Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/v75yEgSLO8jhjGtlRFu9GZ2mQj0.roa
File: v75yEgSLO8jhjGtlRFu9GZ2mQj0.roa (raw, json)
Hash identifier: rPbv9TOKLSViBW/iFmFvRfY84F+v8Ot8QEQldh4M6Uc=
Subject key identifier: BF:BE:72:12:04:8B:3B:C8:E1:8C:6B:65:44:5B:BD:19:9D:A6:42:3D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1484
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v75yEgSLO8jhjGtlRFu9GZ2mQj0.roa
Signing time: Sun 14 Apr 2024 16:23:15 +0000
ROA not before: Sun 14 Apr 2024 16:23:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5252 (0x1484)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 16:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BFBE7212048B3BC8E18C6B65445BBD199DA6423D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:0f:9e:a5:09:c9:c7:04:02:8d:be:73:51:
48:e9:b0:59:b4:da:27:74:45:8f:1c:9d:c1:dc:0a:
ea:a5:6a:12:70:d9:4f:34:5f:b5:a5:2d:4b:c3:a8:
0a:d2:74:35:7b:9f:3c:02:b4:4f:fe:51:b8:96:35:
54:ad:da:12:71:d9:8f:5d:fa:8f:3a:d1:f3:d4:a1:
db:d8:72:13:f0:5b:04:c9:77:94:c8:e8:01:c2:92:
b0:15:6c:a0:b1:25:31:ea:84:6f:f4:41:87:df:08:
e3:6f:2e:08:17:cd:16:f3:f8:ae:62:2d:a5:90:a7:
65:31:59:2b:aa:ba:d5:6c:ee:15:7c:dc:54:38:45:
12:a7:bb:3a:c3:15:8a:26:71:fc:ba:d2:8a:56:40:
d0:38:51:78:fd:35:c9:fc:49:b2:9a:5e:d3:ad:f6:
19:45:12:84:11:65:7f:ec:a3:12:4d:9d:45:6f:25:
05:32:16:57:be:24:b5:a0:d2:74:43:a3:98:69:72:
1b:29:73:6d:7c:71:5d:c2:9f:7d:74:56:2e:ba:05:
ea:2f:dc:f2:96:10:85:85:bd:0e:e0:e0:d8:bb:f6:
3f:b3:35:62:98:bf:58:b7:3d:ef:36:8e:c7:3c:99:
0b:1f:c2:d7:0d:df:1e:06:44:32:f9:95:76:59:7b:
25:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BE:72:12:04:8B:3B:C8:E1:8C:6B:65:44:5B:BD:19:9D:A6:42:3D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v75yEgSLO8jhjGtlRFu9GZ2mQj0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:3f:31:c4:42:4b:55:3d:91:45:21:d2:7c:40:48:78:92:8e:
b2:e2:d3:16:7c:a0:7e:6d:ad:bc:16:ed:f3:eb:ce:1c:ac:40:
98:94:f6:49:ea:a3:bb:1e:04:f6:6f:f1:1a:6a:9c:fe:84:c3:
61:43:3d:76:e5:99:63:92:db:19:a5:02:78:5a:b7:e1:01:dd:
ae:5e:43:a6:18:4a:bc:f4:f5:76:17:33:37:e8:97:cb:4c:56:
7f:04:fb:6e:c6:af:5e:bb:38:34:46:37:4a:c7:f5:c1:8e:b1:
40:e7:f9:f7:83:cd:45:ea:93:a0:d5:70:ba:d8:98:b7:f6:61:
ef:75:67:07:68:73:0a:ef:3c:b4:c7:55:39:f4:6e:d4:e7:eb:
05:ac:12:b7:f3:8d:42:23:08:31:6f:8c:7e:db:07:70:3d:91:
bf:9d:af:f8:33:18:77:5b:13:59:f2:91:a6:3f:d0:0b:37:3b:
6b:86:d3:8d:b6:82:05:0b:df:c1:05:b3:4f:0b:16:69:11:b2:
3a:d6:1d:2f:b2:d9:6e:f5:95:bb:4e:39:8e:3d:94:54:8e:cb:
d9:a1:c8:13:8b:c8:2a:84:6b:b8:5e:08:61:31:11:34:ee:aa:
66:ef:67:af:9c:1d:4f:c9:b8:09:6f:ab:89:08:0b:7f:f1:5e:
c5:5c:d3:d3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQx
NjIzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGQkU3MjEyMDQ4QjNC
QzhFMThDNkI2NTQ0NUJCRDE5OURBNjQyM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs5Q+epQnJxwQCjb5zUUjpsFm02id0RY8cncHcCuqlahJw2U80
X7WlLUvDqArSdDV7nzwCtE/+UbiWNVSt2hJx2Y9d+o860fPUodvYchPwWwTJd5TI
6AHCkrAVbKCxJTHqhG/0QYffCONvLggXzRbz+K5iLaWQp2UxWSuqutVs7hV83FQ4
RRKnuzrDFYomcfy60opWQNA4UXj9Ncn8SbKaXtOt9hlFEoQRZX/soxJNnUVvJQUy
Fle+JLWg0nRDo5hpchspc218cV3Cn310Vi66Beov3PKWEIWFvQ7g4Ni79j+zNWKY
v1i3Pe82jsc8mQsfwtcN3x4GRDL5lXZZeyUXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUv75yEgSLO8jhjGtlRFu9GZ2mQj0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3Y3NXlFZ1NMTzhqaGpH
dGxSRnU5R1oybVFqMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAGz8xxEJLVT2RRSHSfEBIeJKOsuLTFnyg
fm2tvBbt8+vOHKxAmJT2Seqjux4E9m/xGmqc/oTDYUM9duWZY5LbGaUCeFq34QHd
rl5DphhKvPT1dhczN+iXy0xWfwT7bsavXrs4NEY3Ssf1wY6xQOf594PNReqToNVw
utiYt/Zh73VnB2hzCu88tMdVOfRu1OfrBawSt/ONQiMIMW+MftsHcD2Rv52v+DMY
d1sTWfKRpj/QCzc7a4bTjbaCBQvfwQWzTwsWaRGyOtYdL7LZbvWVu045jj2UVI7L
2aHIE4vIKoRruF4IYTERNO6qZu9nr5wdT8m4CW+riQgLf/FexVzT0w==
-----END CERTIFICATE-----
Generated at Sun Apr 14 18:09:15 2024 by rpki-client on console-ams.rpki-client.org