Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/nijes7ukyE8s426i9vpZQBDYGCo.roa
File: nijes7ukyE8s426i9vpZQBDYGCo.roa (raw, json)
Hash identifier: KXJsP8aTP/FKB4owCoDgqj2rUKC/7Pwv5XgSOkYiqrE=
Subject key identifier: 9E:28:DE:B3:BB:A4:C8:4F:2C:E3:6E:A2:F6:FA:59:40:10:D8:18:2A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E8A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nijes7ukyE8s426i9vpZQBDYGCo.roa
Signing time: Fri 29 Mar 2024 17:52:29 +0000
ROA not before: Fri 29 Mar 2024 17:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3722 (0xe8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 17:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E28DEB3BBA4C84F2CE36EA2F6FA594010D8182A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:59:37:52:8b:ac:fb:69:87:38:db:7c:2f:03:
77:9c:dd:7b:d8:b5:7a:23:70:5d:21:97:9c:4e:5b:
9c:25:35:30:95:31:11:90:fb:b4:d4:d8:ea:3e:62:
be:c2:f5:21:cc:14:58:e4:8c:14:3f:ff:1b:1c:90:
66:68:29:3f:87:02:15:0f:d5:b1:1a:fe:a5:5f:59:
b9:66:f6:68:62:45:47:34:03:54:47:f2:98:c4:7d:
1a:ab:fa:ba:2e:d1:ea:e4:61:ab:cc:c9:70:eb:99:
12:4c:2b:10:b6:52:f6:5e:12:29:46:b7:98:ca:89:
83:d0:54:79:03:11:ba:1f:70:dc:04:b2:7d:a4:d2:
74:fd:dc:95:d8:10:bc:ed:5a:9c:48:1b:d0:fc:8a:
08:d3:45:23:4e:41:eb:c4:d8:92:f4:e0:e6:0a:b9:
49:36:f5:83:4d:d1:b2:81:ab:cb:06:37:02:40:65:
91:b6:90:74:46:23:c5:68:b0:9e:36:cd:d9:16:d6:
0f:f8:d3:56:c4:6e:fc:e4:54:a9:d6:0e:58:22:be:
3c:9a:76:26:ef:d7:54:7c:19:48:2d:ff:a4:94:d4:
89:79:46:f6:93:8e:b9:21:b4:cd:cd:0b:02:d6:49:
67:d3:80:c6:45:64:bd:8e:ff:cd:33:b2:e7:e1:4d:
d9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:28:DE:B3:BB:A4:C8:4F:2C:E3:6E:A2:F6:FA:59:40:10:D8:18:2A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nijes7ukyE8s426i9vpZQBDYGCo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:b9:2e:93:ab:0a:ce:53:18:c3:b7:f4:02:e2:9f:7c:a4:5e:
8a:1e:c7:7b:e7:34:2e:0d:13:b1:09:f4:57:f4:41:ba:bc:b9:
a9:cb:8d:b5:71:94:c0:a6:a3:94:de:ca:ad:91:e4:77:b1:06:
6e:19:a2:d5:fe:a7:e5:9c:51:db:8c:eb:ba:2d:22:0c:cf:40:
be:10:1d:04:69:3f:99:e9:8c:4b:74:2c:57:62:0f:da:e3:42:
2f:b5:40:f2:06:f3:59:b1:8c:be:b0:5e:f9:b4:2e:ad:09:3c:
1d:72:7f:5b:97:2a:af:b8:21:e9:f1:5a:b3:07:fc:7e:37:56:
39:62:1b:94:87:ff:e9:00:d8:a5:b0:15:e8:63:57:c4:62:e2:
5d:cd:33:5f:f7:3a:51:4d:4a:b5:66:30:d8:d7:80:eb:a6:1c:
dc:36:63:61:f8:6b:86:25:4c:a8:8d:15:75:85:74:a1:cc:07:
11:53:f2:36:e0:ac:8e:39:6a:54:00:f2:47:5f:58:02:8b:ed:
de:33:95:c5:04:5e:19:00:27:b8:1b:f3:fd:fa:00:8d:5c:74:
36:6d:47:b1:93:a8:a3:3a:a8:b8:92:8d:2d:fa:e5:5c:cb:c6:
33:01:f8:f6:25:2f:c2:db:68:ce:3e:bf:83:db:4f:51:1e:e2:
d0:6e:8e:6e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkx
NzUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFMjhERUIzQkJBNEM4
NEYyQ0UzNkVBMkY2RkE1OTQwMTBEODE4MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsWTdSi6z7aYc423wvA3ec3XvYtXojcF0hl5xOW5wlNTCVMRGQ
+7TU2Oo+Yr7C9SHMFFjkjBQ//xsckGZoKT+HAhUP1bEa/qVfWblm9mhiRUc0A1RH
8pjEfRqr+rou0erkYavMyXDrmRJMKxC2UvZeEilGt5jKiYPQVHkDEbofcNwEsn2k
0nT93JXYELztWpxIG9D8igjTRSNOQevE2JL04OYKuUk29YNN0bKBq8sGNwJAZZG2
kHRGI8VosJ42zdkW1g/401bEbvzkVKnWDlgivjyadibv11R8GUgt/6SU1Il5RvaT
jrkhtM3NCwLWSWfTgMZFZL2O/80zsufhTdnNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnijes7ukyE8s426i9vpZQBDYGCowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL25pamVzN3VreUU4czQy
Nmk5dnBaUUJEWUdDby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAhLkuk6sKzlMYw7f0AuKffKReih7He+c0
Lg0TsQn0V/RBury5qcuNtXGUwKajlN7KrZHkd7EGbhmi1f6n5ZxR24zrui0iDM9A
vhAdBGk/memMS3QsV2IP2uNCL7VA8gbzWbGMvrBe+bQurQk8HXJ/W5cqr7gh6fFa
swf8fjdWOWIblIf/6QDYpbAV6GNXxGLiXc0zX/c6UU1KtWYw2NeA66Yc3DZjYfhr
hiVMqI0VdYV0ocwHEVPyNuCsjjlqVADyR19YAovt3jOVxQReGQAnuBvz/foAjVx0
Nm1HsZOoozqouJKNLfrlXMvGMwH49iUvwttozj6/g9tPUR7i0G6Obg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 21:30:25 2024 by rpki-client on console-fra.rpki-client.org