Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Y0b7eynhpUNBoI4jXLrrp0xS1co.roa
File: Y0b7eynhpUNBoI4jXLrrp0xS1co.roa (raw, json)
Hash identifier: a5AcyS/SiC3FXO5c+eIjDWqc8d0biVk2Ac148EOeZqo=
Subject key identifier: 63:46:FB:7B:29:E1:A5:43:41:A0:8E:23:5C:BA:EB:A7:4C:52:D5:CA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FAE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Y0b7eynhpUNBoI4jXLrrp0xS1co.roa
Signing time: Mon 01 Apr 2024 18:52:45 +0000
ROA not before: Mon 01 Apr 2024 18:52:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4014 (0xfae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 18:52:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6346FB7B29E1A54341A08E235CBAEBA74C52D5CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b8:93:d7:37:b1:4c:8d:96:5d:a2:1a:be:5d:
61:ba:4a:76:89:9d:8c:e8:90:6c:53:2e:17:9d:aa:
41:8d:7e:b9:a3:43:e9:72:0c:79:1f:81:8c:c4:fb:
28:9a:30:fa:13:65:b9:7c:43:02:a3:af:fa:b5:e1:
00:c6:66:ea:83:70:df:4d:79:a7:00:55:76:d9:83:
c0:1d:8f:ff:65:e8:7b:9e:7c:31:fb:71:29:cd:11:
06:35:c3:48:8e:5f:29:6b:98:97:ae:96:1a:81:3b:
7f:48:1e:00:4c:2b:4f:f9:c4:04:2e:30:48:b3:2f:
bb:56:d1:0c:6a:ea:c0:7b:81:f3:da:b0:8d:93:ee:
0d:1b:e0:08:24:e7:b7:7e:f0:73:e5:36:a1:bc:d0:
f5:e3:f8:9f:ff:82:c7:68:cc:36:38:10:2d:40:6f:
dc:45:9b:a2:48:9a:0e:bc:15:91:b0:65:c0:ba:7e:
4a:0c:19:c8:c0:05:73:bc:5b:c7:16:e8:7e:3b:0d:
ec:0f:60:2a:25:86:d8:cc:de:df:03:1a:dc:d1:b7:
5e:0a:a1:9c:4b:40:85:2b:0b:af:93:b9:da:90:33:
84:c1:86:68:ae:b8:b2:14:9d:0d:03:20:3c:0f:90:
5c:4f:08:59:aa:dd:96:82:5d:b6:39:d1:4c:19:25:
4f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:46:FB:7B:29:E1:A5:43:41:A0:8E:23:5C:BA:EB:A7:4C:52:D5:CA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Y0b7eynhpUNBoI4jXLrrp0xS1co.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:0a:ab:4c:04:6f:1d:a1:06:c1:c4:93:17:bb:aa:aa:33:93:
7b:3a:dc:01:be:d4:82:e5:44:fa:37:31:dc:71:85:a3:cb:22:
28:ad:48:6b:c2:77:0f:43:a4:c1:2f:91:e6:a4:43:fa:46:ed:
26:7b:73:4a:6f:78:f8:af:a4:bd:12:ee:fe:9a:01:35:6f:03:
6e:68:81:9a:a2:93:17:f7:95:d8:36:cb:1c:8d:aa:71:65:f1:
9d:ed:cd:e2:f9:18:41:b7:f5:94:95:45:a4:02:7b:a5:19:21:
7c:31:b9:ee:18:d7:34:04:0d:93:aa:a5:50:45:5a:d8:d3:0e:
7d:7e:3f:49:d1:f7:8d:0e:6d:d1:61:49:69:ed:f2:ce:61:5b:
cb:60:75:49:58:71:d6:55:b1:02:9a:d4:a2:30:4e:46:21:68:
a7:ec:30:56:9d:7e:5e:6b:26:5b:be:b8:b5:5f:0f:48:35:14:
74:9a:1c:53:0b:1f:d0:3e:63:51:92:6a:23:42:a3:3c:0b:89:
dc:82:43:b4:a8:35:de:23:27:0e:77:ef:3a:76:ac:ed:2b:47:
59:86:62:7f:53:a9:08:c8:4f:20:d3:7c:0d:ce:f7:7b:28:c2:
30:c5:74:90:16:88:79:6a:ac:2e:48:1a:6d:62:db:5a:dc:c0:
5d:14:e5:c3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD64wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEx
ODUyNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzNDZGQjdCMjlFMUE1
NDM0MUEwOEUyMzVDQkFFQkE3NEM1MkQ1Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDruJPXN7FMjZZdohq+XWG6SnaJnYzokGxTLhedqkGNfrmjQ+ly
DHkfgYzE+yiaMPoTZbl8QwKjr/q14QDGZuqDcN9NeacAVXbZg8Adj/9l6HuefDH7
cSnNEQY1w0iOXylrmJeulhqBO39IHgBMK0/5xAQuMEizL7tW0Qxq6sB7gfPasI2T
7g0b4Agk57d+8HPlNqG80PXj+J//gsdozDY4EC1Ab9xFm6JImg68FZGwZcC6fkoM
GcjABXO8W8cW6H47DewPYColhtjM3t8DGtzRt14KoZxLQIUrC6+TudqQM4TBhmiu
uLIUnQ0DIDwPkFxPCFmq3ZaCXbY50UwZJU+TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUY0b7eynhpUNBoI4jXLrrp0xS1cowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1kwYjdleW5ocFVOQm9J
NGpYTHJycDB4UzFjby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAnAqrTARvHaEGwcSTF7uqqjOTezrcAb7U
guVE+jcx3HGFo8siKK1Ia8J3D0OkwS+R5qRD+kbtJntzSm94+K+kvRLu/poBNW8D
bmiBmqKTF/eV2DbLHI2qcWXxne3N4vkYQbf1lJVFpAJ7pRkhfDG57hjXNAQNk6ql
UEVa2NMOfX4/SdH3jQ5t0WFJae3yzmFby2B1SVhx1lWxAprUojBORiFop+wwVp1+
XmsmW764tV8PSDUUdJocUwsf0D5jUZJqI0KjPAuJ3IJDtKg13iMnDnfvOnas7StH
WYZif1OpCMhPINN8Dc73eyjCMMV0kBaIeWqsLkgabWLbWtzAXRTlww==
-----END CERTIFICATE-----
Generated at Mon Apr 1 20:34:09 2024 by rpki-client on console-fra.rpki-client.org