Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/y-6Pf6Vg5ziHr9_F6QESvOAJoCc.roa
File: y-6Pf6Vg5ziHr9_F6QESvOAJoCc.roa (raw, json)
Hash identifier: YJjCIRbISOn96e04Fh0MfQJoIZ75e9JujtpgZoNJGT8=
Subject key identifier: CB:EE:8F:7F:A5:60:E7:38:87:AF:DF:C5:E9:01:12:BC:E0:09:A0:27
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C7E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/y-6Pf6Vg5ziHr9_F6QESvOAJoCc.roa
Signing time: Sun 05 May 2024 22:54:15 +0000
ROA not before: Sun 05 May 2024 22:54:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7294 (0x1c7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 22:54:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CBEE8F7FA560E73887AFDFC5E90112BCE009A027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:88:05:87:3a:54:e8:0e:57:50:15:8d:ca:92:
34:c4:c6:82:b7:94:79:c9:9c:c2:8b:cd:80:e0:38:
f6:b0:5e:7d:18:ff:b2:dd:f0:00:a7:86:58:34:ad:
2b:2a:88:66:fe:af:96:3c:63:6a:07:75:da:d6:9a:
72:7c:f0:cb:19:aa:b0:52:dc:43:e2:c3:c6:67:c4:
e3:f2:c2:0c:b7:4d:0c:4d:4b:00:0a:9b:2f:53:a9:
0c:bc:e5:8f:b7:30:fc:34:16:95:a2:53:84:aa:7a:
01:8b:2e:3c:24:c6:5e:85:cd:1a:8d:46:d3:9d:7f:
5a:65:f7:6e:43:15:ba:0c:a7:de:4f:ef:dc:94:e6:
a6:75:5c:a4:b3:75:0a:b8:8b:4a:a0:5a:78:21:00:
bf:4a:fb:ae:a1:a7:dd:3b:36:c2:1d:fe:fa:1f:29:
39:f5:9a:65:f2:58:52:e8:10:03:07:31:d2:6d:b7:
56:3c:5a:ee:63:b1:5a:a8:f1:af:5d:fd:d0:23:91:
13:5b:20:f4:7f:59:d2:5d:32:3f:fd:cd:9f:b7:76:
82:8a:7d:a9:7c:a1:3d:03:fe:da:0c:6c:e9:e1:77:
28:43:fa:f7:8d:a7:ea:ff:22:14:66:10:30:f1:e4:
07:08:f8:e1:c8:c6:d4:39:40:36:dd:37:30:a2:46:
15:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EE:8F:7F:A5:60:E7:38:87:AF:DF:C5:E9:01:12:BC:E0:09:A0:27
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/y-6Pf6Vg5ziHr9_F6QESvOAJoCc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:43:ce:79:e5:be:3c:17:f7:ab:97:29:64:a2:f7:d9:5d:25:
22:60:7f:ba:5a:ce:0d:92:34:9d:b9:de:e7:3a:89:64:dd:3b:
c0:26:80:0f:12:60:56:32:9a:6b:26:0f:72:28:b1:56:54:a7:
2f:2c:1e:84:b4:57:d5:7e:99:53:f9:01:90:80:f0:e1:1a:1d:
09:f4:6e:48:48:f7:39:c0:8d:ad:07:70:d5:f1:9b:26:36:87:
16:57:7b:d4:ff:5d:86:1e:11:89:84:78:78:19:4f:cd:b5:25:
e4:97:7d:1c:40:cf:d8:d8:5b:ef:c3:b8:69:dd:78:55:db:6e:
da:b1:74:7a:29:f5:a7:b8:43:ec:8c:22:4c:45:9c:9c:cd:4f:
3a:fe:53:e8:09:05:26:e5:03:9d:07:62:30:c0:dc:4c:2a:1b:
e6:14:60:c9:40:bd:7d:6d:04:ca:dc:94:ac:46:52:d1:ee:29:
29:3b:49:c5:da:b4:75:f4:76:98:8e:a7:17:fc:c5:04:3b:9b:
8e:b5:16:30:55:0b:af:ce:22:b7:78:f0:71:54:7c:f4:a5:a2:
c1:25:81:d6:f4:ba:7e:60:87:b6:b2:f5:5b:65:dd:6e:e1:e0:
74:2d:07:6a:49:36:5f:02:cb:84:21:83:50:b2:97:e6:5a:66:
8a:32:0a:b1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHH4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUy
MjU0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCRUU4RjdGQTU2MEU3
Mzg4N0FGREZDNUU5MDExMkJDRTAwOUEwMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIiAWHOlToDldQFY3KkjTExoK3lHnJnMKLzYDgOPawXn0Y/7Ld
8ACnhlg0rSsqiGb+r5Y8Y2oHddrWmnJ88MsZqrBS3EPiw8ZnxOPywgy3TQxNSwAK
my9TqQy85Y+3MPw0FpWiU4SqegGLLjwkxl6FzRqNRtOdf1pl925DFboMp95P79yU
5qZ1XKSzdQq4i0qgWnghAL9K+66hp907NsId/vofKTn1mmXyWFLoEAMHMdJtt1Y8
Wu5jsVqo8a9d/dAjkRNbIPR/WdJdMj/9zZ+3doKKfal8oT0D/toMbOnhdyhD+veN
p+r/IhRmEDDx5AcI+OHIxtQ5QDbdNzCiRhVBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUy+6Pf6Vg5ziHr9/F6QESvOAJoCcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3ktNlBmNlZnNXppSHI5
X0Y2UUVTdk9BSm9DYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAhEPOeeW+PBf3q5cpZKL32V0lImB/ulrO
DZI0nbne5zqJZN07wCaADxJgVjKaayYPciixVlSnLywehLRX1X6ZU/kBkIDw4Rod
CfRuSEj3OcCNrQdw1fGbJjaHFld71P9dhh4RiYR4eBlPzbUl5Jd9HEDP2Nhb78O4
ad14Vdtu2rF0ein1p7hD7IwiTEWcnM1POv5T6AkFJuUDnQdiMMDcTCob5hRgyUC9
fW0EytyUrEZS0e4pKTtJxdq0dfR2mI6nF/zFBDubjrUWMFULr84it3jwcVR89KWi
wSWB1vS6fmCHtrL1W2XdbuHgdC0Hakk2XwLLhCGDULKX5lpmijIKsQ==
-----END CERTIFICATE-----
Generated at Mon May 6 00:11:21 2024 by rpki-client on console-fra.rpki-client.org