Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/jrEoVUdwjQQmouV2IFKTDF6kzWU.roa
File: jrEoVUdwjQQmouV2IFKTDF6kzWU.roa (raw, json)
Hash identifier: kPDk8ydKGJYuP3seA6mTO34G11U0R39iRo1ZHIpV1DY=
Subject key identifier: 8E:B1:28:55:47:70:8D:04:26:A2:E5:76:20:52:93:0C:5E:A4:CD:65
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1428
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/jrEoVUdwjQQmouV2IFKTDF6kzWU.roa
Signing time: Sat 13 Apr 2024 17:23:15 +0000
ROA not before: Sat 13 Apr 2024 17:23:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5160 (0x1428)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 17:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8EB1285547708D0426A2E5762052930C5EA4CD65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7d:ce:5b:68:13:29:76:15:34:d3:e4:3a:0c:
cd:45:02:75:47:cf:c6:54:48:e9:9d:e1:cf:f5:a2:
f7:e7:c5:83:48:aa:f9:41:c7:c9:7c:ba:d9:3a:0d:
47:ba:a7:16:0f:9c:34:8c:db:ca:67:61:39:a5:48:
3b:53:b6:e6:a1:0f:bc:47:d7:07:90:e2:73:15:83:
a3:25:5e:ce:61:c4:96:e3:c4:f2:a4:08:9e:ac:39:
aa:6f:2d:10:6c:bd:2e:f2:70:03:9d:6d:27:a3:5f:
ad:6b:f5:d9:eb:c8:a7:f2:20:6f:25:6e:b5:a6:78:
5c:0c:b4:c4:15:6d:e3:4e:3c:3b:83:2c:9a:91:4b:
78:51:c6:24:bc:16:cd:c9:f4:e2:8a:94:90:e4:54:
8f:17:98:59:1d:ff:e7:0f:a1:3f:ad:d9:06:4f:a3:
a5:ac:5e:16:32:d3:02:ca:ad:20:be:f0:0f:0a:55:
0d:56:9e:75:ca:9f:73:b5:03:54:70:b2:2b:8d:73:
9b:d0:ce:09:d2:13:98:10:18:4c:45:92:1e:72:00:
c0:52:0f:af:9a:5f:c5:be:f6:09:ce:de:9a:42:ae:
1a:70:28:84:14:0a:70:d8:05:f3:7f:80:26:00:5a:
aa:a5:aa:3e:07:52:69:ff:77:1e:dd:4b:1c:a5:71:
e3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B1:28:55:47:70:8D:04:26:A2:E5:76:20:52:93:0C:5E:A4:CD:65
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/jrEoVUdwjQQmouV2IFKTDF6kzWU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:b6:3e:35:34:62:41:d5:8b:61:38:cb:c2:60:77:c1:d8:68:
27:01:37:f3:ad:d7:67:24:98:9d:d4:58:ec:6d:34:c2:d9:53:
02:3b:de:0f:84:84:75:92:a1:7b:7d:67:db:19:9c:13:9f:29:
62:29:5b:34:ba:06:9e:17:b1:07:ec:40:d7:79:02:f6:92:6d:
1e:aa:28:66:2d:23:78:af:4a:16:31:77:8c:d1:37:4e:c4:72:
fd:63:93:77:95:50:8a:e1:b9:2c:02:be:92:ac:b6:f4:34:f4:
5f:78:6d:46:09:f7:1c:79:9d:e5:9a:21:d1:33:6e:ff:28:68:
1e:4c:9c:01:e3:20:a3:97:5c:f7:69:2d:f6:1e:a2:c0:03:4c:
3c:ca:40:dc:e5:81:58:02:bb:8a:89:f4:4e:d9:68:0a:8c:5d:
a7:57:8e:99:07:56:08:e1:fc:3b:9d:03:85:96:5c:83:29:39:
93:2f:b8:67:cf:ae:ec:79:c2:1e:f0:f1:da:71:14:52:b0:1b:
b6:25:b6:82:b4:e0:f9:6f:ac:a0:d3:a5:3d:cf:47:8b:5c:67:
90:51:70:c1:25:86:f0:1a:b7:45:21:04:c4:46:4b:27:21:9c:
f2:2b:a4:53:df:3a:5c:9c:6c:b7:77:9b:a5:a2:73:ac:ec:ad:
22:80:84:5b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFCgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMx
NzIzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhFQjEyODU1NDc3MDhE
MDQyNkEyRTU3NjIwNTI5MzBDNUVBNENENjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCefc5baBMpdhU00+Q6DM1FAnVHz8ZUSOmd4c/1ovfnxYNIqvlB
x8l8utk6DUe6pxYPnDSM28pnYTmlSDtTtuahD7xH1weQ4nMVg6MlXs5hxJbjxPKk
CJ6sOapvLRBsvS7ycAOdbSejX61r9dnryKfyIG8lbrWmeFwMtMQVbeNOPDuDLJqR
S3hRxiS8Fs3J9OKKlJDkVI8XmFkd/+cPoT+t2QZPo6WsXhYy0wLKrSC+8A8KVQ1W
nnXKn3O1A1RwsiuNc5vQzgnSE5gQGExFkh5yAMBSD6+aX8W+9gnO3ppCrhpwKIQU
CnDYBfN/gCYAWqqlqj4HUmn/dx7dSxylceNBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUjrEoVUdwjQQmouV2IFKTDF6kzWUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2pyRW9WVWR3alFRbW91
VjJJRktUREY2a3pXVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAMrY+NTRiQdWLYTjLwmB3wdhoJwE3863X
ZySYndRY7G00wtlTAjveD4SEdZKhe31n2xmcE58pYilbNLoGnhexB+xA13kC9pJt
HqooZi0jeK9KFjF3jNE3TsRy/WOTd5VQiuG5LAK+kqy29DT0X3htRgn3HHmd5Zoh
0TNu/yhoHkycAeMgo5dc92kt9h6iwANMPMpA3OWBWAK7ion0TtloCoxdp1eOmQdW
COH8O50DhZZcgyk5ky+4Z8+u7HnCHvDx2nEUUrAbtiW2grTg+W+soNOlPc9Hi1xn
kFFwwSWG8Bq3RSEExEZLJyGc8iukU986XJxst3ebpaJzrOytIoCEWw==
-----END CERTIFICATE-----
Generated at Sat Apr 13 18:47:10 2024 by rpki-client on console-ams.rpki-client.org