Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/mp1NyFwy0algDhKzQyRVWSDWT4Q.roa
File: mp1NyFwy0algDhKzQyRVWSDWT4Q.roa (raw, json)
Hash identifier: rwzbtNXmtx7UAQTGZqiDdOX0rrgKeuMb91DdyX6Zz3I=
Subject key identifier: 9A:9D:4D:C8:5C:32:D1:A9:60:0E:12:B3:43:24:55:59:20:D6:4F:84
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1122
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/mp1NyFwy0algDhKzQyRVWSDWT4Q.roa
Signing time: Fri 05 Apr 2024 15:52:51 +0000
ROA not before: Fri 05 Apr 2024 15:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4386 (0x1122)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 5 15:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9A9D4DC85C32D1A9600E12B34324555920D64F84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:fa:1c:8f:c7:0e:c4:a2:db:f9:3d:11:20:
77:25:8c:b5:e1:a0:23:93:c8:b3:c1:c7:59:48:e8:
30:92:dc:9c:5f:d4:03:46:b5:2f:0c:d6:2e:55:97:
13:b8:6b:d8:6b:df:c4:61:58:7f:38:8d:c3:b9:d4:
43:e8:bd:24:3a:0c:59:11:6d:5c:ec:98:9c:3b:18:
5c:be:1a:2e:cf:b2:4f:65:26:18:b9:60:60:46:b8:
87:6b:ac:e8:f1:e9:11:e8:aa:8f:1b:ae:3a:45:85:
2f:03:ef:ef:bb:1e:d5:5c:b0:47:ca:36:0f:81:8e:
c0:8b:67:8a:63:69:e7:b5:e4:f0:93:bf:1e:d1:ff:
e4:0e:de:c1:5e:ad:2a:73:95:1e:a9:81:e2:fb:39:
f0:9c:41:a6:11:b8:65:b8:6a:02:a9:78:e9:a2:46:
c3:b5:7d:56:2b:69:e4:be:73:44:be:fb:b7:7a:aa:
fe:4e:25:6c:e4:a2:01:c0:0d:4c:f7:30:63:c8:b3:
50:ac:cd:82:d6:c4:61:72:d0:1b:0a:46:94:16:3b:
f2:99:1d:a2:ce:82:44:30:30:22:f8:8b:96:7f:29:
38:12:f0:d6:35:ce:c7:18:56:6f:67:a4:e0:99:63:
f8:9d:7f:b4:ec:0b:4c:43:72:2f:d6:4e:01:1f:6c:
d6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9D:4D:C8:5C:32:D1:A9:60:0E:12:B3:43:24:55:59:20:D6:4F:84
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/mp1NyFwy0algDhKzQyRVWSDWT4Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cf:db:b3:8e:1b:1c:e0:ae:a5:c1:37:4f:8f:af:19:75:7e:c8:
82:07:86:ae:e1:a1:1b:61:75:38:1e:d5:0c:dc:57:40:56:c0:
bf:b3:38:ca:35:3f:0f:c3:3b:04:85:42:d7:e7:06:d5:cb:71:
74:5b:e4:c4:0e:06:3f:86:51:00:b8:c7:dc:46:1e:b2:c2:76:
19:17:44:e1:1b:17:79:31:c1:15:63:93:ef:1b:f6:5d:03:94:
51:65:f0:76:d3:42:e2:70:59:eb:c7:8a:27:28:5d:a6:9a:1b:
f3:76:25:f3:46:a6:fa:9d:1b:5c:ee:13:fa:82:fd:b8:3b:48:
89:30:1f:d8:4e:c4:8d:fb:78:57:ed:7d:3b:9f:3b:eb:9c:a8:
68:49:ef:67:bc:2c:e2:94:89:3d:37:4e:1a:f0:e5:61:46:d8:
07:d0:22:15:c7:a5:05:dc:58:c8:f4:e7:f0:1b:5c:34:bf:8a:
be:8e:30:aa:02:1f:09:7b:3c:0e:09:4c:87:50:87:55:de:5b:
01:6a:11:15:d6:7f:e0:b7:40:7d:be:65:bf:85:ec:9b:7c:d4:
c5:e6:60:dd:85:d0:31:e9:66:09:52:af:97:c1:2a:42:9e:ff:
3e:13:6d:63:b4:04:4e:2b:a6:65:f2:3a:d6:5f:12:2b:76:c6:
cb:f3:d4:71
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICESIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDUx
NTUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBOUQ0REM4NUMzMkQx
QTk2MDBFMTJCMzQzMjQ1NTU5MjBENjRGODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR6focj8cOxKLb+T0RIHcljLXhoCOTyLPBx1lI6DCS3Jxf1ANG
tS8M1i5VlxO4a9hr38RhWH84jcO51EPovSQ6DFkRbVzsmJw7GFy+Gi7Psk9lJhi5
YGBGuIdrrOjx6RHoqo8brjpFhS8D7++7HtVcsEfKNg+BjsCLZ4pjaee15PCTvx7R
/+QO3sFerSpzlR6pgeL7OfCcQaYRuGW4agKpeOmiRsO1fVYraeS+c0S++7d6qv5O
JWzkogHADUz3MGPIs1CszYLWxGFy0BsKRpQWO/KZHaLOgkQwMCL4i5Z/KTgS8NY1
zscYVm9npOCZY/idf7TsC0xDci/WTgEfbNaTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmp1NyFwy0algDhKzQyRVWSDWT4QwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL21wMU55Rnd5MGFsZ0Ro
S3pReVJWV1NEV1Q0US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAz9uzjhsc4K6lwTdPj68ZdX7IggeGruGh
G2F1OB7VDNxXQFbAv7M4yjU/D8M7BIVC1+cG1ctxdFvkxA4GP4ZRALjH3EYessJ2
GRdE4RsXeTHBFWOT7xv2XQOUUWXwdtNC4nBZ68eKJyhdppob83Yl80am+p0bXO4T
+oL9uDtIiTAf2E7Ejft4V+19O58765yoaEnvZ7ws4pSJPTdOGvDlYUbYB9AiFcel
BdxYyPTn8BtcNL+Kvo4wqgIfCXs8DglMh1CHVd5bAWoRFdZ/4LdAfb5lv4Xsm3zU
xeZg3YXQMelmCVKvl8EqQp7/PhNtY7QETiumZfI61l8SK3bGy/PUcQ==
-----END CERTIFICATE-----
Generated at Fri Apr 5 21:45:32 2024 by rpki-client on console-ams.rpki-client.org