Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Pbz2OpoibFORhbzBkEtXnExy9MY.roa
File: Pbz2OpoibFORhbzBkEtXnExy9MY.roa (raw, json)
Hash identifier: wv7D72zRXBSnotV2YcNiIX2/H8TslUMpPZsnrfieBA4=
Subject key identifier: 3D:BC:F6:3A:9A:22:6C:53:91:85:BC:C1:90:4B:57:9C:4C:72:F4:C6
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F68
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Pbz2OpoibFORhbzBkEtXnExy9MY.roa
Signing time: Mon 01 Apr 2024 01:22:42 +0000
ROA not before: Mon 01 Apr 2024 01:22:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3944 (0xf68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 01:22:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3DBCF63A9A226C539185BCC1904B579C4C72F4C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5c:47:ae:97:88:b7:89:c9:ca:80:f0:08:d0:
55:bc:e1:45:c5:1a:55:9e:64:93:f8:3e:96:2d:fa:
0f:95:e7:92:ac:0e:8e:a9:63:48:eb:c0:b2:8b:87:
6d:9f:ef:36:51:91:d0:9c:36:4d:d5:2c:06:71:c1:
29:61:e6:6f:78:ee:e6:6f:bd:ad:7d:90:cb:d0:df:
dc:81:1c:f1:e4:a6:86:a1:9a:ee:49:ff:c0:ad:7b:
6f:20:35:d6:29:96:2d:88:c5:5f:b6:c3:f2:91:a2:
c3:91:7b:78:41:f2:3b:9d:86:85:1d:3a:9a:b6:a3:
54:2d:62:15:bc:61:d4:16:fc:f9:3e:61:9e:74:2e:
00:5a:93:3c:ef:1a:00:b9:53:7d:c3:72:5b:93:66:
85:cf:05:6e:7f:25:4a:44:49:f8:05:4e:ed:ce:57:
64:21:13:dd:07:98:12:86:89:70:cc:65:34:9e:c5:
89:7e:9f:07:c1:a2:d1:b5:2f:69:71:09:56:2d:ef:
f1:97:24:5b:b6:b6:b1:2d:25:47:63:63:09:aa:51:
23:67:5e:8e:39:a5:8f:7a:60:51:32:56:ff:e5:59:
5a:5d:cc:78:03:85:1e:86:0e:7f:89:73:de:16:41:
5e:71:ea:d6:77:c0:a8:d8:35:2b:9e:01:a2:d0:bd:
e5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BC:F6:3A:9A:22:6C:53:91:85:BC:C1:90:4B:57:9C:4C:72:F4:C6
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Pbz2OpoibFORhbzBkEtXnExy9MY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:0f:e0:bd:c4:83:5d:a1:1f:58:11:0c:87:9c:1b:0a:c2:2a:
75:86:5d:37:0f:22:b2:87:cd:3c:e9:93:e8:13:f4:03:3e:1b:
25:bc:23:58:69:a9:c9:ab:b7:df:60:50:2a:ad:08:a6:50:2b:
e3:da:26:eb:53:06:f0:c8:93:8c:01:c6:c2:e3:b4:58:5f:62:
3e:aa:0c:e3:75:49:33:28:4e:7f:a6:5f:fe:76:48:5e:05:d5:
0f:97:22:e4:a9:7c:c4:f3:d2:d4:27:ed:86:b0:7b:0f:e7:d5:
79:86:89:91:9e:b3:5d:e3:c5:bc:92:37:be:ed:1d:21:ea:53:
f1:ba:91:ee:80:63:2c:93:2d:2e:e3:98:15:5c:3c:cd:d3:96:
a0:2e:fc:fd:98:64:35:79:c7:a3:28:64:09:76:db:4e:a1:4a:
fa:7c:dc:83:9e:0e:ea:9c:d3:1c:c6:4d:08:2d:00:aa:4b:9b:
48:4f:c1:a0:7e:29:7d:1b:c9:ce:71:8c:57:df:ac:31:ac:15:
7a:cf:bd:17:b0:fb:5a:23:e8:c8:fe:f5:39:03:b0:48:01:16:
63:31:4f:13:3e:58:df:dc:7c:75:24:ed:e9:27:9a:e5:51:ab:
40:96:43:18:d3:25:77:b1:45:87:ea:d2:a2:fa:b0:7e:a3:f7:
9d:1a:60:bf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD2gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEw
MTIyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNEQkNGNjNBOUEyMjZD
NTM5MTg1QkNDMTkwNEI1NzlDNEM3MkY0QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeXEeul4i3icnKgPAI0FW84UXFGlWeZJP4PpYt+g+V55KsDo6p
Y0jrwLKLh22f7zZRkdCcNk3VLAZxwSlh5m947uZvva19kMvQ39yBHPHkpoahmu5J
/8Cte28gNdYpli2IxV+2w/KRosORe3hB8judhoUdOpq2o1QtYhW8YdQW/Pk+YZ50
LgBakzzvGgC5U33DcluTZoXPBW5/JUpESfgFTu3OV2QhE90HmBKGiXDMZTSexYl+
nwfBotG1L2lxCVYt7/GXJFu2trEtJUdjYwmqUSNnXo45pY96YFEyVv/lWVpdzHgD
hR6GDn+Jc94WQV5x6tZ3wKjYNSueAaLQveUtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPbz2OpoibFORhbzBkEtXnExy9MYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BiejJPcG9pYkZPUmhi
ekJrRXRYbkV4eTlNWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEADg/gvcSDXaEfWBEMh5wbCsIqdYZdNw8i
sofNPOmT6BP0Az4bJbwjWGmpyau332BQKq0IplAr49om61MG8MiTjAHGwuO0WF9i
PqoM43VJMyhOf6Zf/nZIXgXVD5ci5Kl8xPPS1CfthrB7D+fVeYaJkZ6zXePFvJI3
vu0dIepT8bqR7oBjLJMtLuOYFVw8zdOWoC78/ZhkNXnHoyhkCXbbTqFK+nzcg54O
6pzTHMZNCC0AqkubSE/BoH4pfRvJznGMV9+sMawVes+9F7D7WiPoyP71OQOwSAEW
YzFPEz5Y39x8dSTt6Sea5VGrQJZDGNMld7FFh+rSovqwfqP3nRpgvw==
-----END CERTIFICATE-----
Generated at Mon Apr 1 02:56:30 2024 by rpki-client on console-fra.rpki-client.org