Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/i0x8gZfJFzF0HgbNsbOc9rNfO48.roa
File: i0x8gZfJFzF0HgbNsbOc9rNfO48.roa (raw, json)
Hash identifier: 3i0ovLwPS0JVDoavrJN6n0xhVIa0QPrjHOTPjkXEoV4=
Subject key identifier: 8B:4C:7C:81:97:C9:17:31:74:1E:06:CD:B1:B3:9C:F6:B3:5F:3B:8F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0EF4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/i0x8gZfJFzF0HgbNsbOc9rNfO48.roa
Signing time: Sat 30 Mar 2024 20:22:35 +0000
ROA not before: Sat 30 Mar 2024 20:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3828 (0xef4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 20:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B4C7C8197C91731741E06CDB1B39CF6B35F3B8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:34:13:df:50:46:84:98:17:cc:7e:54:54:d7:
be:32:c0:19:95:d8:19:2b:56:fa:04:17:ec:7b:1d:
24:cd:1e:6b:7b:09:87:6d:93:aa:4b:7a:b2:bc:31:
4e:6f:c5:7f:94:09:e5:46:26:31:b0:3a:07:ef:e5:
9f:28:62:e6:e9:52:f2:a4:34:8e:4d:73:b3:80:fc:
b1:e5:64:98:3c:94:d1:fd:4a:69:da:96:f5:b6:53:
10:72:57:b9:68:99:96:09:f8:3d:ea:dd:0a:e5:2e:
7d:1c:54:dc:f5:23:b5:54:72:50:49:b8:e7:96:29:
8b:a6:93:ea:da:7f:35:e2:cc:63:0c:2c:15:a2:bf:
1c:ee:f1:00:05:de:62:81:3a:90:0d:6a:9f:e2:cc:
62:fa:88:a7:d0:cf:91:7f:ff:d1:16:45:4e:fa:64:
65:33:1d:45:f2:34:76:78:a8:10:49:fa:bc:b9:e5:
b8:56:92:db:e2:43:56:e1:0a:be:25:66:04:ba:41:
6d:62:be:23:c1:ff:1e:b3:a7:e6:ec:9b:af:e4:6a:
14:31:2d:0a:8a:97:2d:0c:29:a8:4f:28:d2:03:51:
85:db:c6:9a:02:4b:1a:e7:f1:ae:e6:c7:01:f0:91:
81:38:80:95:fd:c1:6e:fe:be:43:c1:95:11:95:99:
22:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4C:7C:81:97:C9:17:31:74:1E:06:CD:B1:B3:9C:F6:B3:5F:3B:8F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/i0x8gZfJFzF0HgbNsbOc9rNfO48.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:d3:3e:f8:d5:cb:9c:44:a7:86:d1:89:43:44:3f:db:6f:22:
b3:46:fa:2f:1d:4e:6e:44:8e:f4:5a:57:16:8e:df:4f:a8:22:
bf:fa:7f:23:ca:c5:56:b3:f9:1e:84:0d:ea:ca:ee:8d:b3:7c:
87:6c:b5:9f:1c:c4:f7:a5:b0:bd:c1:02:fa:ef:d5:d0:f8:91:
db:2c:ec:dc:95:b4:21:3f:34:3b:e5:84:ea:36:59:03:57:0a:
cd:59:d4:96:3b:04:57:c6:c1:7c:44:fc:fe:10:16:64:67:22:
84:0c:ce:0d:80:85:10:e8:f9:13:d3:52:6a:a1:f8:35:39:d0:
20:d7:4d:7f:60:99:30:bd:90:76:2c:04:ae:55:cd:45:06:95:
e0:ed:f4:ef:27:6c:eb:fd:59:fd:98:01:d2:6e:79:0b:c2:24:
aa:0b:20:29:0d:f7:20:3e:3b:b7:67:df:ab:96:11:ce:e3:6e:
cd:16:22:c7:91:f0:50:39:7d:90:34:1b:ec:e3:c4:1a:46:21:
7b:4a:b6:7b:51:24:0c:6e:f3:f7:bf:1e:10:9b:d4:b2:6f:55:
de:6a:8f:a2:9b:39:ad:53:ab:9e:ce:0a:f3:66:b4:ae:6f:48:
b4:39:2c:f1:8a:03:7b:01:ef:40:a4:36:30:7b:6d:42:21:ba:
8e:7d:e4:77
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAy
MDIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCNEM3QzgxOTdDOTE3
MzE3NDFFMDZDREIxQjM5Q0Y2QjM1RjNCOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZNBPfUEaEmBfMflRU174ywBmV2BkrVvoEF+x7HSTNHmt7CYdt
k6pLerK8MU5vxX+UCeVGJjGwOgfv5Z8oYubpUvKkNI5Nc7OA/LHlZJg8lNH9Smna
lvW2UxByV7lomZYJ+D3q3QrlLn0cVNz1I7VUclBJuOeWKYumk+rafzXizGMMLBWi
vxzu8QAF3mKBOpANap/izGL6iKfQz5F//9EWRU76ZGUzHUXyNHZ4qBBJ+ry55bhW
ktviQ1bhCr4lZgS6QW1iviPB/x6zp+bsm6/kahQxLQqKly0MKahPKNIDUYXbxpoC
Sxrn8a7mxwHwkYE4gJX9wW7+vkPBlRGVmSIrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUi0x8gZfJFzF0HgbNsbOc9rNfO48wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2kweDhnWmZKRnpGMEhn
Yk5zYk9jOXJOZk80OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAPtM++NXLnESnhtGJQ0Q/228is0b6Lx1O
bkSO9FpXFo7fT6giv/p/I8rFVrP5HoQN6srujbN8h2y1nxzE96WwvcEC+u/V0PiR
2yzs3JW0IT80O+WE6jZZA1cKzVnUljsEV8bBfET8/hAWZGcihAzODYCFEOj5E9NS
aqH4NTnQINdNf2CZML2QdiwErlXNRQaV4O307yds6/1Z/ZgB0m55C8IkqgsgKQ33
ID47t2ffq5YRzuNuzRYix5HwUDl9kDQb7OPEGkYhe0q2e1EkDG7z978eEJvUsm9V
3mqPops5rVOrns4K82a0rm9ItDks8YoDewHvQKQ2MHttQiG6jn3kdw==
-----END CERTIFICATE-----
Generated at Sat Mar 30 23:39:50 2024 by rpki-client on console-fra.rpki-client.org