Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/mpI2ef2tEi8Lo__9XhAMleeA0Pc.roa
File: mpI2ef2tEi8Lo__9XhAMleeA0Pc.roa (raw, json)
Hash identifier: xztJgn9RuwB6pU9K0ntomfr2RYfODpJctBl3ETwwxO8=
Subject key identifier: 9A:92:36:79:FD:AD:12:2F:0B:A3:FF:FD:5E:10:0C:95:E7:80:D0:F7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1262
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/mpI2ef2tEi8Lo__9XhAMleeA0Pc.roa
Signing time: Mon 08 Apr 2024 23:53:00 +0000
ROA not before: Mon 08 Apr 2024 23:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4706 (0x1262)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 23:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9A923679FDAD122F0BA3FFFD5E100C95E780D0F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d7:07:d1:43:6f:ed:68:b3:74:ea:5e:7e:b0:
27:20:8b:22:31:8b:da:37:24:94:b3:f1:d4:f1:7e:
3a:ea:83:79:19:36:33:f8:e3:5c:14:24:62:43:a0:
e0:e3:6d:9e:a3:c0:5b:9b:17:d4:3d:98:b1:82:b4:
c7:64:96:a4:4e:8e:45:5b:1c:c2:30:99:49:e1:81:
75:3e:65:d5:b0:36:68:88:3b:8a:53:1c:0d:51:59:
07:35:3b:dc:f0:97:ee:59:73:b7:87:6d:da:58:db:
1c:e6:e0:c1:da:22:e7:e9:21:4e:81:b4:ac:a6:87:
37:00:da:56:aa:87:ef:fc:67:bc:9d:b3:46:d5:e0:
73:85:79:a6:86:0a:a9:f5:19:ea:34:77:fd:83:32:
76:31:ed:c9:85:26:27:02:f2:b8:12:90:97:47:34:
52:b9:1e:cc:90:2f:bf:6a:ae:ca:b3:fb:4a:01:9e:
45:61:75:e0:dc:a1:b7:17:a9:c1:de:e9:53:9a:de:
a2:d6:b1:76:68:eb:39:e0:27:af:82:15:8e:2a:97:
4b:bf:db:dd:6f:a6:07:1f:ea:d4:5d:52:0f:3b:b0:
4e:01:09:91:db:3e:e3:7a:d0:c7:c0:de:88:cd:5c:
e6:e8:63:cc:0f:fb:7a:87:3a:af:e7:d9:15:c8:e2:
31:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:92:36:79:FD:AD:12:2F:0B:A3:FF:FD:5E:10:0C:95:E7:80:D0:F7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/mpI2ef2tEi8Lo__9XhAMleeA0Pc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:71:cc:c2:92:4b:e1:a6:ab:11:60:e2:6e:5a:db:39:11:02:
bb:cb:2b:d7:98:98:ed:fb:8a:49:0f:17:35:1f:9c:6d:44:80:
c7:65:20:0d:87:51:3f:1f:77:5c:71:c3:59:4b:4b:5e:54:a7:
32:4f:2f:5b:ae:76:2d:3f:be:db:74:e5:3a:98:fe:fb:b1:66:
42:2a:fa:ea:6a:41:2c:34:12:83:3b:53:bd:38:3e:c5:c2:23:
09:f4:a5:e5:48:03:be:cc:be:0a:59:55:e3:1d:b8:b2:b7:1b:
0f:94:7f:7a:cd:aa:95:71:98:a8:47:51:13:61:90:60:e0:a9:
b4:76:02:89:b9:03:3c:eb:0a:8c:3d:cd:c5:52:1a:86:de:52:
51:7f:37:39:af:0b:18:3d:e8:5b:39:68:48:e0:00:c1:2c:5e:
61:a6:a8:02:17:7c:98:e6:6f:0e:61:df:30:cb:f6:52:f6:cf:
d3:b5:cb:9f:db:be:70:7d:fd:91:b4:d6:b7:5f:e2:eb:1c:ac:
a9:4a:62:e0:6e:3c:fd:cb:8c:2b:b0:b5:ab:f6:a7:55:b8:b2:
d5:46:a3:3d:4e:5d:bc:9c:c3:88:46:6c:87:9e:f6:94:7b:48:
6c:a9:5d:9b:26:8c:79:38:e5:26:4f:e1:73:65:5e:04:66:e3:
fb:ee:20:4a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEmIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgy
MzUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBOTIzNjc5RkRBRDEy
MkYwQkEzRkZGRDVFMTAwQzk1RTc4MEQwRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS1wfRQ2/taLN06l5+sCcgiyIxi9o3JJSz8dTxfjrqg3kZNjP4
41wUJGJDoODjbZ6jwFubF9Q9mLGCtMdklqROjkVbHMIwmUnhgXU+ZdWwNmiIO4pT
HA1RWQc1O9zwl+5Zc7eHbdpY2xzm4MHaIufpIU6BtKymhzcA2laqh+/8Z7yds0bV
4HOFeaaGCqn1Geo0d/2DMnYx7cmFJicC8rgSkJdHNFK5HsyQL79qrsqz+0oBnkVh
deDcobcXqcHe6VOa3qLWsXZo6zngJ6+CFY4ql0u/291vpgcf6tRdUg87sE4BCZHb
PuN60MfA3ojNXOboY8wP+3qHOq/n2RXI4jEzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmpI2ef2tEi8Lo//9XhAMleeA0PcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL21wSTJlZjJ0RWk4TG9f
XzlYaEFNbGVlQTBQYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAZXHMwpJL4aarEWDiblrbORECu8sr15iY
7fuKSQ8XNR+cbUSAx2UgDYdRPx93XHHDWUtLXlSnMk8vW652LT++23TlOpj++7Fm
Qir66mpBLDQSgztTvTg+xcIjCfSl5UgDvsy+CllV4x24srcbD5R/es2qlXGYqEdR
E2GQYOCptHYCibkDPOsKjD3NxVIaht5SUX83Oa8LGD3oWzloSOAAwSxeYaaoAhd8
mOZvDmHfMMv2UvbP07XLn9u+cH39kbTWt1/i6xysqUpi4G48/cuMK7C1q/anVbiy
1UajPU5dvJzDiEZsh572lHtIbKldmyaMeTjlJk/hc2VeBGbj++4gSg==
-----END CERTIFICATE-----
Generated at Tue Apr 9 01:13:34 2024 by rpki-client on console-fra.rpki-client.org