Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PsMObqb80GY8SyYIafIr-Au1PE8.roa
File: PsMObqb80GY8SyYIafIr-Au1PE8.roa (raw, json)
Hash identifier: hT+rnU76n1iPAm0C4rkivfYhE2cLCpnQGJEe5t7wA/Q=
Subject key identifier: 3E:C3:0E:6E:A6:FC:D0:66:3C:4B:26:08:69:F2:2B:F8:0B:B5:3C:4F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C90
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PsMObqb80GY8SyYIafIr-Au1PE8.roa
Signing time: Mon 06 May 2024 03:24:22 +0000
ROA not before: Mon 06 May 2024 03:24:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7312 (0x1c90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 6 03:24:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3EC30E6EA6FCD0663C4B260869F22BF80BB53C4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:17:93:e9:0d:3e:4e:77:7f:d8:d2:85:4f:a7:
50:8b:ef:c6:0f:16:c6:ad:62:1e:e4:51:78:4a:90:
fe:98:9f:85:c2:88:cb:73:62:ca:39:44:be:1e:00:
da:a7:f7:ac:ed:57:a6:f4:53:5b:e5:84:f5:25:6f:
5a:f5:de:6d:f1:72:9c:82:02:90:73:d0:b2:93:eb:
c1:55:84:a1:83:59:f4:64:eb:a5:04:71:fa:a0:bc:
96:75:28:4a:2d:e7:a2:90:b9:42:aa:83:d1:dd:fc:
8a:45:50:67:95:bb:00:b2:34:d6:6e:99:2a:18:e0:
18:b5:95:ce:10:89:05:48:82:44:01:a4:6b:6d:02:
1f:28:c2:0e:af:92:68:56:75:5e:42:bc:2e:de:47:
7b:d8:0c:da:1d:d2:86:e3:0e:3e:73:9a:f7:0b:f4:
8d:ee:3f:19:ed:70:97:b7:b1:71:92:be:38:ea:66:
5b:46:19:5e:30:1f:1c:e2:9c:38:28:1c:66:97:2b:
fd:c2:e4:50:f0:8e:f2:78:27:6c:81:75:dd:50:5e:
10:4e:11:ac:0a:c3:9f:ff:4f:14:76:72:33:b4:4e:
34:f4:9d:4c:e0:bf:aa:68:d0:77:61:c4:32:99:5b:
f3:0e:3f:bb:fe:b0:6e:c3:77:c8:07:f0:07:ad:80:
9b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C3:0E:6E:A6:FC:D0:66:3C:4B:26:08:69:F2:2B:F8:0B:B5:3C:4F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PsMObqb80GY8SyYIafIr-Au1PE8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:a7:6a:ce:9d:67:10:9f:97:62:37:73:8d:0c:82:0e:a0:5a:
f7:22:6f:f1:c8:e0:b4:b9:18:87:cd:76:b1:05:33:c4:58:03:
5c:b3:2b:a3:b7:dc:48:43:9c:87:32:49:52:55:ae:2f:81:a8:
b0:38:fb:b9:00:f1:dc:6c:fe:ff:dc:5a:28:1c:63:c7:bc:4f:
b4:bd:ff:d7:27:06:f1:3b:18:69:2b:a4:1f:57:ed:e7:d0:08:
b2:2a:1f:84:94:72:5e:53:92:de:09:cf:61:15:f9:bf:87:58:
e8:86:58:07:b6:37:48:5f:42:98:16:3f:44:c7:bc:d5:30:35:
db:fb:e1:05:c3:d2:75:86:5e:7b:64:d9:3e:65:3e:a0:04:52:
00:40:a6:18:55:3a:f6:41:78:5b:1e:ec:50:46:f0:45:78:27:
b0:5e:f5:a0:eb:b1:27:a7:e9:bb:a8:8a:0b:4c:fb:dc:83:5e:
70:0b:9f:52:84:28:0f:71:64:ce:78:33:1a:ac:17:0e:44:c7:
ae:45:2c:29:88:2e:86:87:ee:05:aa:ee:1d:11:4d:9d:c0:fd:
10:a8:bd:f9:c0:f7:01:f6:82:78:b1:2b:ce:79:e2:59:93:85:
0b:35:a9:3a:f4:a5:46:0f:71:95:e4:83:3b:38:be:4a:7a:48:
c7:e7:c0:05
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDYw
MzI0MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNFQzMwRTZFQTZGQ0Qw
NjYzQzRCMjYwODY5RjIyQkY4MEJCNTNDNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0F5PpDT5Od3/Y0oVPp1CL78YPFsatYh7kUXhKkP6Yn4XCiMtz
Yso5RL4eANqn96ztV6b0U1vlhPUlb1r13m3xcpyCApBz0LKT68FVhKGDWfRk66UE
cfqgvJZ1KEot56KQuUKqg9Hd/IpFUGeVuwCyNNZumSoY4Bi1lc4QiQVIgkQBpGtt
Ah8owg6vkmhWdV5CvC7eR3vYDNod0objDj5zmvcL9I3uPxntcJe3sXGSvjjqZltG
GV4wHxzinDgoHGaXK/3C5FDwjvJ4J2yBdd1QXhBOEawKw5//TxR2cjO0TjT0nUzg
v6po0HdhxDKZW/MOP7v+sG7Dd8gH8AetgJt7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPsMObqb80GY8SyYIafIr+Au1PE8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BzTU9icWI4MEdZOFN5
WUlhZklyLUF1MVBFOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAHKdqzp1nEJ+XYjdzjQyCDqBa9yJv8cjg
tLkYh812sQUzxFgDXLMro7fcSEOchzJJUlWuL4GosDj7uQDx3Gz+/9xaKBxjx7xP
tL3/1ycG8TsYaSukH1ft59AIsiofhJRyXlOS3gnPYRX5v4dY6IZYB7Y3SF9CmBY/
RMe81TA12/vhBcPSdYZee2TZPmU+oARSAECmGFU69kF4Wx7sUEbwRXgnsF71oOux
J6fpu6iKC0z73INecAufUoQoD3FkzngzGqwXDkTHrkUsKYguhofuBaruHRFNncD9
EKi9+cD3AfaCeLErznniWZOFCzWpOvSlRg9xleSDOzi+SnpIx+fABQ==
-----END CERTIFICATE-----
Generated at Mon May 6 08:26:49 2024 by rpki-client on console-fra.rpki-client.org