Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/jpTBDmmzrYJbOaIncCBT41bSplM.roa
File: jpTBDmmzrYJbOaIncCBT41bSplM.roa (raw, json)
Hash identifier: Y1Jd6TyBLT0XdVyf+X79sfsVBSaDBcxdUz5za0f3vzY=
Subject key identifier: 8E:94:C1:0E:69:B3:AD:82:5B:39:A2:27:70:20:53:E3:56:D2:A6:53
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D44
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/jpTBDmmzrYJbOaIncCBT41bSplM.roa
Signing time: Wed 08 May 2024 00:24:25 +0000
ROA not before: Wed 08 May 2024 00:24:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7492 (0x1d44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 8 00:24:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8E94C10E69B3AD825B39A227702053E356D2A653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:00:72:5d:eb:ec:ec:7e:58:bb:c5:a1:c0:
4e:55:ea:0d:6c:f3:59:2b:ab:73:87:c3:3a:48:86:
1a:a9:53:00:3d:98:b9:86:45:09:78:e7:14:c3:4c:
9b:a3:1a:40:92:ad:14:3d:e2:26:ef:73:07:c2:f2:
4e:e8:0c:6e:aa:0a:00:d5:c6:0f:07:ab:78:74:2f:
a3:b8:82:8b:ab:03:d9:e6:94:e2:9e:49:81:aa:f9:
6d:53:34:50:25:02:2e:be:05:51:09:62:45:36:b0:
f5:89:e7:c1:e6:cb:c4:31:2d:0b:3a:1d:2c:db:43:
be:c9:d1:5c:d8:05:2c:7d:fd:4c:9f:4a:4e:35:99:
34:e4:46:53:1c:ff:b1:9e:3d:a0:39:43:ea:73:6c:
d8:cc:61:e1:a6:4b:14:b3:62:c2:48:7b:1e:60:0e:
bb:b1:72:d3:9d:3a:91:a7:6b:a5:31:1f:51:52:db:
4e:90:25:84:e9:9c:fb:3a:a5:90:9b:d3:b8:6e:ec:
94:43:e4:74:e8:73:e2:15:c4:9e:98:63:3b:15:46:
ed:6d:f5:e7:12:4b:37:c2:59:f9:1d:83:b1:a6:e3:
98:50:96:68:5a:70:59:60:f1:43:0c:78:57:90:d9:
23:d1:ee:1d:30:2f:5e:52:32:29:77:9e:d1:6e:58:
8d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:94:C1:0E:69:B3:AD:82:5B:39:A2:27:70:20:53:E3:56:D2:A6:53
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/jpTBDmmzrYJbOaIncCBT41bSplM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:2e:af:c6:cd:a7:f2:9f:f9:a9:8d:c6:25:f7:bd:48:46:9b:
bb:69:bc:03:9d:0f:71:a1:4f:3e:0f:04:6e:4c:6b:ec:24:5d:
4b:9e:16:d6:45:73:90:22:ca:e6:2e:57:c0:01:f9:f0:82:ee:
99:84:19:00:1a:ee:f3:88:45:97:e7:02:c5:e9:32:31:63:1c:
52:9c:f8:20:21:f1:e8:09:ff:a1:2f:07:d1:bf:3f:1d:5e:20:
85:d8:77:f6:46:0a:03:32:5d:b4:e3:a1:74:3d:e9:86:f2:09:
03:11:ea:6c:88:86:55:84:ac:3c:ea:c9:df:56:f9:90:f2:76:
84:e2:f3:df:2d:ba:2b:b5:f2:f1:8d:62:34:d0:10:88:19:d7:
63:ea:17:7a:e4:90:1c:6d:71:c6:7f:89:62:f8:38:2c:ac:40:
ca:4c:47:2b:48:05:a7:2a:77:e7:aa:05:13:2b:39:2c:3c:27:
41:a3:bf:76:b1:d0:02:e6:df:81:a8:2d:40:20:ef:0f:00:bf:
c1:f7:8f:49:9a:c8:4f:60:11:e4:be:50:a3:16:06:20:22:ca:
cb:62:90:bc:97:9c:3e:19:4a:e7:15:32:1f:19:c9:40:99:53:
e8:cd:e3:31:0a:04:12:77:a0:1d:cc:6b:be:b0:38:63:e4:4b:
49:17:cd:90
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDgw
MDI0MjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhFOTRDMTBFNjlCM0FE
ODI1QjM5QTIyNzcwMjA1M0UzNTZEMkE2NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBigByXevs7H5Yu8WhwE5V6g1s81krq3OHwzpIhhqpUwA9mLmG
RQl45xTDTJujGkCSrRQ94ibvcwfC8k7oDG6qCgDVxg8Hq3h0L6O4gourA9nmlOKe
SYGq+W1TNFAlAi6+BVEJYkU2sPWJ58Hmy8QxLQs6HSzbQ77J0VzYBSx9/UyfSk41
mTTkRlMc/7GePaA5Q+pzbNjMYeGmSxSzYsJIex5gDruxctOdOpGna6UxH1FS206Q
JYTpnPs6pZCb07hu7JRD5HToc+IVxJ6YYzsVRu1t9ecSSzfCWfkdg7Gm45hQlmha
cFlg8UMMeFeQ2SPR7h0wL15SMil3ntFuWI2ZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUjpTBDmmzrYJbOaIncCBT41bSplMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2pwVEJEbW16cllKYk9h
SW5jQ0JUNDFiU3BsTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAtS6vxs2n8p/5qY3GJfe9SEabu2m8A50P
caFPPg8Ebkxr7CRdS54W1kVzkCLK5i5XwAH58ILumYQZABru84hFl+cCxekyMWMc
Upz4ICHx6An/oS8H0b8/HV4ghdh39kYKAzJdtOOhdD3phvIJAxHqbIiGVYSsPOrJ
31b5kPJ2hOLz3y26K7Xy8Y1iNNAQiBnXY+oXeuSQHG1xxn+JYvg4LKxAykxHK0gF
pyp356oFEys5LDwnQaO/drHQAubfgagtQCDvDwC/wfePSZrIT2AR5L5QoxYGICLK
y2KQvJecPhlK5xUyHxnJQJlT6M3jMQoEEnegHcxrvrA4Y+RLSRfNkA==
-----END CERTIFICATE-----
Generated at Wed May 8 03:43:30 2024 by rpki-client on console-ams.rpki-client.org