Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/JzoDVo19m8OK74OxSuUvFlsgpYk.roa
File: JzoDVo19m8OK74OxSuUvFlsgpYk.roa (raw, json)
Hash identifier: wjQ2DJBLgf7CtLz6kXy2FvRgDM38oOfiOw6pbsWKRhc=
Subject key identifier: 27:3A:03:56:8D:7D:9B:C3:8A:EF:83:B1:4A:E5:2F:16:5B:20:A5:89
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E58
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JzoDVo19m8OK74OxSuUvFlsgpYk.roa
Signing time: Fri 29 Mar 2024 05:22:33 +0000
ROA not before: Fri 29 Mar 2024 05:22:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3672 (0xe58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 05:22:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=273A03568D7D9BC38AEF83B14AE52F165B20A589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fc:de:fd:d4:ab:95:5e:6c:14:14:33:02:83:
15:90:cf:62:33:f8:7e:38:7f:60:ec:a2:6c:16:45:
21:48:38:a6:1f:01:f4:3b:11:2a:21:5b:e2:79:fa:
d0:60:b1:ce:e0:1e:06:2d:77:96:af:7c:3c:c2:d7:
93:04:20:5a:2a:8d:6f:19:df:3b:37:fc:d5:67:25:
ae:12:b2:6f:c2:b6:55:b7:81:fa:d4:0f:42:e3:80:
7b:47:ca:e4:1b:08:6c:65:ff:85:d2:3b:04:b3:50:
c8:04:38:50:95:e7:9b:83:d7:f9:f0:71:4a:c1:dd:
05:d7:29:4d:6c:65:02:a1:43:89:b8:66:25:3c:ab:
d7:15:4b:86:62:5c:d8:20:2a:25:32:a2:11:86:e8:
19:7f:04:da:4d:f7:2d:b7:17:da:51:d0:f5:20:c8:
d7:1b:a7:e7:59:78:59:3c:6d:1f:1b:bd:ff:22:01:
5a:d5:68:f6:0f:f7:20:05:d4:e7:dd:63:e2:ce:ee:
1f:dc:11:1f:e9:8e:c6:a0:cb:3e:d0:28:ad:2b:e9:
a5:5d:07:ab:0d:66:84:72:ef:fb:d3:5e:5c:f2:1f:
db:ad:36:d4:f0:62:fe:04:6b:58:23:36:44:a2:0a:
6a:77:73:ec:6c:6f:dd:f6:3c:de:ea:9c:cb:82:c4:
a4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:3A:03:56:8D:7D:9B:C3:8A:EF:83:B1:4A:E5:2F:16:5B:20:A5:89
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JzoDVo19m8OK74OxSuUvFlsgpYk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:aa:e1:12:b5:57:40:d7:6e:2d:ad:31:9a:bc:51:bf:4a:c9:
cc:fc:ff:f2:0e:ce:ba:04:8e:4f:2b:9e:82:ed:4c:02:03:96:
4b:48:c4:ce:37:f7:fe:0f:63:78:ea:bc:6d:29:69:97:0f:7c:
90:8d:61:5a:ef:0c:aa:8f:a7:17:e3:d9:75:be:e6:10:5c:3a:
53:16:47:56:74:fb:6e:15:da:d6:a7:06:4f:3a:7a:3e:53:93:
df:d5:88:c8:af:83:a8:0b:28:c8:87:cc:42:7d:67:70:f3:0d:
e9:87:13:66:96:5a:60:8c:17:d3:c0:e1:77:c0:6d:98:e8:fc:
a1:b9:82:5c:45:90:2d:c2:fd:c5:a0:2e:e8:8c:ae:f2:9a:48:
4a:77:32:fe:80:8b:37:18:9e:55:ea:68:b5:ca:3d:7f:93:10:
d7:15:36:f4:14:84:b5:82:aa:a9:a5:49:38:23:5f:64:56:c5:
0a:3b:58:81:24:bb:ba:58:67:59:fc:d7:36:a7:12:2d:f0:10:
c5:09:1a:4f:b9:51:97:08:15:44:e9:95:19:ac:41:aa:36:ac:
55:23:68:22:77:68:0d:18:53:ad:ea:90:31:5d:7e:23:cd:f2:
5f:a7:55:bb:62:0a:da:5d:b9:26:87:e7:44:ee:34:78:e7:36:
c8:98:f7:d7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkw
NTIyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI3M0EwMzU2OEQ3RDlC
QzM4QUVGODNCMTRBRTUyRjE2NUIyMEE1ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI/N791KuVXmwUFDMCgxWQz2Iz+H44f2DsomwWRSFIOKYfAfQ7
ESohW+J5+tBgsc7gHgYtd5avfDzC15MEIFoqjW8Z3zs3/NVnJa4Ssm/CtlW3gfrU
D0LjgHtHyuQbCGxl/4XSOwSzUMgEOFCV55uD1/nwcUrB3QXXKU1sZQKhQ4m4ZiU8
q9cVS4ZiXNggKiUyohGG6Bl/BNpN9y23F9pR0PUgyNcbp+dZeFk8bR8bvf8iAVrV
aPYP9yAF1OfdY+LO7h/cER/pjsagyz7QKK0r6aVdB6sNZoRy7/vTXlzyH9utNtTw
Yv4Ea1gjNkSiCmp3c+xsb932PN7qnMuCxKR3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJzoDVo19m8OK74OxSuUvFlsgpYkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0p6b0RWbzE5bThPSzc0
T3hTdVV2RmxzZ3BZay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAt6rhErVXQNduLa0xmrxRv0rJzPz/8g7O
ugSOTyuegu1MAgOWS0jEzjf3/g9jeOq8bSlplw98kI1hWu8Mqo+nF+PZdb7mEFw6
UxZHVnT7bhXa1qcGTzp6PlOT39WIyK+DqAsoyIfMQn1ncPMN6YcTZpZaYIwX08Dh
d8BtmOj8obmCXEWQLcL9xaAu6Iyu8ppISncy/oCLNxieVepotco9f5MQ1xU29BSE
tYKqqaVJOCNfZFbFCjtYgSS7ulhnWfzXNqcSLfAQxQkaT7lRlwgVROmVGaxBqjas
VSNoIndoDRhTreqQMV1+I83yX6dVu2IK2l25JofnRO40eOc2yJj31w==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:29:17 2024 by rpki-client on console-ams.rpki-client.org