Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/o0M6q1Pyhfzz99A2yXslTN5R0MI.roa
File: o0M6q1Pyhfzz99A2yXslTN5R0MI.roa (raw, json)
Hash identifier: pwlUJp8wqswFWynfeOtG35kgR2hV1dW4S4/FDuE2grE=
Subject key identifier: A3:43:3A:AB:53:F2:85:FC:F3:F7:D0:36:C9:7B:25:4C:DE:51:D0:C2
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 18A2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/o0M6q1Pyhfzz99A2yXslTN5R0MI.roa
Signing time: Thu 25 Apr 2024 15:53:43 +0000
ROA not before: Thu 25 Apr 2024 15:53:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6306 (0x18a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 25 15:53:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A3433AAB53F285FCF3F7D036C97B254CDE51D0C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f0:2b:a5:de:d2:97:2f:73:43:dc:ff:6b:1e:
d7:28:98:63:79:e0:f5:13:95:33:33:ea:78:aa:f1:
27:41:49:df:c6:1e:f1:c3:1d:bc:91:60:e6:da:55:
28:e8:dd:8f:f7:6d:bb:9e:36:3d:ab:8f:21:c8:5f:
a3:38:db:81:76:96:e5:1d:f1:5f:f5:b6:40:39:9a:
95:cb:85:5c:66:70:3a:46:2b:d6:ab:b5:ec:73:7a:
39:ae:ce:76:94:0c:4a:0d:0f:a6:f5:7e:f8:ac:fc:
0b:0d:78:ae:7f:6b:63:26:e2:45:99:78:d6:c4:37:
28:ed:e4:ab:9c:82:0b:28:3b:92:35:1c:1b:62:84:
e0:ef:08:d3:ea:7d:a8:e9:49:01:79:ea:5e:6d:25:
6c:b2:37:cf:68:a5:5a:5e:47:eb:c0:cf:fd:96:6b:
0b:12:74:04:2f:ae:e6:b8:4f:29:ff:be:79:e7:0f:
fa:e1:1c:22:b5:05:ee:0d:70:db:c5:14:ba:a1:3e:
10:be:6b:eb:40:8c:6d:51:b0:73:ac:4c:7b:02:d1:
ff:fe:58:9c:f8:7f:99:7f:00:6f:de:3a:ee:0b:b9:
8f:d5:38:ad:b6:7d:db:55:87:62:2a:8d:28:aa:ca:
83:f5:15:9c:eb:16:95:a7:3f:69:bd:cc:83:d3:7a:
fb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:43:3A:AB:53:F2:85:FC:F3:F7:D0:36:C9:7B:25:4C:DE:51:D0:C2
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/o0M6q1Pyhfzz99A2yXslTN5R0MI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:8f:9b:69:48:54:c8:92:bf:b0:ec:57:b1:f6:21:e2:63:29:
22:ce:f9:4a:b7:f6:81:97:59:3f:38:99:3c:95:40:36:96:32:
e3:19:79:57:a5:fc:7a:f8:33:4d:2c:d2:f2:c7:c9:06:b1:f0:
ad:c8:4d:96:4d:bc:02:02:f9:5e:9e:44:cb:2c:a2:11:22:8e:
2b:da:6b:d7:5e:79:73:e9:f5:54:81:1a:68:8a:c8:b9:4b:1b:
2f:ce:7f:89:16:27:76:cb:f8:b7:04:e3:f3:0d:ec:0d:34:7f:
27:5a:28:76:fa:dd:94:c5:24:a8:70:a8:f8:f3:9f:40:e2:f3:
80:f5:0e:8a:8f:09:af:b0:9e:44:57:26:b2:ae:5f:51:32:6c:
2c:89:39:69:b6:8c:cc:5a:63:6c:a6:51:8d:af:16:31:4a:65:
0f:24:aa:47:9e:92:7b:64:66:d2:83:1f:b2:07:8b:d1:a1:e0:
a7:3b:dc:38:eb:6b:f2:98:42:95:1b:7d:d9:45:d8:db:53:4b:
52:72:bc:7f:9d:f6:52:f0:7d:dc:d1:b1:12:61:8e:6b:33:72:
8c:40:4e:a2:e2:21:e4:af:7e:2e:6d:c1:3f:e4:d2:e1:04:df:
2e:11:01:00:1b:58:67:f3:dd:ab:ad:33:b7:b8:c6:0f:dd:73:
1b:f3:c6:ad
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjUx
NTUzNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEzNDMzQUFCNTNGMjg1
RkNGM0Y3RDAzNkM5N0IyNTRDREU1MUQwQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ8Cul3tKXL3ND3P9rHtcomGN54PUTlTMz6niq8SdBSd/GHvHD
HbyRYObaVSjo3Y/3bbueNj2rjyHIX6M424F2luUd8V/1tkA5mpXLhVxmcDpGK9ar
texzejmuznaUDEoND6b1fvis/AsNeK5/a2Mm4kWZeNbENyjt5KucggsoO5I1HBti
hODvCNPqfajpSQF56l5tJWyyN89opVpeR+vAz/2WawsSdAQvrua4Tyn/vnnnD/rh
HCK1Be4NcNvFFLqhPhC+a+tAjG1RsHOsTHsC0f/+WJz4f5l/AG/eOu4LuY/VOK22
fdtVh2IqjSiqyoP1FZzrFpWnP2m9zIPTevuPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUo0M6q1Pyhfzz99A2yXslTN5R0MIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL28wTTZxMVB5aGZ6ejk5
QTJ5WHNsVE41UjBNSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAmI+baUhUyJK/sOxXsfYh4mMpIs75Srf2
gZdZPziZPJVANpYy4xl5V6X8evgzTSzS8sfJBrHwrchNlk28AgL5Xp5EyyyiESKO
K9pr1155c+n1VIEaaIrIuUsbL85/iRYndsv4twTj8w3sDTR/J1oodvrdlMUkqHCo
+POfQOLzgPUOio8Jr7CeRFcmsq5fUTJsLIk5abaMzFpjbKZRja8WMUplDySqR56S
e2Rm0oMfsgeL0aHgpzvcOOtr8phClRt92UXY21NLUnK8f532UvB93NGxEmGOazNy
jEBOouIh5K9+Lm3BP+TS4QTfLhEBABtYZ/Pdq60zt7jGD91zG/PGrQ==
-----END CERTIFICATE-----
Generated at Thu Apr 25 20:33:05 2024 by rpki-client on console-ams.rpki-client.org