Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/urYm_G4nqHBL1J4mVPSdHvRbToU.roa
File: urYm_G4nqHBL1J4mVPSdHvRbToU.roa (raw, json)
Hash identifier: Ccqqxij1yW4khVkb453ypXe7qzsLsTCefCXnYfk+qag=
Subject key identifier: BA:B6:26:FC:6E:27:A8:70:4B:D4:9E:26:54:F4:9D:1E:F4:5B:4E:85
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0EA2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/urYm_G4nqHBL1J4mVPSdHvRbToU.roa
Signing time: Fri 29 Mar 2024 23:52:30 +0000
ROA not before: Fri 29 Mar 2024 23:52:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3746 (0xea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 23:52:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BAB626FC6E27A8704BD49E2654F49D1EF45B4E85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3a:bc:b5:a2:50:9f:95:6b:e0:3b:0d:7b:1c:
34:21:46:e6:01:6c:2b:1e:ec:97:a3:09:55:29:d2:
d1:98:2d:47:95:99:b3:c9:61:f0:2a:f8:fb:09:d2:
11:35:55:9d:95:0f:5d:31:63:31:65:69:33:f5:b0:
b8:b9:82:10:c0:67:7c:cb:2f:bb:8b:77:ac:b8:b2:
36:aa:ed:c5:36:01:32:4e:5c:1c:7a:2c:90:a0:61:
3d:40:aa:80:bc:8d:ea:f5:21:5e:bc:a7:46:0e:bb:
0f:66:b7:8c:ee:f3:b4:00:e8:9d:7c:9f:d8:04:2d:
f3:f1:f4:2f:f4:5f:45:ca:1b:a3:92:0b:ec:77:bd:
69:8f:41:fe:cc:66:b5:71:7d:fa:34:b7:d5:5d:7f:
4e:ed:57:65:3b:98:24:e4:94:b7:4d:f6:c2:07:80:
8b:d7:4c:01:a7:96:6f:16:35:51:29:f8:74:2b:c9:
ea:4d:e8:6a:de:d6:79:ba:23:25:d6:ed:a3:1f:67:
c7:b5:b3:8a:a5:aa:8b:fa:36:f2:6d:69:94:05:58:
3d:a3:53:e7:de:94:5f:c1:f2:d6:f5:70:9c:65:1e:
b0:6e:fc:f5:c2:f4:e0:bb:8b:55:c3:1c:3b:a7:23:
29:c1:62:37:19:ea:17:00:3d:69:4c:d2:71:a6:f6:
91:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B6:26:FC:6E:27:A8:70:4B:D4:9E:26:54:F4:9D:1E:F4:5B:4E:85
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/urYm_G4nqHBL1J4mVPSdHvRbToU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:05:15:2f:92:f7:74:18:14:29:a8:e0:d0:58:88:eb:f0:d0:
10:35:3c:f0:f0:c4:ed:fd:85:d5:3d:db:e7:a9:15:35:94:f0:
63:a2:59:c8:7c:93:bd:a6:f1:d7:93:2d:a8:e0:ec:42:6a:1c:
4a:94:f0:ba:f8:32:00:8a:bc:8a:f5:f6:66:83:09:23:9c:ac:
4c:0b:e6:5d:35:2d:af:8e:98:b1:7a:72:1f:32:4c:60:a0:49:
4f:66:50:38:c3:eb:ad:24:45:1e:61:07:8c:b2:d4:a0:5f:2d:
a1:3a:f8:80:db:18:19:5f:b2:47:27:dc:68:53:ac:7e:0a:f8:
13:66:a1:47:da:ae:d2:27:5e:67:5c:5e:f7:f6:97:37:0b:d0:
d5:d5:e3:3f:c5:2c:9f:9f:b1:8b:52:87:d1:df:5e:ae:74:13:
45:ec:db:37:fc:d2:e6:50:80:f2:02:f3:4c:21:14:1c:b9:e3:
e4:93:a6:8e:62:8e:be:c9:6f:d1:f1:57:86:ba:40:d7:32:9c:
87:a1:92:88:13:b2:ac:e8:27:2e:ad:34:de:65:e6:af:27:a5:
fc:fd:44:30:f4:b8:fc:7b:f4:da:36:11:ee:a0:e8:9b:42:ec:
d4:51:92:7d:8b:cd:38:ea:06:d4:10:3e:45:74:84:ca:c3:8f:
70:39:f1:24
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjky
MzUyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJBQjYyNkZDNkUyN0E4
NzA0QkQ0OUUyNjU0RjQ5RDFFRjQ1QjRFODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMOry1olCflWvgOw17HDQhRuYBbCse7JejCVUp0tGYLUeVmbPJ
YfAq+PsJ0hE1VZ2VD10xYzFlaTP1sLi5ghDAZ3zLL7uLd6y4sjaq7cU2ATJOXBx6
LJCgYT1AqoC8jer1IV68p0YOuw9mt4zu87QA6J18n9gELfPx9C/0X0XKG6OSC+x3
vWmPQf7MZrVxffo0t9Vdf07tV2U7mCTklLdN9sIHgIvXTAGnlm8WNVEp+HQryepN
6Gre1nm6IyXW7aMfZ8e1s4qlqov6NvJtaZQFWD2jU+felF/B8tb1cJxlHrBu/PXC
9OC7i1XDHDunIynBYjcZ6hcAPWlM0nGm9pHPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUurYm/G4nqHBL1J4mVPSdHvRbToUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3VyWW1fRzRucUhCTDFK
NG1WUFNkSHZSYlRvVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAEQUVL5L3dBgUKajg0FiI6/DQEDU88PDE
7f2F1T3b56kVNZTwY6JZyHyTvabx15MtqODsQmocSpTwuvgyAIq8ivX2ZoMJI5ys
TAvmXTUtr46YsXpyHzJMYKBJT2ZQOMPrrSRFHmEHjLLUoF8toTr4gNsYGV+yRyfc
aFOsfgr4E2ahR9qu0ideZ1xe9/aXNwvQ1dXjP8Usn5+xi1KH0d9ernQTRezbN/zS
5lCA8gLzTCEUHLnj5JOmjmKOvslv0fFXhrpA1zKch6GSiBOyrOgnLq003mXmryel
/P1EMPS4/Hv02jYR7qDom0Ls1FGSfYvNOOoG1BA+RXSEysOPcDnxJA==
-----END CERTIFICATE-----
Generated at Sat Mar 30 01:11:00 2024 by rpki-client on console-ams.rpki-client.org