Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Y_P2hZChSOPKDR6eCelllyF2zYQ.roa
File: Y_P2hZChSOPKDR6eCelllyF2zYQ.roa (raw, json)
Hash identifier: tPWUM/WVOXkUQqxNz4JmBq0tZehwyLbLu1AfjqQoezE=
Subject key identifier: 63:F3:F6:85:90:A1:48:E3:CA:0D:1E:9E:09:E9:65:97:21:76:CD:84
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 17F6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Y_P2hZChSOPKDR6eCelllyF2zYQ.roa
Signing time: Tue 23 Apr 2024 20:54:23 +0000
ROA not before: Tue 23 Apr 2024 20:54:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6134 (0x17f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 23 20:54:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=63F3F68590A148E3CA0D1E9E09E965972176CD84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:12:3c:9a:1b:3f:d0:ab:ed:27:e6:8a:fd:ef:
ab:69:d4:5f:da:06:32:bd:07:3b:15:12:3b:92:46:
bb:0b:06:9e:91:f4:c5:62:87:03:55:30:87:a5:5f:
8b:d0:36:99:f7:80:ff:2c:ac:df:f1:f9:35:b3:95:
8d:7b:49:82:6d:91:29:ac:9f:38:34:f2:34:27:35:
9c:d9:03:e9:10:68:bd:ad:c7:45:44:4d:c8:92:b8:
ae:a2:15:99:28:2b:d0:70:72:86:bd:74:b3:b7:ab:
03:ad:4b:df:9d:58:a6:64:b1:2e:cb:8e:bb:4c:e7:
c2:a3:c8:af:a7:b9:4b:ff:4e:95:37:04:23:40:3f:
b5:b9:dc:28:03:72:7c:b8:e0:69:10:27:d3:7b:70:
b7:e6:00:96:61:16:a5:b0:76:62:f2:bc:e4:71:ca:
82:f7:86:10:ce:d6:9f:5e:a4:3c:cb:da:41:6e:dc:
e1:eb:69:b6:40:0a:72:f4:f3:a9:69:da:8d:28:b4:
28:5f:40:e9:29:93:16:35:df:68:b1:49:ff:31:db:
3b:cb:1a:2b:d4:01:f8:14:5d:44:06:4a:52:c1:ab:
9d:12:c4:8c:ec:89:ef:65:0d:36:6b:fc:f4:47:ad:
c6:db:1a:64:de:af:4d:8e:49:ec:0e:18:8f:76:18:
cc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F3:F6:85:90:A1:48:E3:CA:0D:1E:9E:09:E9:65:97:21:76:CD:84
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Y_P2hZChSOPKDR6eCelllyF2zYQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:82:d6:22:fb:2d:05:68:81:c5:2d:9e:76:56:a1:8c:f6:59:
df:7a:4c:30:33:66:dd:fd:e3:be:e3:b3:13:d9:c2:16:7f:cc:
3e:f1:19:5c:38:1a:8f:fe:9f:ee:e6:55:c2:7c:6a:a1:93:76:
dc:c2:0d:e3:6f:2d:b2:d8:5c:30:e3:6c:4d:da:a7:3f:cc:22:
65:d3:b7:2d:b6:a6:1e:21:3f:55:23:da:e3:b4:6d:46:f6:0d:
ea:14:d4:3d:76:f1:7c:8f:7f:41:f4:a1:0b:60:6f:99:36:d5:
3a:b6:57:67:7d:b7:a1:8a:e2:ab:bc:b3:38:92:96:b5:9e:71:
da:8a:9b:22:a9:33:4d:2c:fb:e3:e7:4a:df:4a:9c:1c:ef:b6:
44:03:d4:16:bf:d7:64:d6:8e:09:3f:07:9f:a6:54:6c:7f:08:
56:6f:49:1c:5c:2b:c2:c1:e1:09:cb:5a:3c:f5:59:3f:73:d6:
e0:10:80:d0:a7:13:43:54:b6:8d:d0:1a:91:db:92:19:3c:2c:
bd:82:16:ac:5c:f0:44:fe:1b:a8:04:e7:58:84:1c:f6:50:e2:
7f:0d:6c:4c:ca:bb:ec:b2:d7:17:3d:6e:d4:ea:7f:8e:d4:74:
1a:6d:58:af:c9:66:19:88:4b:01:3e:21:b8:cb:e9:f5:26:5f:
ae:b0:5e:45
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICF/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjMy
MDU0MjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzRjNGNjg1OTBBMTQ4
RTNDQTBEMUU5RTA5RTk2NTk3MjE3NkNEODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEEjyaGz/Qq+0n5or976tp1F/aBjK9BzsVEjuSRrsLBp6R9MVi
hwNVMIelX4vQNpn3gP8srN/x+TWzlY17SYJtkSmsnzg08jQnNZzZA+kQaL2tx0VE
TciSuK6iFZkoK9Bwcoa9dLO3qwOtS9+dWKZksS7LjrtM58KjyK+nuUv/TpU3BCNA
P7W53CgDcny44GkQJ9N7cLfmAJZhFqWwdmLyvORxyoL3hhDO1p9epDzL2kFu3OHr
abZACnL086lp2o0otChfQOkpkxY132ixSf8x2zvLGivUAfgUXUQGSlLBq50SxIzs
ie9lDTZr/PRHrcbbGmTer02OSewOGI92GMyTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUY/P2hZChSOPKDR6eCelllyF2zYQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1lfUDJoWkNoU09QS0RS
NmVDZWxsbHlGMnpZUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAU4LWIvstBWiBxS2edlahjPZZ33pMMDNm
3f3jvuOzE9nCFn/MPvEZXDgaj/6f7uZVwnxqoZN23MIN428tsthcMONsTdqnP8wi
ZdO3LbamHiE/VSPa47RtRvYN6hTUPXbxfI9/QfShC2BvmTbVOrZXZ323oYriq7yz
OJKWtZ5x2oqbIqkzTSz74+dK30qcHO+2RAPUFr/XZNaOCT8Hn6ZUbH8IVm9JHFwr
wsHhCctaPPVZP3PW4BCA0KcTQ1S2jdAakduSGTwsvYIWrFzwRP4bqATnWIQc9lDi
fw1sTMq77LLXFz1u1Op/jtR0Gm1Yr8lmGYhLAT4huMvp9SZfrrBeRQ==
-----END CERTIFICATE-----
Generated at Tue Apr 23 23:01:52 2024 by rpki-client on console-ams.rpki-client.org