Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/pMbFKvEcixx0kh9IqI96AstnOQg.roa
File: pMbFKvEcixx0kh9IqI96AstnOQg.roa (raw, json)
Hash identifier: 0pGkoIvU7GAjR+Rcbe4bA7rTbdXQGXDMC0I7dcua6YQ=
Subject key identifier: A4:C6:C5:2A:F1:1C:8B:1C:74:92:1F:48:A8:8F:7A:02:CB:67:39:08
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F18
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/pMbFKvEcixx0kh9IqI96AstnOQg.roa
Signing time: Sun 31 Mar 2024 05:22:35 +0000
ROA not before: Sun 31 Mar 2024 05:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3864 (0xf18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 05:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A4C6C52AF11C8B1C74921F48A88F7A02CB673908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:40:06:a7:4a:76:8a:bb:43:96:b9:b3:31:11:
19:2e:dd:36:fe:ca:1e:4a:b1:0b:db:fd:1c:cf:b9:
08:29:59:55:68:c2:5a:f5:66:87:de:a4:72:19:a1:
b3:e3:3e:fb:b6:77:24:d2:2e:17:30:3b:65:d5:20:
11:35:b9:9f:75:9d:9b:c2:da:45:0a:b5:0f:fa:00:
fa:51:b9:c7:14:e5:4e:18:42:fc:f4:33:e4:43:ab:
51:9e:02:31:99:39:a9:38:57:f3:08:19:08:5f:70:
dd:fb:0b:b5:ae:61:e2:6e:94:30:37:b4:0a:cd:19:
7b:f8:72:4b:4b:44:ff:50:f5:93:e8:12:a3:89:4a:
79:ff:7c:68:aa:e2:91:95:1b:29:31:e0:f6:64:d9:
d8:98:87:ef:d5:68:f4:20:6b:21:30:4d:9d:fe:4d:
16:5a:54:38:8d:c1:1e:93:f5:c8:37:fa:66:5a:92:
fe:6f:b3:20:bd:6f:13:71:4b:27:a6:27:da:6c:15:
41:0d:a9:7e:3d:ee:9b:d6:d0:cd:77:4f:dc:6c:11:
b5:e0:1d:45:c7:aa:c1:a3:13:77:d5:b6:fb:17:3e:
4a:ce:3e:89:ef:d1:98:80:88:cc:3b:c4:eb:b9:df:
ca:16:cc:e4:60:7d:5c:a7:42:af:35:24:e6:69:69:
a8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C6:C5:2A:F1:1C:8B:1C:74:92:1F:48:A8:8F:7A:02:CB:67:39:08
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/pMbFKvEcixx0kh9IqI96AstnOQg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:db:32:8d:03:43:0f:5e:c4:df:2c:19:53:97:af:f6:1a:63:
34:75:ab:2b:2d:1e:be:fb:c2:5c:61:c7:e3:78:e1:ea:54:06:
87:4a:e4:20:89:c3:f6:15:f7:9d:9c:68:8c:f9:43:84:66:06:
f6:b3:40:c7:b1:34:fa:0e:b9:e3:60:e9:0e:46:18:79:68:e2:
45:4f:9e:f2:5a:44:c3:80:4a:ef:6a:3d:45:1a:33:13:b2:d3:
66:9d:3a:00:83:3f:f1:e7:2c:2c:65:09:46:36:54:f8:1e:29:
09:96:ef:45:e2:56:87:3e:70:94:26:c3:6e:7b:e1:cf:fe:90:
fb:1f:37:de:d2:79:9f:67:31:32:17:f9:88:09:21:bb:ef:04:
b0:3e:83:9e:9e:0d:7a:89:20:23:cd:6d:ce:6e:5c:cd:1c:08:
d5:13:14:31:02:0a:92:dc:46:d9:90:e1:a7:f4:ad:d7:d0:dc:
db:ac:2e:51:1d:c9:76:77:65:5d:87:3f:68:71:af:28:84:86:
cb:da:00:f2:34:60:f8:f9:05:ae:88:26:17:cf:36:c8:60:31:
43:a7:e3:24:5e:b2:09:1f:96:a6:c0:a3:df:ee:99:df:84:a9:
8b:79:ce:48:04:e0:ab:a5:6d:9a:d6:d4:b8:0b:19:73:df:24:
1c:d2:0c:6d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEw
NTIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE0QzZDNTJBRjExQzhC
MUM3NDkyMUY0OEE4OEY3QTAyQ0I2NzM5MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoQAanSnaKu0OWubMxERku3Tb+yh5KsQvb/RzPuQgpWVVowlr1
ZofepHIZobPjPvu2dyTSLhcwO2XVIBE1uZ91nZvC2kUKtQ/6APpRuccU5U4YQvz0
M+RDq1GeAjGZOak4V/MIGQhfcN37C7WuYeJulDA3tArNGXv4cktLRP9Q9ZPoEqOJ
Snn/fGiq4pGVGykx4PZk2diYh+/VaPQgayEwTZ3+TRZaVDiNwR6T9cg3+mZakv5v
syC9bxNxSyemJ9psFUENqX497pvW0M13T9xsEbXgHUXHqsGjE3fVtvsXPkrOPonv
0ZiAiMw7xOu538oWzORgfVynQq81JOZpaagJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUpMbFKvEcixx0kh9IqI96AstnOQgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3BNYkZLdkVjaXh4MGto
OUlxSTk2QXN0bk9RZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAndsyjQNDD17E3ywZU5ev9hpjNHWrKy0e
vvvCXGHH43jh6lQGh0rkIInD9hX3nZxojPlDhGYG9rNAx7E0+g6542DpDkYYeWji
RU+e8lpEw4BK72o9RRozE7LTZp06AIM/8ecsLGUJRjZU+B4pCZbvReJWhz5wlCbD
bnvhz/6Q+x833tJ5n2cxMhf5iAkhu+8EsD6Dnp4NeokgI81tzm5czRwI1RMUMQIK
ktxG2ZDhp/St19Dc26wuUR3JdndlXYc/aHGvKISGy9oA8jRg+PkFrogmF882yGAx
Q6fjJF6yCR+WpsCj3+6Z34Spi3nOSATgq6VtmtbUuAsZc98kHNIMbQ==
-----END CERTIFICATE-----
Generated at Sun Mar 31 08:24:36 2024 by rpki-client on console-ams.rpki-client.org