Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ULjY56v0EY5OA0Dnqo8ajQJ5JhU.roa
File: ULjY56v0EY5OA0Dnqo8ajQJ5JhU.roa (raw, json)
Hash identifier: /nyya+JA38PENyDelhf5cy6GYkKItAGaEjG5RqSStLk=
Subject key identifier: 50:B8:D8:E7:AB:F4:11:8E:4E:03:40:E7:AA:8F:1A:8D:02:79:26:15
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11CE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ULjY56v0EY5OA0Dnqo8ajQJ5JhU.roa
Signing time: Sun 07 Apr 2024 10:52:55 +0000
ROA not before: Sun 07 Apr 2024 10:52:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4558 (0x11ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 10:52:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50B8D8E7ABF4118E4E0340E7AA8F1A8D02792615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:60:33:54:94:27:c1:c9:1d:a9:25:b3:a8:96:
7a:97:2e:3d:e4:32:b1:3c:7f:56:a2:18:51:de:37:
f1:ee:2e:0a:e7:3a:4b:3f:a5:8f:6a:68:a1:73:99:
f7:1b:0d:cf:d9:d2:fa:a6:62:96:92:9d:b8:8f:94:
dd:e2:6a:64:04:ea:b3:67:75:89:cb:4c:63:cd:93:
a2:1a:9a:b7:22:ca:a4:54:b2:2b:54:e1:07:86:d8:
7c:a9:7b:0a:ad:5c:c1:5b:bf:84:ed:2b:91:a1:e4:
eb:45:04:6e:d7:4a:4e:3e:f4:b5:ed:42:5c:70:85:
59:12:08:79:f5:85:12:fc:09:ae:87:6f:4b:be:d1:
29:b1:de:5a:de:b8:3f:7c:78:53:66:49:13:83:56:
e5:ce:5e:9a:5f:dd:77:b5:00:29:17:1b:7c:51:81:
09:79:85:3d:09:8e:2f:69:1a:15:86:4d:c1:72:da:
f4:13:66:9b:77:4b:f4:a6:86:a4:4a:e9:fe:52:de:
cf:ff:f8:89:a0:89:07:cb:74:71:12:97:1d:cb:a0:
e9:93:bb:8a:3d:da:f6:9b:c4:5b:f1:73:04:76:c5:
81:b0:c4:21:3f:7d:21:12:59:4b:81:f3:ce:28:64:
a3:9a:48:52:31:8e:56:c8:5c:92:7b:c0:63:16:36:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B8:D8:E7:AB:F4:11:8E:4E:03:40:E7:AA:8F:1A:8D:02:79:26:15
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ULjY56v0EY5OA0Dnqo8ajQJ5JhU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:c2:5f:ca:a4:67:48:c4:24:20:08:56:62:09:4d:a2:25:e5:
41:c6:59:3c:ba:80:d5:38:ab:6b:83:9f:90:51:c9:1c:cb:52:
21:fa:5d:51:aa:5c:97:9e:15:1b:1a:b7:4a:07:d7:37:cd:d9:
b5:0e:ec:96:af:74:f3:87:df:7b:bd:09:25:b4:3b:72:a4:f5:
a2:34:5a:30:54:6e:5c:25:92:cd:d1:2f:c3:d7:7f:d0:45:4b:
8b:de:fd:e4:e0:64:78:f8:31:c7:f9:08:ea:e7:7b:5c:db:9a:
9b:93:a9:93:a9:67:73:55:df:a8:f2:5c:37:e0:b7:d2:d8:28:
40:ad:8e:76:68:d2:a9:6f:77:03:da:fc:fe:d8:0b:0a:ea:47:
e8:c5:29:d8:10:3b:63:fe:86:6f:4e:a8:87:8f:a1:1b:10:7b:
eb:cd:c3:fb:00:5c:45:2d:9c:10:60:ab:95:88:91:bb:36:de:
75:46:99:0f:c9:4c:f1:83:6c:59:37:ab:7f:df:1e:3d:9d:3e:
b4:a9:c3:6c:54:0b:88:89:a1:c2:7f:5c:e4:4e:85:b5:b8:45:
61:89:0c:37:b5:b3:58:09:7c:4f:d7:b8:36:21:47:dd:5e:f5:
39:3c:15:b9:1b:4e:c7:e0:2b:c1:59:2f:60:a2:c9:d7:cd:f1:
81:b3:f5:a6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEc4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcx
MDUyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwQjhEOEU3QUJGNDEx
OEU0RTAzNDBFN0FBOEYxQThEMDI3OTI2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNYDNUlCfByR2pJbOolnqXLj3kMrE8f1aiGFHeN/HuLgrnOks/
pY9qaKFzmfcbDc/Z0vqmYpaSnbiPlN3iamQE6rNndYnLTGPNk6IamrciyqRUsitU
4QeG2HypewqtXMFbv4TtK5Gh5OtFBG7XSk4+9LXtQlxwhVkSCHn1hRL8Ca6Hb0u+
0Smx3lreuD98eFNmSRODVuXOXppf3Xe1ACkXG3xRgQl5hT0Jji9pGhWGTcFy2vQT
Zpt3S/SmhqRK6f5S3s//+ImgiQfLdHESlx3LoOmTu4o92vabxFvxcwR2xYGwxCE/
fSESWUuB884oZKOaSFIxjlbIXJJ7wGMWNhHLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUULjY56v0EY5OA0Dnqo8ajQJ5JhUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1VMalk1NnYwRVk1T0Ew
RG5xbzhhalFKNUpoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAU8JfyqRnSMQkIAhWYglNoiXlQcZZPLqA
1Tira4OfkFHJHMtSIfpdUapcl54VGxq3SgfXN83ZtQ7slq9084ffe70JJbQ7cqT1
ojRaMFRuXCWSzdEvw9d/0EVLi9795OBkePgxx/kI6ud7XNuam5Opk6lnc1XfqPJc
N+C30tgoQK2OdmjSqW93A9r8/tgLCupH6MUp2BA7Y/6Gb06oh4+hGxB7683D+wBc
RS2cEGCrlYiRuzbedUaZD8lM8YNsWTerf98ePZ0+tKnDbFQLiImhwn9c5E6FtbhF
YYkMN7WzWAl8T9e4NiFH3V71OTwVuRtOx+ArwVkvYKLJ183xgbP1pg==
-----END CERTIFICATE-----
Generated at Sun Apr 7 14:34:34 2024 by rpki-client on console-fra.rpki-client.org