Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/_oe7goQMkREddXvSQcvhbqQgFEc.roa
File: _oe7goQMkREddXvSQcvhbqQgFEc.roa (raw, json)
Hash identifier: 174el6+0wdrgE4v9chyEOOuCmKOR3XdcMKrN8Q1xVDQ=
Subject key identifier: FE:87:BB:82:84:0C:91:11:1D:75:7B:D2:41:CB:E1:6E:A4:20:14:47
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F2A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_oe7goQMkREddXvSQcvhbqQgFEc.roa
Signing time: Sun 31 Mar 2024 09:52:33 +0000
ROA not before: Sun 31 Mar 2024 09:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3882 (0xf2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 09:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FE87BB82840C91111D757BD241CBE16EA4201447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f8:72:2a:14:04:0a:a8:d3:b0:b6:e2:7b:a8:
44:a6:9b:37:43:87:75:1d:0c:13:51:63:c6:50:66:
0e:a6:17:3b:51:53:5c:75:03:99:20:0b:42:14:b3:
1d:97:31:d6:c0:a6:ba:00:6e:f3:54:fb:e5:19:83:
a6:42:a4:bd:17:93:3c:56:66:e4:4e:06:97:6a:24:
c8:4d:66:8c:2d:2a:18:82:24:00:d8:09:54:10:a9:
b1:0a:56:34:e9:8d:01:36:98:d4:c5:29:32:70:ea:
f5:d2:f6:a1:84:20:39:2e:bc:04:b9:eb:40:79:01:
73:cf:7f:49:25:97:d6:c2:ce:6c:2c:2b:a4:86:e0:
39:94:8c:27:5b:8a:2c:ac:87:8d:7f:d6:69:50:f2:
66:4f:80:ec:9a:92:15:9f:fb:00:d3:b4:4f:f0:ea:
a6:0c:36:fd:91:98:be:8d:89:c1:40:f3:15:fa:c3:
5e:fc:6d:d4:0e:b7:96:f5:21:72:c7:42:d1:36:0d:
1b:67:8c:d2:cd:dd:e6:bf:65:60:14:d1:e2:74:8f:
e0:cb:be:8c:16:f5:84:2c:9e:b3:8f:43:cf:a2:53:
7b:92:1c:2d:5a:44:f4:d0:8b:a1:01:0c:6a:fb:fc:
50:64:af:d9:85:c5:70:e0:0c:ff:9d:0a:cb:90:da:
81:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:87:BB:82:84:0C:91:11:1D:75:7B:D2:41:CB:E1:6E:A4:20:14:47
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_oe7goQMkREddXvSQcvhbqQgFEc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:62:4f:52:ec:5d:3b:b9:83:03:84:a8:2e:e0:25:53:bf:d1:
43:0e:8b:b3:40:2d:98:f0:7c:54:fa:8c:74:77:65:7d:15:6e:
5d:55:ee:4c:31:ac:79:70:bc:99:f3:34:b3:ff:dd:63:d9:e9:
41:0a:a6:a6:42:37:25:90:a6:39:30:da:43:fd:2b:fd:46:8f:
3d:53:62:7c:04:8b:89:6e:22:83:e9:e1:df:f4:2b:36:b3:94:
c7:b2:2b:80:9f:fa:79:92:27:f1:e3:ed:11:4f:ac:3d:c7:2f:
3c:cb:89:b8:fb:c7:3a:27:a9:66:7f:34:61:3f:d5:fa:ee:5a:
5c:61:27:c0:c9:8d:d1:e2:76:46:c9:0d:7f:c5:27:fd:e5:21:
ea:1c:c7:02:2d:00:0b:d6:c7:d6:c8:31:10:1d:90:55:79:c1:
10:8c:2c:fb:ec:cb:8e:fb:0a:ab:30:cd:d4:f3:91:d1:4b:31:
10:25:71:93:13:7e:b2:a8:1c:a1:29:09:51:00:eb:c3:02:06:
56:1a:85:8d:bd:e8:a8:2c:6f:03:3e:93:aa:ba:f6:69:c9:ec:
84:b4:a3:33:43:f1:24:ac:42:4d:f8:71:65:5b:1f:68:59:2b:
ce:93:2e:2b:5c:42:52:6c:24:00:2e:ef:70:dc:71:50:8a:ee:
54:7a:40:06
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEw
OTUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFODdCQjgyODQwQzkx
MTExRDc1N0JEMjQxQ0JFMTZFQTQyMDE0NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa+HIqFAQKqNOwtuJ7qESmmzdDh3UdDBNRY8ZQZg6mFztRU1x1
A5kgC0IUsx2XMdbAproAbvNU++UZg6ZCpL0XkzxWZuROBpdqJMhNZowtKhiCJADY
CVQQqbEKVjTpjQE2mNTFKTJw6vXS9qGEIDkuvAS560B5AXPPf0kll9bCzmwsK6SG
4DmUjCdbiiysh41/1mlQ8mZPgOyakhWf+wDTtE/w6qYMNv2RmL6NicFA8xX6w178
bdQOt5b1IXLHQtE2DRtnjNLN3ea/ZWAU0eJ0j+DLvowW9YQsnrOPQ8+iU3uSHC1a
RPTQi6EBDGr7/FBkr9mFxXDgDP+dCsuQ2oEpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/oe7goQMkREddXvSQcvhbqQgFEcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL19vZTdnb1FNa1JFZGRY
dlNRY3ZoYnFRZ0ZFYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAH2JPUuxdO7mDA4SoLuAlU7/RQw6Ls0At
mPB8VPqMdHdlfRVuXVXuTDGseXC8mfM0s//dY9npQQqmpkI3JZCmOTDaQ/0r/UaP
PVNifASLiW4ig+nh3/QrNrOUx7IrgJ/6eZIn8ePtEU+sPccvPMuJuPvHOiepZn80
YT/V+u5aXGEnwMmN0eJ2RskNf8Un/eUh6hzHAi0AC9bH1sgxEB2QVXnBEIws++zL
jvsKqzDN1POR0UsxECVxkxN+sqgcoSkJUQDrwwIGVhqFjb3oqCxvAz6Tqrr2acns
hLSjM0PxJKxCTfhxZVsfaFkrzpMuK1xCUmwkAC7vcNxxUIruVHpABg==
-----END CERTIFICATE-----
Generated at Sun Mar 31 11:29:07 2024 by rpki-client on console-ams.rpki-client.org