Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/j9BMS2xHr1nhnVGZ-tovGR_st08.roa
File: j9BMS2xHr1nhnVGZ-tovGR_st08.roa (raw, json)
Hash identifier: MfY7Q+u0XNOOUfI5Wo7dXZZJ6plf0SkUvXRn8/cVPIo=
Subject key identifier: 8F:D0:4C:4B:6C:47:AF:59:E1:9D:51:99:FA:DA:2F:19:1F:EC:B7:4F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10E4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/j9BMS2xHr1nhnVGZ-tovGR_st08.roa
Signing time: Fri 05 Apr 2024 00:22:47 +0000
ROA not before: Fri 05 Apr 2024 00:22:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4324 (0x10e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 5 00:22:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8FD04C4B6C47AF59E19D5199FADA2F191FECB74F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a1:ab:04:40:f0:c2:5c:c9:b3:8e:76:a8:06:
c3:a3:71:92:6f:aa:d5:7c:33:b0:03:5c:e9:d2:31:
39:86:29:20:0b:67:c0:70:38:19:7f:0d:e1:ec:29:
eb:e2:6e:be:bb:a0:3c:0f:b5:5f:51:1e:3d:15:31:
94:25:66:91:74:52:52:d1:03:5c:45:b7:cb:75:84:
be:5f:55:24:94:d4:46:ce:31:26:ba:7e:7c:37:26:
1d:32:06:a0:36:aa:c2:bc:ab:90:22:04:6a:07:2f:
71:62:b5:51:51:5b:72:83:90:ab:4b:e3:02:89:a8:
dd:de:c5:2e:44:69:02:89:c1:ff:e5:82:64:00:7d:
e6:de:16:f5:fe:60:66:a8:73:ae:b7:99:22:ff:8d:
4d:6d:94:0c:62:33:2a:dd:93:70:02:96:9e:a2:9e:
8f:1c:02:a2:35:c3:80:a6:82:a1:57:5e:56:82:10:
cf:24:dc:bf:94:60:c5:ba:d3:e8:50:cd:2c:a2:59:
93:d3:ff:39:27:65:fc:ab:e9:f3:c7:65:a5:80:a3:
3e:d3:f0:0d:2d:4d:15:94:ab:9d:8a:07:1d:29:91:
6b:a9:21:3a:55:50:60:dd:09:98:ba:11:bc:3e:da:
e9:23:a4:58:f3:c8:a1:5f:d0:ef:ab:b3:05:15:24:
ec:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D0:4C:4B:6C:47:AF:59:E1:9D:51:99:FA:DA:2F:19:1F:EC:B7:4F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/j9BMS2xHr1nhnVGZ-tovGR_st08.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:cc:df:ba:67:cb:f2:d2:03:30:65:ff:0a:75:be:5d:3f:07:
e6:ef:b8:c9:de:d0:ab:29:6b:9b:94:5c:e6:91:7f:e1:3c:26:
e3:35:d9:17:f0:42:4f:4c:eb:65:a0:5f:ae:11:12:38:6a:c7:
98:22:21:d7:ac:22:c1:2e:6e:db:cf:1f:6f:0f:0c:69:a4:da:
e1:d5:c0:db:35:00:d9:49:ff:78:63:1d:2a:71:b7:a5:d2:3d:
fe:89:1d:fa:31:76:af:ca:91:19:34:f2:c7:87:ab:8e:30:51:
83:71:31:96:9d:0c:f4:23:11:98:2e:d7:b7:6f:21:f9:7d:14:
85:d1:d9:5d:44:e3:99:8f:65:bc:78:11:79:ea:d4:29:96:95:
19:ff:ff:5e:1b:0d:83:b4:c4:6a:7a:68:18:98:c3:81:58:86:
04:81:8b:ca:e2:8c:fc:fe:8a:38:e8:16:0a:8d:b6:97:d9:e4:
b8:e3:1e:98:e6:6b:19:27:aa:48:e0:af:b8:1d:24:a2:e4:35:
77:09:5f:92:76:0c:5e:4c:b3:c1:a1:4f:c3:dd:59:c6:a7:51:
69:78:12:8b:91:0b:f2:95:e5:97:cf:bf:0e:a5:27:11:e4:82:
2e:fd:ee:e8:b5:14:c4:d0:80:e8:5e:29:f5:d0:f8:36:aa:2c:
58:3a:1a:d8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDUw
MDIyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhGRDA0QzRCNkM0N0FG
NTlFMTlENTE5OUZBREEyRjE5MUZFQ0I3NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuoasEQPDCXMmzjnaoBsOjcZJvqtV8M7ADXOnSMTmGKSALZ8Bw
OBl/DeHsKevibr67oDwPtV9RHj0VMZQlZpF0UlLRA1xFt8t1hL5fVSSU1EbOMSa6
fnw3Jh0yBqA2qsK8q5AiBGoHL3FitVFRW3KDkKtL4wKJqN3exS5EaQKJwf/lgmQA
febeFvX+YGaoc663mSL/jU1tlAxiMyrdk3AClp6ino8cAqI1w4CmgqFXXlaCEM8k
3L+UYMW60+hQzSyiWZPT/zknZfyr6fPHZaWAoz7T8A0tTRWUq52KBx0pkWupITpV
UGDdCZi6Ebw+2ukjpFjzyKFf0O+rswUVJOxLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUj9BMS2xHr1nhnVGZ+tovGR/st08wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2o5Qk1TMnhIcjFuaG5W
R1otdG92R1Jfc3QwOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAq8zfumfL8tIDMGX/CnW+XT8H5u+4yd7Q
qylrm5Rc5pF/4Twm4zXZF/BCT0zrZaBfrhESOGrHmCIh16wiwS5u288fbw8MaaTa
4dXA2zUA2Un/eGMdKnG3pdI9/okd+jF2r8qRGTTyx4erjjBRg3Exlp0M9CMRmC7X
t28h+X0UhdHZXUTjmY9lvHgReerUKZaVGf//XhsNg7TEanpoGJjDgViGBIGLyuKM
/P6KOOgWCo22l9nkuOMemOZrGSeqSOCvuB0kouQ1dwlfknYMXkyzwaFPw91ZxqdR
aXgSi5EL8pXll8+/DqUnEeSCLv3u6LUUxNCA6F4p9dD4NqosWDoa2A==
-----END CERTIFICATE-----
Generated at Fri Apr 5 04:26:28 2024 by rpki-client on console-fra.rpki-client.org