Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ub-AANnte1wkZ_wxxPPhY2lhdG0.roa
File: ub-AANnte1wkZ_wxxPPhY2lhdG0.roa (raw, json)
Hash identifier: aP+IOZhcOCQjmnOpd13/qQZe16eWnNuhQC5M0E7N+OM=
Subject key identifier: B9:BF:80:00:D9:ED:7B:5C:24:67:FC:31:C4:F3:E1:63:69:61:74:6D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15BC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ub-AANnte1wkZ_wxxPPhY2lhdG0.roa
Signing time: Wed 17 Apr 2024 22:24:16 +0000
ROA not before: Wed 17 Apr 2024 22:24:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5564 (0x15bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 22:24:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B9BF8000D9ED7B5C2467FC31C4F3E1636961746D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c3:12:ce:aa:cc:65:b4:85:0f:58:dd:38:55:
97:f4:ca:ca:2f:fe:93:a9:e3:d6:82:4e:54:5a:19:
62:3a:d3:8c:81:c9:05:98:54:b2:71:84:ae:19:83:
fd:e3:15:79:cf:82:ce:b2:cf:5e:2e:77:fd:ce:8a:
82:34:ff:0a:ac:ab:89:55:cd:3f:62:f3:1b:dd:05:
b7:18:1f:db:3f:f4:d2:bd:ca:37:9b:19:b0:ce:60:
91:83:e1:5d:16:62:a6:4b:d8:2a:bd:68:31:e4:ae:
28:e3:68:98:ac:b6:b4:f8:4e:69:0c:af:62:d8:b7:
d7:7f:12:98:27:dd:28:9f:af:72:93:c6:04:07:5c:
aa:ca:d3:03:dd:d6:7c:a1:d1:7a:61:c7:48:9c:7c:
8b:21:9c:60:73:00:b2:32:78:fc:68:0a:b8:2d:81:
fa:06:ee:d3:ce:10:f6:5d:0f:27:c3:5c:e4:a5:c7:
10:4c:19:40:af:fd:ee:8f:71:dd:36:e8:a5:c2:2e:
8a:a5:71:f5:82:15:2a:4c:fc:39:fd:5b:88:b8:ab:
4f:a5:64:b2:1e:b4:32:e6:56:c8:91:d6:72:79:d8:
02:00:eb:dc:8d:24:29:af:3b:a2:10:d1:cb:b3:c5:
52:5b:62:33:0a:71:8b:40:9f:0b:79:fb:e2:af:c1:
35:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BF:80:00:D9:ED:7B:5C:24:67:FC:31:C4:F3:E1:63:69:61:74:6D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ub-AANnte1wkZ_wxxPPhY2lhdG0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:6d:eb:f3:0a:63:bc:7d:94:4f:04:55:a7:84:e4:61:04:3a:
27:ed:70:4d:1e:3a:32:13:5b:11:c6:51:81:dd:c2:65:d6:94:
e6:a4:31:73:f6:2f:46:de:7c:0b:15:b5:63:e7:42:b9:77:66:
81:89:17:fd:de:89:a9:c6:7b:ad:3e:81:c2:3e:2b:fa:ee:4d:
29:b6:4b:9d:9d:3b:fe:f7:cb:51:c2:07:96:ce:34:47:91:bb:
24:4f:f7:80:46:16:1e:75:4a:9b:1e:17:35:ee:b4:b9:c1:51:
e5:d3:67:4a:d6:19:e7:cd:20:5e:37:92:40:ff:e2:1b:46:61:
71:cc:74:ba:e5:46:5b:76:f8:d8:fa:35:db:67:89:d0:f4:e0:
82:93:39:1e:c5:bc:4f:92:fc:ac:3f:b9:8d:31:e1:16:b1:ca:
10:3d:a9:67:f6:68:86:a4:df:f8:36:0f:77:52:2b:8d:c9:07:
d5:d6:2f:ad:35:01:0a:f5:39:76:69:a6:3e:f2:da:26:38:8c:
1c:16:fd:cb:95:1a:35:4c:6b:6a:51:8f:da:fc:12:4c:52:b8:
89:0d:64:f0:5f:cf:68:42:a6:c9:41:34:c3:da:f1:e0:eb:fd:
2f:40:02:08:b5:30:9e:6b:83:95:7d:0b:9b:3b:c6:17:08:15:
b3:9d:6d:66
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFbwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcy
MjI0MTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI5QkY4MDAwRDlFRDdC
NUMyNDY3RkMzMUM0RjNFMTYzNjk2MTc0NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9wxLOqsxltIUPWN04VZf0ysov/pOp49aCTlRaGWI604yByQWY
VLJxhK4Zg/3jFXnPgs6yz14ud/3OioI0/wqsq4lVzT9i8xvdBbcYH9s/9NK9yjeb
GbDOYJGD4V0WYqZL2Cq9aDHkrijjaJistrT4TmkMr2LYt9d/Epgn3Sifr3KTxgQH
XKrK0wPd1nyh0Xphx0icfIshnGBzALIyePxoCrgtgfoG7tPOEPZdDyfDXOSlxxBM
GUCv/e6Pcd026KXCLoqlcfWCFSpM/Dn9W4i4q0+lZLIetDLmVsiR1nJ52AIA69yN
JCmvO6IQ0cuzxVJbYjMKcYtAnwt5++KvwTXZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUub+AANnte1wkZ/wxxPPhY2lhdG0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3ViLUFBTm50ZTF3a1pf
d3h4UFBoWTJsaGRHMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAsm3r8wpjvH2UTwRVp4TkYQQ6J+1wTR46
MhNbEcZRgd3CZdaU5qQxc/YvRt58CxW1Y+dCuXdmgYkX/d6JqcZ7rT6Bwj4r+u5N
KbZLnZ07/vfLUcIHls40R5G7JE/3gEYWHnVKmx4XNe60ucFR5dNnStYZ580gXjeS
QP/iG0Zhccx0uuVGW3b42Po122eJ0PTggpM5HsW8T5L8rD+5jTHhFrHKED2pZ/Zo
hqTf+DYPd1IrjckH1dYvrTUBCvU5dmmmPvLaJjiMHBb9y5UaNUxralGP2vwSTFK4
iQ1k8F/PaEKmyUE0w9rx4Ov9L0ACCLUwnmuDlX0LmzvGFwgVs51tZg==
-----END CERTIFICATE-----
Generated at Wed Apr 17 23:44:28 2024 by rpki-client on console-ams.rpki-client.org