Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PYmnC8sy9E5wgtFLJLSYm6mb14s.roa
File: PYmnC8sy9E5wgtFLJLSYm6mb14s.roa (raw, json)
Hash identifier: uhCpHRN0Leqt2KasOOVCHdozcT2UWO8itMda94mQwAk=
Subject key identifier: 3D:89:A7:0B:CB:32:F4:4E:70:82:D1:4B:24:B4:98:9B:A9:9B:D7:8B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0DF0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PYmnC8sy9E5wgtFLJLSYm6mb14s.roa
Signing time: Thu 28 Mar 2024 03:22:25 +0000
ROA not before: Thu 28 Mar 2024 03:22:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3568 (0xdf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 28 03:22:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3D89A70BCB32F44E7082D14B24B4989BA99BD78B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:45:31:56:e3:a6:4c:fd:55:0c:22:33:11:3a:
cb:41:fb:f8:e5:93:5f:1c:8f:c7:0d:b0:82:e3:8f:
8c:99:1d:27:8f:64:f7:1c:6b:e2:c8:93:98:45:46:
5e:df:d5:d5:76:2d:00:4b:d0:31:f1:15:67:3e:a1:
57:44:1d:b3:2f:63:87:88:f1:26:64:bf:3a:5f:b1:
25:16:f7:d8:11:65:66:1a:b2:8b:8a:46:e1:8a:97:
f8:ec:50:aa:e0:4b:cd:5f:ce:31:ab:37:ea:b3:ae:
74:a8:c4:af:73:8a:df:42:53:63:08:f7:88:e2:ac:
50:ed:64:ec:c5:f3:ac:cb:bd:3e:44:25:8b:e3:2e:
34:8c:0b:54:77:6e:2d:ed:c0:b0:86:1f:1b:77:1c:
a0:22:b9:7e:28:19:aa:20:23:d0:ce:74:05:f2:00:
0a:71:33:82:c8:2a:2c:96:07:9b:84:4e:95:a2:35:
02:d5:f5:f9:a9:fb:7d:29:4e:68:62:6c:f4:1f:50:
03:b9:a0:e3:41:f2:55:79:e2:0b:33:9c:5e:35:03:
94:8a:77:f9:18:8f:9f:7b:37:d9:5d:e4:c3:ba:cb:
64:bb:41:5b:22:24:92:bf:d0:5e:f1:21:0d:55:70:
72:b9:15:34:d4:28:7e:b0:e9:c1:d5:c4:e0:b1:7f:
50:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:89:A7:0B:CB:32:F4:4E:70:82:D1:4B:24:B4:98:9B:A9:9B:D7:8B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PYmnC8sy9E5wgtFLJLSYm6mb14s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:9f:51:89:90:c8:28:f2:77:c6:a5:d4:5b:60:81:32:99:32:
d5:eb:63:c2:70:97:b9:2c:18:fe:e0:f7:29:df:dd:7e:2a:a1:
81:1f:c2:5d:bc:ef:85:56:03:b4:ff:19:73:4d:95:be:bb:03:
aa:45:87:7c:f8:a9:b6:29:39:74:2e:2f:3c:b6:57:8e:3a:d7:
d0:c9:4f:29:90:8d:b5:32:fa:ca:92:ed:d8:0c:88:cb:68:94:
d1:92:46:47:6f:1f:80:88:7c:c3:bd:04:7e:a7:a6:99:3c:07:
e2:32:d8:bd:62:e8:2f:5a:7f:7f:0e:73:8b:97:22:f7:d9:f7:
6f:cf:ca:ee:a9:ed:03:ef:8b:9e:8b:b2:56:ac:59:ff:ec:58:
66:6a:fd:43:3e:83:6b:06:7d:8e:a7:21:65:ec:1d:3b:29:b4:
f9:2b:b0:5b:57:03:db:f6:1a:e1:85:89:da:e6:c2:e1:35:eb:
d9:42:af:e8:21:e2:06:e4:dd:2f:e3:28:45:fa:25:9d:f4:fc:
b5:fa:a5:cb:d3:54:05:de:46:b8:6b:eb:62:c3:0c:2e:f7:ad:
6b:19:20:3d:2a:ab:71:25:c2:db:d6:7e:21:0c:a8:e3:83:dc:
e5:33:46:62:f2:b9:d7:2e:88:28:32:ff:ba:67:3a:5f:15:c6:
0c:19:c4:a6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjgw
MzIyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNEODlBNzBCQ0IzMkY0
NEU3MDgyRDE0QjI0QjQ5ODlCQTk5QkQ3OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvRTFW46ZM/VUMIjMROstB+/jlk18cj8cNsILjj4yZHSePZPcc
a+LIk5hFRl7f1dV2LQBL0DHxFWc+oVdEHbMvY4eI8SZkvzpfsSUW99gRZWYasouK
RuGKl/jsUKrgS81fzjGrN+qzrnSoxK9zit9CU2MI94jirFDtZOzF86zLvT5EJYvj
LjSMC1R3bi3twLCGHxt3HKAiuX4oGaogI9DOdAXyAApxM4LIKiyWB5uETpWiNQLV
9fmp+30pTmhibPQfUAO5oONB8lV54gsznF41A5SKd/kYj597N9ld5MO6y2S7QVsi
JJK/0F7xIQ1VcHK5FTTUKH6w6cHVxOCxf1CXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPYmnC8sy9E5wgtFLJLSYm6mb14swHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BZbW5DOHN5OUU1d2d0
RkxKTFNZbTZtYjE0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA1J9RiZDIKPJ3xqXUW2CBMpky1etjwnCX
uSwY/uD3Kd/dfiqhgR/CXbzvhVYDtP8Zc02VvrsDqkWHfPiptik5dC4vPLZXjjrX
0MlPKZCNtTL6ypLt2AyIy2iU0ZJGR28fgIh8w70EfqemmTwH4jLYvWLoL1p/fw5z
i5ci99n3b8/K7qntA++LnouyVqxZ/+xYZmr9Qz6DawZ9jqchZewdOym0+SuwW1cD
2/Ya4YWJ2ubC4TXr2UKv6CHiBuTdL+MoRfolnfT8tfqly9NUBd5GuGvrYsMMLvet
axkgPSqrcSXC29Z+IQyo44Pc5TNGYvK51y6IKDL/umc6XxXGDBnEpg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:47:48 2024 by rpki-client on console-fra.rpki-client.org