Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/n8foEhNmRMNyEBZ9U14yaBSGHE0.roa
File: n8foEhNmRMNyEBZ9U14yaBSGHE0.roa (raw, json)
Hash identifier: CFMwMYKq8lByRMpuOTQA2BVkg8QyoRKhkp4cvv8nyQI=
Subject key identifier: 9F:C7:E8:12:13:66:44:C3:72:10:16:7D:53:5E:32:68:14:86:1C:4D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B84
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/n8foEhNmRMNyEBZ9U14yaBSGHE0.roa
Signing time: Fri 03 May 2024 08:24:11 +0000
ROA not before: Fri 03 May 2024 08:24:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7044 (0x1b84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 08:24:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9FC7E812136644C37210167D535E326814861C4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:80:82:46:01:50:21:18:39:ac:2b:25:fd:c3:
b4:11:47:84:80:18:8d:c3:e1:fd:7d:27:2b:24:60:
26:ba:56:00:bb:73:c3:d5:86:3e:81:a6:7e:af:32:
24:7a:e3:e8:07:48:9b:b5:bc:14:3e:50:43:d5:e4:
16:a3:ca:bc:76:e4:0e:4f:f3:6b:aa:94:dd:a3:58:
60:de:e9:aa:81:4a:56:11:5c:8d:3f:08:ee:cd:63:
50:b7:c2:c2:4d:ff:14:65:b3:46:f0:07:0f:58:df:
af:c8:74:1c:93:43:43:a3:46:c1:78:87:b9:f4:8d:
4f:c4:fa:10:5c:76:2a:ba:07:c9:f7:b5:dc:09:49:
62:05:3d:07:aa:51:68:c2:c3:1a:56:6a:e3:c1:89:
27:31:18:2f:68:40:e6:c6:c6:57:91:a4:7a:b0:ac:
b0:be:8c:62:a5:63:6c:77:92:d7:3e:f5:1a:40:a0:
44:ce:89:50:30:a8:40:be:fd:c2:4e:df:df:fa:e0:
88:57:7a:a5:5e:65:2e:d0:0d:b2:57:bb:b1:8f:ff:
a8:8b:45:b9:9a:17:96:1b:7d:59:00:15:5e:ad:4d:
31:9f:47:2e:ff:b2:e0:5f:ff:fd:e7:29:7c:13:4c:
f8:ac:aa:24:81:08:99:dd:9e:6e:dc:e4:5e:04:bf:
53:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C7:E8:12:13:66:44:C3:72:10:16:7D:53:5E:32:68:14:86:1C:4D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/n8foEhNmRMNyEBZ9U14yaBSGHE0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c0:bf:9d:dd:78:df:90:da:bf:5b:3e:4a:64:ff:22:5e:10:8b:
97:ee:e6:c1:24:3f:12:9f:45:01:7d:90:c6:85:38:60:a6:9e:
c0:42:b3:91:70:36:b1:e3:a1:a9:46:e7:26:fe:db:60:e9:de:
9e:08:a8:4a:3c:47:c7:7a:d2:af:e7:8c:18:73:9e:f8:8a:6f:
8c:a6:c6:ab:c8:16:6e:42:2e:ae:bb:57:72:6c:02:44:57:f0:
59:12:1d:9d:31:ea:e4:0f:be:99:ca:35:0c:64:fa:1b:24:79:
b8:b7:86:8c:cd:68:4e:fc:34:f1:83:3b:a2:d1:46:79:58:3a:
41:3d:ae:5e:30:38:9e:2a:f6:f1:c0:6a:66:f2:1f:19:bf:27:
b1:25:f9:1a:97:d2:b6:08:d8:8c:6f:77:1d:0b:fb:00:83:de:
73:3a:99:ac:cc:c2:2a:1e:9e:1f:63:fa:ed:2a:a8:12:7a:16:
3b:09:bf:d7:e2:cc:e5:d1:6e:89:c2:83:1e:9b:4d:a5:85:85:
c5:24:4c:62:7d:cb:9b:8b:74:75:a1:4b:ef:e1:0c:ea:1b:ee:
d2:15:0e:41:b6:2b:8c:81:53:57:64:84:29:0e:1c:47:25:f0:
e0:45:b4:3d:96:e9:7a:11:fc:21:b5:25:ac:8c:85:9f:4d:10:
af:32:7c:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMw
ODI0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGQzdFODEyMTM2NjQ0
QzM3MjEwMTY3RDUzNUUzMjY4MTQ4NjFDNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAgIJGAVAhGDmsKyX9w7QRR4SAGI3D4f19JyskYCa6VgC7c8PV
hj6Bpn6vMiR64+gHSJu1vBQ+UEPV5Bajyrx25A5P82uqlN2jWGDe6aqBSlYRXI0/
CO7NY1C3wsJN/xRls0bwBw9Y36/IdByTQ0OjRsF4h7n0jU/E+hBcdiq6B8n3tdwJ
SWIFPQeqUWjCwxpWauPBiScxGC9oQObGxleRpHqwrLC+jGKlY2x3ktc+9RpAoETO
iVAwqEC+/cJO39/64IhXeqVeZS7QDbJXu7GP/6iLRbmaF5YbfVkAFV6tTTGfRy7/
suBf//3nKXwTTPisqiSBCJndnm7c5F4Ev1OrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUn8foEhNmRMNyEBZ9U14yaBSGHE0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL244Zm9FaE5tUk1OeUVC
WjlVMTR5YUJTR0hFMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAwL+d3XjfkNq/Wz5KZP8iXhCLl+7mwSQ/
Ep9FAX2QxoU4YKaewEKzkXA2seOhqUbnJv7bYOnengioSjxHx3rSr+eMGHOe+Ipv
jKbGq8gWbkIurrtXcmwCRFfwWRIdnTHq5A++mco1DGT6GyR5uLeGjM1oTvw08YM7
otFGeVg6QT2uXjA4nir28cBqZvIfGb8nsSX5GpfStgjYjG93HQv7AIPeczqZrMzC
Kh6eH2P67SqoEnoWOwm/1+LM5dFuicKDHptNpYWFxSRMYn3Lm4t0daFL7+EM6hvu
0hUOQbYrjIFTV2SEKQ4cRyXw4EW0PZbpehH8IbUlrIyFn00QrzJ8Cg==
-----END CERTIFICATE-----
Generated at Fri May 3 14:10:55 2024 by rpki-client on console-fra.rpki-client.org