Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PfDy9fI4NqVPxXR1t0KyOnLFP8E.roa
File: PfDy9fI4NqVPxXR1t0KyOnLFP8E.roa (raw, json)
Hash identifier: JQ0RPMTmuDwFqXiPQ6WLLUgTQIOskm79/Sf8RHbrmmI=
Subject key identifier: 3D:F0:F2:F5:F2:38:36:A5:4F:C5:74:75:B7:42:B2:3A:72:C5:3F:C1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 169E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PfDy9fI4NqVPxXR1t0KyOnLFP8E.roa
Signing time: Sat 20 Apr 2024 06:53:35 +0000
ROA not before: Sat 20 Apr 2024 06:53:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5790 (0x169e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 06:53:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3DF0F2F5F23836A54FC57475B742B23A72C53FC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3b:38:88:02:bc:bb:0d:c2:de:4e:3c:9e:08:
0c:93:06:fe:8e:61:e0:31:83:a3:2b:c5:80:b1:a2:
7a:6f:64:ef:64:9f:45:bf:af:30:ed:af:4e:82:de:
ce:70:61:ff:cf:05:11:2c:a3:c4:22:18:69:a3:98:
b1:1c:55:1a:c5:8f:f0:69:ee:a7:9f:9d:4b:35:68:
c4:2c:27:bf:e0:31:76:64:cc:a2:ce:0b:a2:f6:a6:
df:a3:f0:cd:fd:34:03:3a:51:f9:c9:cb:b8:d4:8f:
1b:b4:1d:7e:e1:4f:c1:89:3d:9d:b6:14:42:90:95:
4e:31:a4:94:c1:10:11:70:90:09:d8:9a:66:9c:82:
d4:c7:38:ee:d7:76:a9:c7:dc:7a:80:a5:fe:4c:ee:
08:24:c8:97:92:d6:bb:b5:09:2a:25:52:c8:da:da:
d0:d4:8e:15:b0:c4:c2:44:b5:17:6d:b5:76:5e:15:
07:7f:91:fe:93:e6:ac:04:ed:a3:40:d8:83:70:16:
ae:cd:3c:e2:b3:7d:e4:07:b0:ee:2f:f2:0c:2a:d8:
76:4d:69:a3:8d:e2:8b:25:7c:04:54:19:36:1a:2c:
03:55:04:bc:36:2e:7f:2d:5f:d4:a9:02:0e:76:dc:
94:12:6d:29:43:52:2b:21:85:35:82:b3:ee:ef:45:
eb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F0:F2:F5:F2:38:36:A5:4F:C5:74:75:B7:42:B2:3A:72:C5:3F:C1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PfDy9fI4NqVPxXR1t0KyOnLFP8E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:8b:55:cc:a7:ef:11:a8:51:2e:3a:04:15:e0:fa:ae:b1:00:
e1:fe:1e:55:fb:b5:1a:d9:32:ab:b8:fe:12:82:40:53:51:15:
8d:4b:6e:02:4d:c1:1d:2b:50:e3:6c:0e:31:9c:dc:64:44:aa:
ea:21:f8:fc:a5:d2:99:fe:20:1c:3a:6f:ac:e8:b2:63:c4:14:
78:44:a6:43:38:84:0d:67:c3:b1:ae:86:ed:42:01:d9:2c:9e:
b6:e4:38:1f:83:7a:e5:ed:5b:62:dc:a4:16:6c:0e:50:a8:f8:
ad:0d:88:87:3a:1d:d7:b8:ef:b8:76:e5:c6:c0:e9:2d:ad:04:
e3:af:aa:25:a5:87:21:dd:d0:3c:f8:b1:eb:75:b7:81:e6:fd:
14:e5:21:35:fa:63:9a:af:5b:76:a1:19:6a:80:e0:7b:fa:ad:
79:e4:a7:99:bd:7e:76:0d:38:47:0e:ad:66:9c:d4:f9:54:ee:
8c:a3:7b:1d:b3:54:27:fc:f9:8c:92:84:45:0d:69:09:7e:e9:
d8:69:b7:68:dc:c5:da:59:94:94:3c:e3:b7:fc:bf:14:51:34:
37:3c:6a:63:ad:31:b6:93:f3:a7:b7:2e:49:13:b5:d8:f8:f7:
06:30:f9:e8:c0:da:d9:98:0a:1f:ca:4c:8c:93:2e:0f:f9:5f:
f8:bf:b6:a2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFp4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAw
NjUzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNERjBGMkY1RjIzODM2
QTU0RkM1NzQ3NUI3NDJCMjNBNzJDNTNGQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/OziIAry7DcLeTjyeCAyTBv6OYeAxg6MrxYCxonpvZO9kn0W/
rzDtr06C3s5wYf/PBREso8QiGGmjmLEcVRrFj/Bp7qefnUs1aMQsJ7/gMXZkzKLO
C6L2pt+j8M39NAM6UfnJy7jUjxu0HX7hT8GJPZ22FEKQlU4xpJTBEBFwkAnYmmac
gtTHOO7XdqnH3HqApf5M7ggkyJeS1ru1CSolUsja2tDUjhWwxMJEtRdttXZeFQd/
kf6T5qwE7aNA2INwFq7NPOKzfeQHsO4v8gwq2HZNaaON4oslfARUGTYaLANVBLw2
Ln8tX9SpAg523JQSbSlDUishhTWCs+7vRes1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPfDy9fI4NqVPxXR1t0KyOnLFP8EwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BmRHk5Zkk0TnFWUHhY
UjF0MEt5T25MRlA4RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAyotVzKfvEahRLjoEFeD6rrEA4f4eVfu1
Gtkyq7j+EoJAU1EVjUtuAk3BHStQ42wOMZzcZESq6iH4/KXSmf4gHDpvrOiyY8QU
eESmQziEDWfDsa6G7UIB2SyetuQ4H4N65e1bYtykFmwOUKj4rQ2Ihzod17jvuHbl
xsDpLa0E46+qJaWHId3QPPix63W3geb9FOUhNfpjmq9bdqEZaoDge/qteeSnmb1+
dg04Rw6tZpzU+VTujKN7HbNUJ/z5jJKERQ1pCX7p2Gm3aNzF2lmUlDzjt/y/FFE0
NzxqY60xtpPzp7cuSRO12Pj3BjD56MDa2ZgKH8pMjJMuD/lf+L+2og==
-----END CERTIFICATE-----
Generated at Sat Apr 20 08:17:34 2024 by rpki-client on console-fra.rpki-client.org