Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/sd8BzeMLRkJjGNDNdcOkwFb76sc.roa
File: sd8BzeMLRkJjGNDNdcOkwFb76sc.roa (raw, json)
Hash identifier: 9sVKox7oCwRE4jFxP+VcF98ISxurxJlSHqjXeAck+pI=
Subject key identifier: B1:DF:01:CD:E3:0B:46:42:63:18:D0:CD:75:C3:A4:C0:56:FB:EA:C7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1088
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/sd8BzeMLRkJjGNDNdcOkwFb76sc.roa
Signing time: Thu 04 Apr 2024 01:22:49 +0000
ROA not before: Thu 04 Apr 2024 01:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4232 (0x1088)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 01:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B1DF01CDE30B46426318D0CD75C3A4C056FBEAC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:66:09:0c:e3:c0:59:3b:c9:39:b2:56:a6:cb:
96:c7:51:28:48:ea:b3:b2:ee:e8:cc:04:1e:6b:6a:
86:d7:40:de:05:6d:de:0c:63:7b:c7:ea:c3:37:db:
13:c1:66:37:56:99:99:87:26:a6:93:e8:af:ec:ef:
bd:5c:c9:04:79:bb:cb:c1:68:91:6c:6d:bb:f4:a2:
65:0e:31:63:67:7d:a9:d5:7e:74:aa:a8:a4:c5:c7:
14:75:83:35:27:dc:83:87:ff:db:40:4e:9c:01:88:
61:2d:99:3b:d3:cf:75:58:9c:f1:c6:24:11:a7:e4:
f6:02:68:37:07:97:f2:c2:4e:7b:a1:57:c6:bc:82:
a7:0e:e5:af:45:bf:27:e4:d8:99:74:b8:a8:53:24:
0b:36:10:df:af:d7:83:71:8a:4f:74:9a:c8:48:be:
f9:3e:cb:82:18:9a:6b:a4:09:4f:fb:0f:56:bf:08:
21:07:8c:cc:19:80:f9:30:58:cd:de:7d:7e:2a:fa:
1c:96:eb:e9:48:55:71:c5:37:fb:52:3c:45:c0:46:
bc:0f:2d:14:c2:9d:5d:85:60:f0:f9:2d:60:26:e5:
9f:02:47:26:e2:18:14:82:24:e1:17:18:4e:f4:03:
54:bd:8c:db:76:4f:3c:fc:21:d8:8b:c0:d9:68:b0:
58:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DF:01:CD:E3:0B:46:42:63:18:D0:CD:75:C3:A4:C0:56:FB:EA:C7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/sd8BzeMLRkJjGNDNdcOkwFb76sc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:d1:03:6c:5f:6f:2e:6f:e2:87:f0:bf:ce:95:61:2f:b9:bb:
9e:69:61:6f:7d:eb:eb:38:bb:41:4b:95:00:2a:30:8e:41:8a:
60:90:61:b2:ed:68:69:39:df:58:04:4b:f1:73:58:23:43:e7:
6a:ce:7e:61:15:46:a9:b1:43:66:1e:e4:0a:d1:74:04:7c:68:
6e:6d:b2:8e:69:2f:d0:7a:43:50:0f:66:56:8d:fe:a6:8a:1a:
f1:83:08:49:66:4e:88:af:f2:a4:ae:30:5c:81:78:1d:50:b3:
da:21:dd:08:3c:51:04:34:12:81:f6:d5:a7:44:70:0e:9e:1a:
17:71:c8:15:b3:0e:c5:4e:18:62:e0:1a:95:22:3b:11:86:dc:
ea:9d:3b:bd:10:3a:22:cc:72:2a:27:84:49:f1:62:29:df:3c:
f9:a2:1d:94:b1:88:45:da:d0:f6:82:57:66:3b:38:fd:a4:72:
40:4f:05:11:a7:5d:46:5b:e5:d4:9d:b0:4e:ed:0a:13:09:c2:
64:fb:4e:38:7b:6d:e2:ac:0d:cc:14:5a:57:87:1f:54:db:4d:
15:65:fd:f9:3c:57:e5:8a:99:8e:bb:91:e7:17:a0:b3:90:79:
69:cc:47:7d:2e:e4:93:b3:50:e4:27:a6:4f:69:55:35:e3:5e:
d7:8d:5d:05
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQw
MTIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIxREYwMUNERTMwQjQ2
NDI2MzE4RDBDRDc1QzNBNEMwNTZGQkVBQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTZgkM48BZO8k5slamy5bHUShI6rOy7ujMBB5raobXQN4Fbd4M
Y3vH6sM32xPBZjdWmZmHJqaT6K/s771cyQR5u8vBaJFsbbv0omUOMWNnfanVfnSq
qKTFxxR1gzUn3IOH/9tATpwBiGEtmTvTz3VYnPHGJBGn5PYCaDcHl/LCTnuhV8a8
gqcO5a9Fvyfk2Jl0uKhTJAs2EN+v14Nxik90mshIvvk+y4IYmmukCU/7D1a/CCEH
jMwZgPkwWM3efX4q+hyW6+lIVXHFN/tSPEXARrwPLRTCnV2FYPD5LWAm5Z8CRybi
GBSCJOEXGE70A1S9jNt2Tzz8IdiLwNlosFhNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsd8BzeMLRkJjGNDNdcOkwFb76scwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3NkOEJ6ZU1MUmtKakdO
RE5kY09rd0ZiNzZzYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAP9EDbF9vLm/ih/C/zpVhL7m7nmlhb33r
6zi7QUuVACowjkGKYJBhsu1oaTnfWARL8XNYI0Pnas5+YRVGqbFDZh7kCtF0BHxo
bm2yjmkv0HpDUA9mVo3+pooa8YMISWZOiK/ypK4wXIF4HVCz2iHdCDxRBDQSgfbV
p0RwDp4aF3HIFbMOxU4YYuAalSI7EYbc6p07vRA6IsxyKieESfFiKd88+aIdlLGI
RdrQ9oJXZjs4/aRyQE8FEaddRlvl1J2wTu0KEwnCZPtOOHtt4qwNzBRaV4cfVNtN
FWX9+TxX5YqZjruR5xegs5B5acxHfS7kk7NQ5CemT2lVNeNe141dBQ==
-----END CERTIFICATE-----
Generated at Thu Apr 4 02:56:16 2024 by rpki-client on console-fra.rpki-client.org