Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/j25PEokb_MGYtehGFbYkjy13mpE.roa
File: j25PEokb_MGYtehGFbYkjy13mpE.roa (raw, json)
Hash identifier: uUzfZYD29zMe5J0jh9xfqFGqdQci361G5DXRPAnZoFo=
Subject key identifier: 8F:6E:4F:12:89:1B:FC:C1:98:B5:E8:46:15:B6:24:8F:2D:77:9A:91
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E40
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/j25PEokb_MGYtehGFbYkjy13mpE.roa
Signing time: Thu 28 Mar 2024 23:22:27 +0000
ROA not before: Thu 28 Mar 2024 23:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3648 (0xe40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 28 23:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8F6E4F12891BFCC198B5E84615B6248F2D779A91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3b:26:ca:4f:56:c9:fe:8c:76:b8:fd:fb:8c:
b8:44:dc:da:13:98:93:3e:67:8a:33:04:ca:27:66:
92:2f:b3:a7:ce:5e:7b:47:e5:3b:8c:ea:5b:27:aa:
68:ef:3a:e8:5a:99:a3:22:32:47:2f:7f:61:7f:65:
e2:66:f6:67:b0:e5:9c:80:4b:06:2e:b6:89:a9:9e:
4b:1b:68:3a:6f:1f:29:09:97:32:46:a4:13:e2:8b:
ae:37:ac:bb:f7:13:f1:4f:81:b7:91:41:f8:af:a4:
14:a2:a2:55:9e:ee:75:0e:d6:0d:2f:83:30:6e:7f:
b3:16:34:8a:37:7c:0f:f0:02:2e:9b:63:80:79:e9:
a2:21:26:63:6c:cf:d8:5e:06:60:5e:5e:61:7e:7a:
4d:db:4d:17:ba:a6:07:c7:62:89:8b:0b:2d:f2:b4:
e1:bb:d1:a6:a2:c7:54:aa:8f:95:3d:be:74:d0:9e:
87:37:c5:68:9f:88:45:d3:0c:2a:82:83:56:49:66:
52:53:09:10:3d:a2:81:f5:35:ac:5a:32:f2:fd:d0:
2a:1f:f4:a3:1e:d0:6e:4a:49:f0:33:49:28:17:1a:
2d:6f:c5:8d:7c:69:f4:7b:e2:12:c2:68:36:16:8c:
73:5c:9b:da:46:e8:8d:9f:ee:da:b6:3b:5c:0f:99:
d7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6E:4F:12:89:1B:FC:C1:98:B5:E8:46:15:B6:24:8F:2D:77:9A:91
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/j25PEokb_MGYtehGFbYkjy13mpE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:53:f3:02:0a:ba:ba:ad:20:ce:e1:ad:f4:54:8d:d4:8e:b6:
92:66:0d:ce:f0:dd:d8:ac:8d:cd:cc:67:03:87:99:65:7a:95:
09:73:77:99:c9:96:cd:3e:06:d2:be:9c:c2:a4:2b:06:01:ba:
83:bb:26:7f:a9:16:91:85:10:d3:1d:1f:b3:8b:b4:9f:c8:97:
30:57:12:ac:10:73:5c:8d:c9:4f:f3:97:04:4f:c4:a3:4a:39:
dd:57:9e:8a:dc:dc:9d:18:28:21:c4:6b:f8:95:34:9e:21:36:
de:70:cc:0a:e1:6f:7e:fa:56:cc:31:0b:8f:c0:e7:5a:41:fc:
2c:3f:9e:85:af:74:8d:bb:f4:49:d7:6d:4c:d2:c3:d4:f9:52:
06:9a:db:29:a0:d4:2e:c5:2c:6b:30:00:95:de:cd:4a:f5:37:
88:5a:7f:e1:40:e2:00:91:a2:87:18:b0:22:54:60:c1:63:fe:
53:3e:f4:b7:71:2b:a0:2b:5c:f9:82:a6:6f:5a:d6:77:94:ca:
d3:b0:45:fb:3e:12:59:7d:44:0e:dc:19:c8:be:e0:fe:29:41:
7e:fc:47:a0:e8:98:5b:19:e4:33:06:c4:11:07:f8:ae:a8:46:
67:c2:bb:f8:43:dd:78:8a:2e:da:f7:49:87:17:cc:3c:37:f6:
4e:99:3a:b1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjgy
MzIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhGNkU0RjEyODkxQkZD
QzE5OEI1RTg0NjE1QjYyNDhGMkQ3NzlBOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+OybKT1bJ/ox2uP37jLhE3NoTmJM+Z4ozBMonZpIvs6fOXntH
5TuM6lsnqmjvOuhamaMiMkcvf2F/ZeJm9mew5ZyASwYutompnksbaDpvHykJlzJG
pBPii643rLv3E/FPgbeRQfivpBSiolWe7nUO1g0vgzBuf7MWNIo3fA/wAi6bY4B5
6aIhJmNsz9heBmBeXmF+ek3bTRe6pgfHYomLCy3ytOG70aaix1Sqj5U9vnTQnoc3
xWifiEXTDCqCg1ZJZlJTCRA9ooH1NaxaMvL90Cof9KMe0G5KSfAzSSgXGi1vxY18
afR74hLCaDYWjHNcm9pG6I2f7tq2O1wPmdePAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUj25PEokb/MGYtehGFbYkjy13mpEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2oyNVBFb2tiX01HWXRl
aEdGYllrankxM21wRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAnFPzAgq6uq0gzuGt9FSN1I62kmYNzvDd
2KyNzcxnA4eZZXqVCXN3mcmWzT4G0r6cwqQrBgG6g7smf6kWkYUQ0x0fs4u0n8iX
MFcSrBBzXI3JT/OXBE/Eo0o53VeeitzcnRgoIcRr+JU0niE23nDMCuFvfvpWzDEL
j8DnWkH8LD+eha90jbv0SddtTNLD1PlSBprbKaDULsUsazAAld7NSvU3iFp/4UDi
AJGihxiwIlRgwWP+Uz70t3EroCtc+YKmb1rWd5TK07BF+z4SWX1EDtwZyL7g/ilB
fvxHoOiYWxnkMwbEEQf4rqhGZ8K7+EPdeIou2vdJhxfMPDf2Tpk6sQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:45:45 2024 by rpki-client on console-ams.rpki-client.org