Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/nEu1I1tSZN-G3mRoikz39XoK4Qw.roa
File: nEu1I1tSZN-G3mRoikz39XoK4Qw.roa (raw, json)
Hash identifier: 86kzmWfTP6PXAxi+oRKhL4PERBhq9a2kQOHKoPT0KMQ=
Subject key identifier: 9C:4B:B5:23:5B:52:64:DF:86:DE:64:68:8A:4C:F7:F5:7A:0A:E1:0C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F62
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nEu1I1tSZN-G3mRoikz39XoK4Qw.roa
Signing time: Sun 31 Mar 2024 23:52:37 +0000
ROA not before: Sun 31 Mar 2024 23:52:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3938 (0xf62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 23:52:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9C4BB5235B5264DF86DE64688A4CF7F57A0AE10C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:67:1f:cc:2a:bf:8b:90:fe:c2:b1:9c:d3:13:
6f:78:ed:f1:16:ff:5d:be:1f:f3:03:a8:a9:15:db:
01:5c:69:65:93:6c:e3:c1:a8:8d:02:cc:96:b6:58:
09:7a:c7:aa:39:0c:77:aa:2a:46:d5:46:bd:ee:77:
aa:71:18:bf:b1:5e:cf:45:19:29:1f:04:43:71:a2:
da:f8:f3:e9:68:ed:3f:04:be:f6:bd:35:81:5c:99:
ed:ee:7e:f6:8f:72:8c:e4:a3:0f:2c:2a:b9:c8:0e:
9b:3b:7d:3c:0d:81:12:d1:f8:cf:28:05:fd:6b:73:
5b:3b:a6:ef:5e:0d:c0:d6:1a:70:fd:ae:62:5d:ae:
f2:ca:f5:7d:15:48:9d:79:70:8b:4b:e9:1c:70:65:
75:76:f4:36:17:ab:f8:80:6a:7b:93:c5:15:bb:93:
ed:7a:89:00:ce:80:de:24:77:8e:f2:f8:e9:d7:9e:
e9:5b:22:90:1e:13:32:59:6b:4e:3f:da:51:af:89:
ae:a8:55:6e:b5:14:1e:31:ee:61:af:c2:d8:13:c8:
90:8a:f7:64:be:33:90:ff:b5:a8:e1:29:6f:29:11:
c3:4d:26:ce:42:23:5b:d5:84:ae:bb:f2:be:31:93:
59:aa:0e:fe:0f:9d:64:0d:7d:46:88:71:44:e1:27:
9d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4B:B5:23:5B:52:64:DF:86:DE:64:68:8A:4C:F7:F5:7A:0A:E1:0C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nEu1I1tSZN-G3mRoikz39XoK4Qw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:cd:22:34:6c:a6:4f:57:6c:3a:43:9e:84:10:51:7d:57:a0:
66:6c:e4:e4:a8:c2:ce:68:b6:36:07:34:20:d9:28:33:3f:ee:
8a:40:be:55:ab:40:f1:60:67:77:8b:ca:e5:7b:f1:59:30:b1:
05:34:ad:70:5d:75:fb:b1:db:8a:90:bb:1c:d5:e5:47:44:3a:
3f:e4:c9:e0:1e:1b:50:21:d4:8f:17:e4:52:eb:1e:1a:86:f4:
c4:d5:e7:d5:ea:16:72:65:89:14:28:0f:0f:ee:b1:d8:b2:b1:
f8:40:18:6b:bb:34:ef:bc:31:f4:0b:ea:e2:92:10:88:1c:9a:
71:f0:b1:ce:a3:65:ff:25:81:92:a9:23:15:1f:ea:aa:00:82:
3a:1d:ed:22:ec:21:f6:2c:a8:96:80:17:04:e5:b6:cf:b9:69:
91:dc:77:70:b7:8b:55:d8:3c:47:66:a6:86:31:9c:7a:e0:62:
8b:1b:ae:7e:05:02:3e:e8:9b:d4:de:20:65:69:2d:bd:f3:69:
7c:74:3a:74:a3:7b:3d:2d:2b:94:99:8d:a0:5e:5f:d4:63:cb:
b9:6b:14:63:b6:b3:f0:70:5b:f4:39:86:9f:fc:65:d5:ed:43:
df:f2:9e:bc:c8:98:68:a9:0a:2d:e2:0c:93:7e:c6:9f:82:00:
01:cd:55:03
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEy
MzUyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlDNEJCNTIzNUI1MjY0
REY4NkRFNjQ2ODhBNENGN0Y1N0EwQUUxMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSZx/MKr+LkP7CsZzTE2947fEW/12+H/MDqKkV2wFcaWWTbOPB
qI0CzJa2WAl6x6o5DHeqKkbVRr3ud6pxGL+xXs9FGSkfBENxotr48+lo7T8Evva9
NYFcme3ufvaPcozkow8sKrnIDps7fTwNgRLR+M8oBf1rc1s7pu9eDcDWGnD9rmJd
rvLK9X0VSJ15cItL6RxwZXV29DYXq/iAanuTxRW7k+16iQDOgN4kd47y+OnXnulb
IpAeEzJZa04/2lGvia6oVW61FB4x7mGvwtgTyJCK92S+M5D/tajhKW8pEcNNJs5C
I1vVhK678r4xk1mqDv4PnWQNfUaIcUThJ53hAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnEu1I1tSZN+G3mRoikz39XoK4QwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL25FdTFJMXRTWk4tRzNt
Um9pa3ozOVhvSzRRdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAmc0iNGymT1dsOkOehBBRfVegZmzk5KjC
zmi2Ngc0INkoMz/uikC+VatA8WBnd4vK5XvxWTCxBTStcF11+7HbipC7HNXlR0Q6
P+TJ4B4bUCHUjxfkUuseGob0xNXn1eoWcmWJFCgPD+6x2LKx+EAYa7s077wx9Avq
4pIQiByacfCxzqNl/yWBkqkjFR/qqgCCOh3tIuwh9iyoloAXBOW2z7lpkdx3cLeL
Vdg8R2amhjGceuBiixuufgUCPuib1N4gZWktvfNpfHQ6dKN7PS0rlJmNoF5f1GPL
uWsUY7az8HBb9DmGn/xl1e1D3/KevMiYaKkKLeIMk37Gn4IAAc1VAw==
-----END CERTIFICATE-----
Generated at Mon Apr 1 01:17:01 2024 by rpki-client on console-fra.rpki-client.org