Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/uWyOb7bPPYriWy0Z-Kzun08WavQ.roa
File: uWyOb7bPPYriWy0Z-Kzun08WavQ.roa (raw, json)
Hash identifier: E9MVERhfu8FIMaraHLIHf2XwezEsF2/eFo4UP9GD4a0=
Subject key identifier: B9:6C:8E:6F:B6:CF:3D:8A:E2:5B:2D:19:F8:AC:EE:9F:4F:16:6A:F4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1324
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/uWyOb7bPPYriWy0Z-Kzun08WavQ.roa
Signing time: Thu 11 Apr 2024 00:23:10 +0000
ROA not before: Thu 11 Apr 2024 00:23:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4900 (0x1324)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 11 00:23:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B96C8E6FB6CF3D8AE25B2D19F8ACEE9F4F166AF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e0:8f:44:3a:6c:00:67:78:31:1c:b8:78:2d:
54:2f:52:32:9c:e1:74:c6:8d:d3:95:1b:d4:93:41:
8c:08:4a:bc:1f:2d:ea:e9:0f:a5:4a:6f:a0:fc:3b:
fb:33:ab:08:3c:55:8d:8c:2b:3b:09:2b:83:72:8e:
fb:c9:3b:f9:74:68:0f:eb:45:c2:41:bf:d0:65:12:
bb:15:af:ce:17:80:cf:8d:86:f3:81:0c:7f:79:93:
82:12:db:21:16:42:be:d4:17:2b:27:45:d9:f2:61:
ef:ab:01:61:4b:01:95:74:8c:19:2d:98:dd:70:7b:
dc:25:48:9b:8a:bd:22:ca:67:43:1c:90:c4:e3:b1:
21:82:9b:29:1f:46:81:cc:65:fd:db:79:94:30:29:
86:24:4a:10:0e:75:e0:76:f0:88:92:5e:32:bd:6e:
f5:75:50:dc:70:05:95:4c:c0:2a:de:2d:5b:1f:51:
82:e4:93:52:b9:19:0f:3b:c3:6f:b2:47:46:34:14:
99:b4:d8:2c:1a:b7:36:0f:5e:4c:d5:48:f0:55:9a:
1a:32:3a:38:7e:c5:47:5f:d1:8d:6a:33:ad:a6:6d:
50:41:5e:79:7f:2f:71:ef:37:a7:7f:7f:ac:ec:77:
9f:54:a0:66:82:07:f0:1d:5c:bc:40:a5:4c:6c:b4:
e3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6C:8E:6F:B6:CF:3D:8A:E2:5B:2D:19:F8:AC:EE:9F:4F:16:6A:F4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/uWyOb7bPPYriWy0Z-Kzun08WavQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:a7:18:f6:90:f9:bf:ff:f6:7c:14:f8:d4:aa:4e:6c:aa:9b:
fd:1e:81:0d:32:a7:db:d1:6c:40:60:a9:d8:3c:50:b0:f6:75:
1c:28:a3:aa:f6:15:ad:54:e4:35:44:3b:ae:c2:85:fb:ed:0d:
89:8a:8e:ce:9e:73:cc:9e:4d:24:dd:c2:14:67:d5:75:12:a2:
df:ad:a2:39:5d:c6:2d:28:be:85:72:81:ff:f5:a5:06:8a:a8:
f3:14:67:fc:bf:2f:2c:59:16:4c:80:f2:39:3b:0d:76:76:b9:
b6:3f:af:e7:9a:15:dd:5e:7c:ec:dd:7b:b3:7a:7c:6a:4e:2f:
61:ba:03:96:ce:be:4b:44:9c:cf:49:ef:98:8c:f9:41:33:a9:
54:d1:f2:d4:6d:99:71:9a:c9:52:58:d9:87:08:aa:3b:ba:f7:
b1:82:9e:47:b6:d8:fc:fe:e1:80:2e:1c:8d:3a:72:d7:5c:e1:
4b:70:8e:b3:b0:e0:7b:3b:f9:9f:92:29:49:21:8d:9a:63:42:
28:6f:96:6e:a1:70:c4:fa:bb:88:b4:d2:14:4c:e1:4c:23:09:
c3:91:3d:db:06:ca:97:6e:1e:69:64:0c:d9:30:27:e8:90:0c:
33:db:a8:cd:7a:32:e2:9e:0e:ea:97:af:1c:51:70:c0:69:2f:
7c:d6:af:45
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEyQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTEw
MDIzMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI5NkM4RTZGQjZDRjNE
OEFFMjVCMkQxOUY4QUNFRTlGNEYxNjZBRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC74I9EOmwAZ3gxHLh4LVQvUjKc4XTGjdOVG9STQYwISrwfLerp
D6VKb6D8O/szqwg8VY2MKzsJK4NyjvvJO/l0aA/rRcJBv9BlErsVr84XgM+NhvOB
DH95k4IS2yEWQr7UFysnRdnyYe+rAWFLAZV0jBktmN1we9wlSJuKvSLKZ0MckMTj
sSGCmykfRoHMZf3beZQwKYYkShAOdeB28IiSXjK9bvV1UNxwBZVMwCreLVsfUYLk
k1K5GQ87w2+yR0Y0FJm02CwatzYPXkzVSPBVmhoyOjh+xUdf0Y1qM62mbVBBXnl/
L3HvN6d/f6zsd59UoGaCB/AdXLxApUxstON7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUuWyOb7bPPYriWy0Z+Kzun08WavQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3VXeU9iN2JQUFlyaVd5
MFotS3p1bjA4V2F2US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAyacY9pD5v//2fBT41KpObKqb/R6BDTKn
29FsQGCp2DxQsPZ1HCijqvYVrVTkNUQ7rsKF++0NiYqOzp5zzJ5NJN3CFGfVdRKi
362iOV3GLSi+hXKB//WlBoqo8xRn/L8vLFkWTIDyOTsNdna5tj+v55oV3V587N17
s3p8ak4vYboDls6+S0Scz0nvmIz5QTOpVNHy1G2ZcZrJUljZhwiqO7r3sYKeR7bY
/P7hgC4cjTpy11zhS3COs7Dgezv5n5IpSSGNmmNCKG+WbqFwxPq7iLTSFEzhTCMJ
w5E92wbKl24eaWQM2TAn6JAMM9uozXoy4p4O6pevHFFwwGkvfNavRQ==
-----END CERTIFICATE-----
Generated at Thu Apr 11 03:49:46 2024 by rpki-client on console-fra.rpki-client.org