Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/mbMG8erfEcCCkaAjE-azM8JW_ns.roa
File: mbMG8erfEcCCkaAjE-azM8JW_ns.roa (raw, json)
Hash identifier: R1XwylB9acCsOtTOejhu4lk/qzyW6hHed82HMVRU/zc=
Subject key identifier: 99:B3:06:F1:EA:DF:11:C0:82:91:A0:23:13:E6:B3:33:C2:56:FE:7B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13F8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/mbMG8erfEcCCkaAjE-azM8JW_ns.roa
Signing time: Sat 13 Apr 2024 05:23:14 +0000
ROA not before: Sat 13 Apr 2024 05:23:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5112 (0x13f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 05:23:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=99B306F1EADF11C08291A02313E6B333C256FE7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:5b:28:1f:93:38:a1:a0:b7:5b:da:ba:9d:
62:4c:ad:5f:c9:5f:dd:0a:b6:7d:ee:07:14:8f:c9:
32:a7:c7:12:a6:eb:90:71:4d:b9:86:bd:8e:d2:10:
51:34:ec:bc:36:f2:3c:b2:d0:e9:e8:b5:f4:e0:3b:
2f:26:a6:f9:e0:ec:e2:d1:35:3e:d2:9f:4e:f7:5d:
2c:d2:c6:df:de:79:d7:88:41:17:c0:13:3c:5f:10:
9d:58:3b:5e:33:25:4d:d6:d8:18:27:dc:17:7e:fb:
c4:6e:fa:a0:d8:3b:46:f2:a4:75:09:48:61:73:1e:
ef:59:ff:3c:8b:09:0b:04:54:b9:2e:3a:20:0f:f5:
c6:63:f7:40:61:d0:92:e5:b8:27:05:3c:4e:a5:84:
74:cb:83:94:71:5c:56:e2:db:ce:90:04:fa:b0:91:
df:6b:aa:c0:4d:b2:66:ac:9c:25:3c:1c:78:35:a3:
9c:5a:b5:c6:d8:57:91:f4:00:32:e3:c7:f2:67:5d:
c3:28:70:32:64:de:94:9f:d2:c1:46:57:9a:c3:0a:
5a:a3:4d:8c:a7:a4:f7:09:bf:e3:9a:af:e2:46:4a:
ee:b3:41:dd:70:96:06:cb:84:01:61:00:ec:d5:2c:
ac:c0:6b:38:ce:c7:4b:1f:fc:66:d5:89:7f:d4:10:
aa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B3:06:F1:EA:DF:11:C0:82:91:A0:23:13:E6:B3:33:C2:56:FE:7B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/mbMG8erfEcCCkaAjE-azM8JW_ns.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:86:b3:41:f6:14:62:b2:10:d6:0d:6d:de:bb:dc:a0:07:ce:
e3:71:8c:54:37:76:88:5c:b0:bc:73:4c:2c:2f:70:72:a7:ee:
ce:df:44:ae:19:6a:83:f4:8c:f6:89:61:d0:d6:bf:50:df:64:
9c:75:5a:bd:f2:03:89:fe:d5:31:74:87:4f:7a:bc:0e:01:a6:
6d:2c:6e:46:28:52:02:f4:4b:d0:08:1d:76:f7:89:16:25:32:
4d:67:19:38:1b:41:56:82:96:32:d1:38:16:be:f0:00:51:67:
ad:be:ba:16:57:78:33:4f:02:ba:c7:1d:52:ff:24:4f:d7:17:
e8:64:40:98:61:e8:3a:ac:ea:5d:98:03:6a:04:f8:9d:d9:34:
d4:a7:be:dd:08:75:84:16:a4:31:8d:f7:fb:5f:32:4d:35:4e:
d9:21:bd:c8:5b:fe:67:67:e6:31:f0:fc:d3:d9:80:6f:c5:35:
e7:99:88:f6:b0:1c:c7:a4:6a:59:5c:5e:1c:d9:60:08:6c:8b:
e5:c2:3b:81:7f:d4:d8:ba:6f:03:d0:31:db:cb:04:bc:44:25:
fb:58:46:e0:59:9a:c3:c3:17:32:c9:04:1b:5a:c9:64:e5:37:
e3:e6:32:1f:30:3e:c8:2f:93:5a:df:93:a7:f6:73:3d:87:c8:
e7:c7:db:45
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE/gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMw
NTIzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk5QjMwNkYxRUFERjEx
QzA4MjkxQTAyMzEzRTZCMzMzQzI1NkZFN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvj1soH5M4oaC3W9q6nWJMrV/JX90Ktn3uBxSPyTKnxxKm65Bx
TbmGvY7SEFE07Lw28jyy0OnotfTgOy8mpvng7OLRNT7Sn073XSzSxt/eedeIQRfA
EzxfEJ1YO14zJU3W2Bgn3Bd++8Ru+qDYO0bypHUJSGFzHu9Z/zyLCQsEVLkuOiAP
9cZj90Bh0JLluCcFPE6lhHTLg5RxXFbi286QBPqwkd9rqsBNsmasnCU8HHg1o5xa
tcbYV5H0ADLjx/JnXcMocDJk3pSf0sFGV5rDClqjTYynpPcJv+Oar+JGSu6zQd1w
lgbLhAFhAOzVLKzAazjOx0sf/GbViX/UEKqpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmbMG8erfEcCCkaAjE+azM8JW/nswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL21iTUc4ZXJmRWNDQ2th
QWpFLWF6TThKV19ucy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAJIazQfYUYrIQ1g1t3rvcoAfO43GMVDd2
iFywvHNMLC9wcqfuzt9Erhlqg/SM9olh0Na/UN9knHVavfIDif7VMXSHT3q8DgGm
bSxuRihSAvRL0AgddveJFiUyTWcZOBtBVoKWMtE4Fr7wAFFnrb66Fld4M08Cuscd
Uv8kT9cX6GRAmGHoOqzqXZgDagT4ndk01Ke+3Qh1hBakMY33+18yTTVO2SG9yFv+
Z2fmMfD809mAb8U155mI9rAcx6RqWVxeHNlgCGyL5cI7gX/U2LpvA9Ax28sEvEQl
+1hG4Fmaw8MXMskEG1rJZOU34+YyHzA+yC+TWt+Tp/ZzPYfI58fbRQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 06:50:40 2024 by rpki-client on console-fra.rpki-client.org