Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/MPEmxHMaDZfMWctjtiRjsvFKaqk.roa
File: MPEmxHMaDZfMWctjtiRjsvFKaqk.roa (raw, json)
Hash identifier: d2wXMaEirdWKM0pdQhOTqRmFMI9BowlF5zC5CeNOYBw=
Subject key identifier: 30:F1:26:C4:73:1A:0D:97:CC:59:CB:63:B6:24:63:B2:F1:4A:6A:A9
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BDA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/MPEmxHMaDZfMWctjtiRjsvFKaqk.roa
Signing time: Sat 04 May 2024 05:54:45 +0000
ROA not before: Sat 04 May 2024 05:54:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7130 (0x1bda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 05:54:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=30F126C4731A0D97CC59CB63B62463B2F14A6AA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:fe:f1:77:bf:5a:fb:27:cb:3d:3b:f9:4b:
53:ad:47:de:1f:b8:de:d6:d2:40:75:66:cf:15:66:
73:ba:60:0c:60:05:28:4f:85:00:db:cd:ce:29:42:
d5:cd:86:72:87:bd:6c:f7:2d:35:94:b6:c3:71:97:
56:83:70:c3:db:21:79:84:77:fa:60:c1:8b:dc:aa:
82:b1:72:db:3b:2d:ed:10:74:97:03:3b:85:b3:96:
c2:9e:e0:d3:05:06:b8:09:d3:00:3b:1a:4d:e4:a4:
be:8d:7b:e1:2c:f9:dc:fd:8c:68:6b:29:c5:5d:f8:
5e:43:19:6e:06:99:34:58:65:c6:ea:e6:a8:55:c8:
6d:8c:3e:06:08:ce:df:d7:50:1e:f8:4a:27:0c:df:
3f:18:2c:69:1f:11:3b:7d:83:9a:e9:49:a4:82:4b:
22:be:96:d8:04:2f:bc:f1:42:b0:a0:32:f5:3f:d5:
5e:20:a6:cc:bf:c7:24:b2:e4:64:63:0f:d6:d0:03:
5e:3b:26:a7:d5:c5:e7:ea:92:87:eb:87:21:59:dc:
cb:11:f3:13:aa:92:cd:df:93:37:ed:90:b8:56:b7:
8c:d5:dd:05:04:05:6f:b1:29:f8:d5:82:c7:69:4c:
02:06:ba:4d:98:cf:d3:ee:41:6b:a3:c6:02:af:11:
fe:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F1:26:C4:73:1A:0D:97:CC:59:CB:63:B6:24:63:B2:F1:4A:6A:A9
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/MPEmxHMaDZfMWctjtiRjsvFKaqk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:cd:5b:bb:b3:20:6c:ed:aa:7f:6e:6b:58:55:54:90:29:c8:
91:75:7d:3e:b9:46:3f:b6:df:00:fe:ef:d2:be:07:2a:99:43:
de:9b:5d:99:74:fc:30:14:05:8b:a6:0a:70:88:20:27:42:94:
13:81:d4:cc:da:0e:37:05:1e:fe:25:bd:fa:99:4e:65:e6:3e:
4c:df:3b:d7:f5:f4:f6:7a:1f:51:f4:f4:4d:fc:ae:3d:98:c0:
e5:86:3b:6e:5d:59:4c:ce:4e:a2:ae:bc:88:87:9e:39:a1:47:
40:82:a0:fb:f3:89:83:81:c7:da:56:24:7d:eb:73:9a:e4:de:
b8:98:cc:9e:e2:a4:46:f6:46:0b:e9:f7:a2:c9:d2:4f:92:9e:
71:7a:90:c4:26:99:44:e3:68:9a:c7:4d:a5:6a:19:ae:eb:52:
39:e6:20:99:e5:e6:c6:51:cb:2c:69:25:50:41:8d:2e:29:d6:
90:bc:51:be:50:0f:ca:81:93:70:20:e3:cb:2f:8c:48:e1:cf:
d8:40:00:bb:01:e1:01:1f:17:48:ae:b5:1d:e2:9c:95:bb:2e:
ff:f9:bb:23:94:da:8d:7e:5f:63:bb:c0:0a:d7:1d:70:6a:a0:
4a:1e:a9:da:0c:af:bd:4e:28:dd:e7:6a:fe:12:2e:13:eb:ba:
0a:95:3d:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQw
NTU0NDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwRjEyNkM0NzMxQTBE
OTdDQzU5Q0I2M0I2MjQ2M0IyRjE0QTZBQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+W/7xd79a+yfLPTv5S1OtR94fuN7W0kB1Zs8VZnO6YAxgBShP
hQDbzc4pQtXNhnKHvWz3LTWUtsNxl1aDcMPbIXmEd/pgwYvcqoKxcts7Le0QdJcD
O4WzlsKe4NMFBrgJ0wA7Gk3kpL6Ne+Es+dz9jGhrKcVd+F5DGW4GmTRYZcbq5qhV
yG2MPgYIzt/XUB74SicM3z8YLGkfETt9g5rpSaSCSyK+ltgEL7zxQrCgMvU/1V4g
psy/xySy5GRjD9bQA147JqfVxefqkofrhyFZ3MsR8xOqks3fkzftkLhWt4zV3QUE
BW+xKfjVgsdpTAIGuk2Yz9PuQWujxgKvEf7RAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMPEmxHMaDZfMWctjtiRjsvFKaqkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL01QRW14SE1hRFpmTVdj
dGp0aVJqc3ZGS2Fxay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAq81bu7MgbO2qf25rWFVUkCnIkXV9PrlG
P7bfAP7v0r4HKplD3ptdmXT8MBQFi6YKcIggJ0KUE4HUzNoONwUe/iW9+plOZeY+
TN871/X09nofUfT0TfyuPZjA5YY7bl1ZTM5Ooq68iIeeOaFHQIKg+/OJg4HH2lYk
fetzmuTeuJjMnuKkRvZGC+n3osnST5KecXqQxCaZRONomsdNpWoZrutSOeYgmeXm
xlHLLGklUEGNLinWkLxRvlAPyoGTcCDjyy+MSOHP2EAAuwHhAR8XSK61HeKclbsu
//m7I5TajX5fY7vACtcdcGqgSh6p2gyvvU4o3edq/hIuE+u6CpU9dg==
-----END CERTIFICATE-----
Generated at Sat May 4 07:07:00 2024 by rpki-client on console-fra.rpki-client.org