:77:32:b7:25:f5:89:08:f1:88:dc:
73:4f:b1:de:2b:29:e9:17:80:65:12:59:40:c4:03:
d2:20:1e:3f:bb:4f:ef:5d:ed:3a:97:a8:34:f3:3f:
aa:84:ca:f7:09:e2:8b:92:d1:77:fb:d0:0b:f4:f4:
bd:bf:c4:e5:b9:1f:fc:0f:10:3b:e6:12:be:99:35:
a9:0e:07:4c:9a:03:21:76:3f:5c:99:b0:63:09:45:
f5:66:b7:96:31:07:38:ab:78:b4:46:0c:a8:8c:3a:
66:8a:ed:4a:c2:a8:30:0a:ce:5d:cd:66:22:f6:a6:
18:16:0e:4f:ae:b7:22:97:02:27:52:fa:25:b1:ef:
db:c0:b0:58:2b:e1:32:0d:0a:61:62:63:da:85:ff:
bb:12:f8:6e:5c:48:c9:9d:d1:a0:e1:62:c8:23:c8:
cc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E9:E8:34:CA:8A:2A:6F:CC:C7:CA:8B:96:66:13:E2:ED:F1:98:BE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GenoNMqKKm_Mx8qLlmYT4u3xmL4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:32:7b:f7:98:35:ad:c6:d3:5c:d9:55:b4:1b:5b:60:d4:fa:
14:16:e0:34:d7:06:9b:ea:6c:72:19:69:4f:2c:f8:44:a1:9e:
08:23:07:11:8f:43:1a:87:e9:de:2d:e6:0e:00:e9:de:5c:66:
09:d5:0a:b9:06:b7:3b:43:18:54:b6:f1:05:c6:62:a7:dd:b3:
24:ce:29:8b:48:32:5b:d1:73:48:1b:f5:ea:0d:ba:23:79:a4:
05:4b:11:81:7b:aa:1c:d9:c5:2b:35:7a:d3:37:82:b6:45:17:
e5:3a:32:1a:38:ad:ca:2c:a1:e1:9e:d6:a8:a8:bd:14:be:d2:
04:1d:87:d6:37:1d:3a:35:1a:51:71:1f:45:bb:da:d1:e5:7b:
79:96:c3:a7:1c:00:48:35:f5:fb:d1:47:ca:a0:05:9e:78:f5:
26:07:8c:45:f3:79:05:0f:21:ef:8d:27:41:1b:d5:2a:6c:9a:
ec:ba:12:29:e2:94:24:c5:9e:dc:ee:bc:e1:ed:fd:be:a8:48:
68:77:46:99:af:69:8e:f7:4e:fc:61:f8:44:64:2b:80:da:c9:
50:3d:ac:63:b1:5f:1f:26:48:65:06:e2:c1:66:9e:15:bd:60:
e0:22:55:b1:9c:d8:04:0c:5a:23:41:42:e3:1a:e5:9e:c2:ed:
00:99:21:e8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFrYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAx
MjUzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE5RTlFODM0Q0E4QTJB
NkZDQ0M3Q0E4Qjk2NjYxM0UyRURGMTk4QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyF8Y3G/v4T/pxAOZukpShmwkGE/faNAfkV2c41bnt3rLPY9XM
+XJI3HlHrF72n5KkJdYl+YKVP/k6Y2p4CfcZiMAiQ2d8N6U/kix8+NWfLCN3SYez
suR2v8Uoa3uNdzK3JfWJCPGI3HNPsd4rKekXgGUSWUDEA9IgHj+7T+9d7TqXqDTz
P6qEyvcJ4ouS0Xf70Av09L2/xOW5H/wPEDvmEr6ZNakOB0yaAyF2P1yZsGMJRfVm
t5YxBzireLRGDKiMOmaK7UrCqDAKzl3NZiL2phgWDk+utyKXAidS+iWx79vAsFgr
4TINCmFiY9qF/7sS+G5cSMmd0aDhYsgjyMyRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGenoNMqKKm/Mx8qLlmYT4u3xmL4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0dlbm9OTXFLS21fTXg4
cUxsbVlUNHUzeG1MNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAcjJ795g1rcbTXNlVtBtbYNT6FBbgNNcG
m+pschlpTyz4RKGeCCMHEY9DGofp3i3mDgDp3lxmCdUKuQa3O0MYVLbxBcZip92z
JM4pi0gyW9FzSBv16g26I3mkBUsRgXuqHNnFKzV60zeCtkUX5ToyGjityiyh4Z7W
qKi9FL7SBB2H1jcdOjUaUXEfRbva0eV7eZbDpxwASDX1+9FHyqAFnnj1JgeMRfN5
BQ8h740nQRvVKmya7LoSKeKUJMWe3O684e39vqhIaHdGma9pjvdO/GH4RGQrgNrJ
UD2sY7FfHyZIZQbiwWaeFb1g4CJVsZzYBAxaI0FC4xrlnsLtAJkh6A==
-----END CERTIFICATE-----
Generated at Sat Apr 20 15:25:37 2024 by rpki-client on console-ams.rpki-client.org