Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/n4DsEOL7pzV_Bemeq4gxiv5bpN0.roa
File: n4DsEOL7pzV_Bemeq4gxiv5bpN0.roa (raw, json)
Hash identifier: mLENk3b9ePmm9LgwSBUxLmIpO9A/jij4PSBUIAAuoHA=
Subject key identifier: 9F:80:EC:10:E2:FB:A7:35:7F:05:E9:9E:AB:88:31:8A:FE:5B:A4:DD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FD8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/n4DsEOL7pzV_Bemeq4gxiv5bpN0.roa
Signing time: Tue 02 Apr 2024 05:22:40 +0000
ROA not before: Tue 02 Apr 2024 05:22:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4056 (0xfd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 2 05:22:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9F80EC10E2FBA7357F05E99EAB88318AFE5BA4DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8f:a1:1d:e3:30:6a:48:57:54:bc:0b:d2:da:
e7:06:4c:73:a0:60:c7:5d:51:17:72:7f:38:75:0d:
3c:e0:e3:1a:d5:40:60:82:7b:ad:f9:88:d8:3c:cd:
86:83:c2:1f:dc:8b:aa:9f:b6:9e:f3:e6:21:94:57:
c9:8e:73:97:4b:56:0b:1b:a2:5e:df:6e:aa:7b:d8:
b3:db:a9:87:a2:3c:4d:2f:77:80:df:be:41:35:39:
38:5c:3d:fe:87:1c:93:27:0d:49:87:04:76:61:84:
10:26:d6:ce:9d:49:97:9d:9e:54:d4:06:39:1a:d5:
cb:1c:3d:05:da:07:1c:67:95:0f:e8:28:7b:21:d8:
57:c8:21:a4:73:d6:97:29:3f:2d:56:36:56:3e:35:
98:ae:22:b0:d3:a8:92:93:cb:53:36:77:f2:11:1d:
06:b4:17:85:df:c2:72:b2:81:44:37:90:14:95:0d:
47:93:6f:7d:b8:4b:f4:04:33:eb:49:c8:1c:7b:38:
6a:7a:88:18:8a:19:dd:b4:37:15:46:ce:07:16:f9:
d2:45:af:3b:43:d1:d0:00:ea:78:91:0f:e5:66:44:
6a:61:ee:ea:ff:17:cd:31:82:3b:aa:31:6b:85:9f:
7c:05:6f:5b:b0:99:7c:46:a6:91:cd:7a:88:dc:63:
dc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:80:EC:10:E2:FB:A7:35:7F:05:E9:9E:AB:88:31:8A:FE:5B:A4:DD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/n4DsEOL7pzV_Bemeq4gxiv5bpN0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:95:7a:c4:ed:23:26:fd:eb:db:67:31:c1:3c:d0:fd:31:65:
87:25:a0:85:8b:41:f5:f2:81:4d:0c:0a:89:60:19:60:cd:44:
53:fd:cf:b8:b7:78:96:29:f3:35:30:3d:94:cf:4a:60:5a:3b:
9a:7f:d1:f0:97:7e:41:60:ea:01:e6:e7:b7:dd:8f:01:4c:0e:
6b:1a:79:68:34:f9:6c:b5:6e:86:47:52:f6:a6:cb:4a:e5:a4:
5b:bb:3a:22:b9:c3:3e:fa:0d:a4:66:52:8d:91:ac:db:99:0a:
21:f2:65:c6:68:08:f2:e3:5f:ce:5b:d2:16:a7:41:19:20:bf:
01:ea:68:6f:03:4e:0a:62:8b:0b:ff:63:27:62:2f:54:79:cd:
09:d8:73:6b:c7:43:f0:62:0b:dd:5c:0c:1b:97:87:70:01:d8:
2d:ea:9b:b2:3e:3c:0c:19:88:df:a2:d8:5a:d8:36:ba:a9:99:
74:01:a5:20:4b:9d:f3:d1:de:26:d6:32:fa:f3:e5:89:df:39:
0d:3b:2a:1e:bb:57:47:16:78:c4:9f:70:3e:93:8b:c9:83:6c:
9c:7b:1d:99:2a:d6:7f:8b:62:50:3e:6c:74:3c:1c:a2:67:0c:
d4:f9:75:8b:5a:18:1a:f6:cf:04:61:59:25:f2:58:5d:38:9b:
1d:ef:6e:2f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDIw
NTIyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGODBFQzEwRTJGQkE3
MzU3RjA1RTk5RUFCODgzMThBRkU1QkE0REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKj6Ed4zBqSFdUvAvS2ucGTHOgYMddURdyfzh1DTzg4xrVQGCC
e635iNg8zYaDwh/ci6qftp7z5iGUV8mOc5dLVgsbol7fbqp72LPbqYeiPE0vd4Df
vkE1OThcPf6HHJMnDUmHBHZhhBAm1s6dSZednlTUBjka1cscPQXaBxxnlQ/oKHsh
2FfIIaRz1pcpPy1WNlY+NZiuIrDTqJKTy1M2d/IRHQa0F4XfwnKygUQ3kBSVDUeT
b324S/QEM+tJyBx7OGp6iBiKGd20NxVGzgcW+dJFrztD0dAA6niRD+VmRGph7ur/
F80xgjuqMWuFn3wFb1uwmXxGppHNeojcY9zZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUn4DsEOL7pzV/Bemeq4gxiv5bpN0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL240RHNFT0w3cHpWX0Jl
bWVxNGd4aXY1YnBOMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAVpV6xO0jJv3r22cxwTzQ/TFlhyWghYtB
9fKBTQwKiWAZYM1EU/3PuLd4linzNTA9lM9KYFo7mn/R8Jd+QWDqAebnt92PAUwO
axp5aDT5bLVuhkdS9qbLSuWkW7s6IrnDPvoNpGZSjZGs25kKIfJlxmgI8uNfzlvS
FqdBGSC/AepobwNOCmKLC/9jJ2IvVHnNCdhza8dD8GIL3VwMG5eHcAHYLeqbsj48
DBmI36LYWtg2uqmZdAGlIEud89HeJtYy+vPlid85DTsqHrtXRxZ4xJ9wPpOLyYNs
nHsdmSrWf4tiUD5sdDwcomcM1Pl1i1oYGvbPBGFZJfJYXTibHe9uLw==
-----END CERTIFICATE-----
Generated at Tue Apr 2 06:45:47 2024 by rpki-client on console-ams.rpki-client.org