Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/aeitiOudXgyqvBKHAIJsYLKZ7oY.roa
File: aeitiOudXgyqvBKHAIJsYLKZ7oY.roa (raw, json)
Hash identifier: v/ZGcgCv56jmbhwlGCnMoRKF7K8pijpdnXEq8byRmTw=
Subject key identifier: 69:E8:AD:88:EB:9D:5E:0C:AA:BC:12:87:00:82:6C:60:B2:99:EE:86
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 14C8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/aeitiOudXgyqvBKHAIJsYLKZ7oY.roa
Signing time: Mon 15 Apr 2024 09:23:18 +0000
ROA not before: Mon 15 Apr 2024 09:23:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5320 (0x14c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 09:23:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=69E8AD88EB9D5E0CAABC128700826C60B299EE86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:55:19:21:7c:ea:99:e8:f8:5a:89:78:08:7d:
ba:04:2f:60:2b:05:9b:03:55:7a:1e:cb:93:30:39:
47:33:97:8f:b4:40:93:87:aa:97:5c:54:45:17:17:
bf:b4:5c:e7:b6:6a:f1:0e:09:fd:77:31:80:c4:7e:
d2:a2:ef:b9:3c:d2:a6:35:dd:ec:5d:55:f9:9b:79:
56:f0:0c:64:6d:73:e4:33:25:2a:36:9e:11:f1:ee:
20:11:66:d0:2f:77:2f:8c:fd:8e:39:c1:ca:22:b8:
e0:42:c4:9b:ab:db:55:28:35:8b:c9:a5:9d:80:bf:
7b:b7:60:69:2e:0d:f5:a6:c8:85:45:a9:3d:62:59:
96:9b:ef:50:2f:c4:19:30:5a:71:56:0b:a8:4b:86:
4d:c2:ed:30:cd:79:4b:39:c9:5e:a8:7d:da:f8:3f:
f4:35:fe:e6:ab:1f:1a:40:37:17:0f:7e:5b:3c:6d:
24:cb:44:a7:fb:62:a9:4b:3c:4a:03:49:46:03:ed:
3d:02:4b:11:fc:80:d1:38:73:f1:88:f3:96:b8:5f:
b3:f5:3d:4f:11:0a:93:1a:ec:d2:06:f9:5b:cd:5e:
b1:14:a5:f8:45:5c:f1:f1:cf:e4:d4:d6:0e:24:fd:
60:69:d2:4a:6a:2c:96:d3:47:d0:e4:d2:af:91:69:
f7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E8:AD:88:EB:9D:5E:0C:AA:BC:12:87:00:82:6C:60:B2:99:EE:86
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/aeitiOudXgyqvBKHAIJsYLKZ7oY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:34:ed:73:49:0b:59:eb:6c:a4:8c:f9:8f:a4:bd:a3:48:d7:
c8:7a:58:aa:5b:85:a4:2c:43:31:fd:ad:97:d4:fe:70:5e:63:
85:2f:94:55:bd:5e:89:fe:82:8d:a9:bd:0d:3f:33:d5:bb:15:
d6:f3:42:67:3a:2d:aa:fd:47:a6:62:51:91:d2:fa:65:71:3c:
0b:17:e9:bf:9f:ec:8a:bb:fe:aa:95:50:db:32:7f:a3:c3:34:
e7:92:66:f7:e0:14:4d:df:50:e2:85:89:79:32:7a:82:17:9f:
dd:75:a7:f0:bd:c7:d9:79:80:80:a2:8f:b5:b6:30:34:62:43:
60:26:2a:96:72:ab:5f:41:3e:2b:e3:ac:7e:11:ff:bc:ca:e0:
4d:54:68:e4:bc:34:3c:d2:c0:a0:cc:ef:4c:56:ad:b6:3c:c3:
07:a8:7e:12:84:2f:b7:c2:e5:57:bd:16:a0:c6:c5:f6:bf:8e:
45:90:2c:d4:23:b5:b3:63:2b:5a:69:e5:c0:e9:fc:b5:d4:9b:
eb:3c:da:69:7e:bb:05:1e:77:22:0e:1e:50:3e:2a:21:53:08:
80:c2:1a:a4:1b:fc:2c:1b:73:e2:f6:6c:0e:d6:08:98:88:4b:
0f:05:53:f5:ab:0e:7d:cc:cc:f9:35:10:16:09:30:cd:ea:26:
cc:34:e4:9c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFMgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUw
OTIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5RThBRDg4RUI5RDVF
MENBQUJDMTI4NzAwODI2QzYwQjI5OUVFODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzVRkhfOqZ6PhaiXgIfboEL2ArBZsDVXoey5MwOUczl4+0QJOH
qpdcVEUXF7+0XOe2avEOCf13MYDEftKi77k80qY13exdVfmbeVbwDGRtc+QzJSo2
nhHx7iARZtAvdy+M/Y45wcoiuOBCxJur21UoNYvJpZ2Av3u3YGkuDfWmyIVFqT1i
WZab71AvxBkwWnFWC6hLhk3C7TDNeUs5yV6ofdr4P/Q1/uarHxpANxcPfls8bSTL
RKf7YqlLPEoDSUYD7T0CSxH8gNE4c/GI85a4X7P1PU8RCpMa7NIG+VvNXrEUpfhF
XPHxz+TU1g4k/WBp0kpqLJbTR9Dk0q+Rafe7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaeitiOudXgyqvBKHAIJsYLKZ7oYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2FlaXRpT3VkWGd5cXZC
S0hBSUpzWUxLWjdvWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAMzTtc0kLWetspIz5j6S9o0jXyHpYqluF
pCxDMf2tl9T+cF5jhS+UVb1eif6Cjam9DT8z1bsV1vNCZzotqv1HpmJRkdL6ZXE8
Cxfpv5/sirv+qpVQ2zJ/o8M055Jm9+AUTd9Q4oWJeTJ6ghef3XWn8L3H2XmAgKKP
tbYwNGJDYCYqlnKrX0E+K+OsfhH/vMrgTVRo5Lw0PNLAoMzvTFattjzDB6h+EoQv
t8LlV70WoMbF9r+ORZAs1CO1s2MrWmnlwOn8tdSb6zzaaX67BR53Ig4eUD4qIVMI
gMIapBv8LBtz4vZsDtYImIhLDwVT9asOfczM+TUQFgkwzeomzDTknA==
-----END CERTIFICATE-----
Generated at Mon Apr 15 14:34:12 2024 by rpki-client on console-ams.rpki-client.org