Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PyUdI5A-SfxIXiuXEz5VD0b4isM.roa
File: PyUdI5A-SfxIXiuXEz5VD0b4isM.roa (raw, json)
Hash identifier: HSzIQ+6vd8X46YuVb69OdzZgLDTrtUpGZeR2dfecq1k=
Subject key identifier: 3F:25:1D:23:90:3E:49:FC:48:5E:2B:97:13:3E:55:0F:46:F8:8A:C3
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F0C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PyUdI5A-SfxIXiuXEz5VD0b4isM.roa
Signing time: Sun 31 Mar 2024 02:23:24 +0000
ROA not before: Sun 31 Mar 2024 02:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3852 (0xf0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 02:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3F251D23903E49FC485E2B97133E550F46F88AC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:0a:3f:c0:c2:f4:d2:6a:23:7f:05:08:0c:8a:
48:74:b3:27:75:e0:6e:70:02:6c:6b:d7:18:15:a1:
20:17:f4:41:9f:8f:1a:00:eb:38:7c:08:8a:cb:76:
f3:08:60:54:61:9a:49:ff:4f:3b:04:ea:58:00:5d:
7f:96:db:2f:dc:c8:91:76:69:45:03:ab:97:b6:c1:
3d:6a:c0:d4:f7:83:45:19:7c:1a:b3:85:ec:1a:be:
c5:2a:36:0a:54:dc:ad:fb:e9:7c:76:e8:ea:97:aa:
60:13:6a:3a:ef:18:a7:1f:fd:c8:88:d2:7a:73:23:
91:01:bf:c6:a1:18:b8:83:20:5a:bc:ff:be:3f:c3:
b3:e5:d4:47:65:ee:6e:53:f5:71:f3:82:59:0e:9b:
56:3d:a4:2c:b9:bb:16:82:5e:af:2f:5f:c5:2a:d2:
7c:6b:41:e0:fc:22:32:3a:56:5d:99:2b:b8:a8:47:
85:c1:48:c0:08:39:7c:aa:0d:1e:2f:34:f3:ff:d5:
29:f0:de:ef:97:28:b2:f5:87:40:f0:b2:48:18:77:
c6:06:29:8a:c0:8e:23:e3:b6:70:8a:e1:95:ec:24:
72:a4:d1:4d:65:b2:d3:67:0e:2e:ca:81:e4:91:58:
a6:74:be:f7:f1:9f:0b:85:00:5c:c9:b1:2a:3e:3e:
04:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:25:1D:23:90:3E:49:FC:48:5E:2B:97:13:3E:55:0F:46:F8:8A:C3
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PyUdI5A-SfxIXiuXEz5VD0b4isM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:bd:17:90:e7:82:50:ca:de:b5:60:52:5d:16:50:11:90:af:
87:ed:ed:64:93:1a:e1:d6:15:c7:8b:ea:7e:ea:02:41:20:3c:
3e:fa:5f:74:cb:8b:7a:fc:2c:83:49:b8:8f:16:38:f9:25:81:
00:c8:6a:41:7a:95:2f:75:70:a6:d5:d1:33:2c:d2:8b:ad:6a:
f4:75:bd:cb:d5:8e:59:c3:89:a5:00:9d:90:94:57:7f:6c:85:
54:4a:dd:fa:41:99:19:21:69:63:c6:db:fe:ae:be:49:00:ae:
25:ef:cc:38:3a:0b:c7:c2:26:33:05:d4:52:c7:05:e6:a3:84:
11:5c:26:9d:d5:39:52:49:e1:16:77:ba:53:e3:7d:c2:ae:5b:
21:e4:e8:a0:34:5b:49:45:49:9a:c7:73:e0:f6:d7:28:8a:12:
ae:fd:ec:5e:38:e6:4c:60:05:14:ed:52:e6:b0:c6:19:aa:4e:
57:ca:17:f5:7d:ab:64:bf:27:c2:c6:ae:fa:80:37:cc:27:a6:
55:c5:ea:68:b8:1f:cc:d1:9c:63:a4:fb:12:ba:ec:db:33:a7:
06:b5:29:49:66:33:5f:4e:e2:63:94:c2:70:c5:61:0f:8a:73:
b8:cb:9e:6a:40:c7:b6:6a:d8:5a:18:72:1f:7d:99:35:56:ba:
11:e4:07:26
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDwwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEw
MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNGMjUxRDIzOTAzRTQ5
RkM0ODVFMkI5NzEzM0U1NTBGNDZGODhBQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoCj/AwvTSaiN/BQgMikh0syd14G5wAmxr1xgVoSAX9EGfjxoA
6zh8CIrLdvMIYFRhmkn/TzsE6lgAXX+W2y/cyJF2aUUDq5e2wT1qwNT3g0UZfBqz
hewavsUqNgpU3K376Xx26OqXqmATajrvGKcf/ciI0npzI5EBv8ahGLiDIFq8/74/
w7Pl1Edl7m5T9XHzglkOm1Y9pCy5uxaCXq8vX8Uq0nxrQeD8IjI6Vl2ZK7ioR4XB
SMAIOXyqDR4vNPP/1Snw3u+XKLL1h0DwskgYd8YGKYrAjiPjtnCK4ZXsJHKk0U1l
stNnDi7KgeSRWKZ0vvfxnwuFAFzJsSo+PgSfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPyUdI5A+SfxIXiuXEz5VD0b4isMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1B5VWRJNUEtU2Z4SVhp
dVhFejVWRDBiNGlzTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAy70XkOeCUMretWBSXRZQEZCvh+3tZJMa
4dYVx4vqfuoCQSA8PvpfdMuLevwsg0m4jxY4+SWBAMhqQXqVL3VwptXRMyzSi61q
9HW9y9WOWcOJpQCdkJRXf2yFVErd+kGZGSFpY8bb/q6+SQCuJe/MODoLx8ImMwXU
UscF5qOEEVwmndU5UknhFne6U+N9wq5bIeTooDRbSUVJmsdz4PbXKIoSrv3sXjjm
TGAFFO1S5rDGGapOV8oX9X2rZL8nwsau+oA3zCemVcXqaLgfzNGcY6T7Errs2zOn
BrUpSWYzX07iY5TCcMVhD4pzuMueakDHtmrYWhhyH32ZNVa6EeQHJg==
-----END CERTIFICATE-----
Generated at Sun Mar 31 03:59:22 2024 by rpki-client on console-fra.rpki-client.org