Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/yVr82HMZszOQoUd8fSMJ5prD4G0.roa
File: yVr82HMZszOQoUd8fSMJ5prD4G0.roa (raw, json)
Hash identifier: ZekEiWjL8l+a86Zyt2l3LBz6t4pKsQxnl6pThA8vGwk=
Subject key identifier: C9:5A:FC:D8:73:19:B3:33:90:A1:47:7C:7D:23:09:E6:9A:C3:E0:6D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0DEE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yVr82HMZszOQoUd8fSMJ5prD4G0.roa
Signing time: Thu 28 Mar 2024 02:52:32 +0000
ROA not before: Thu 28 Mar 2024 02:52:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3566 (0xdee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 28 02:52:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C95AFCD87319B33390A1477C7D2309E69AC3E06D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:af:67:ba:fe:59:21:5d:17:1f:c5:04:45:d4:
a2:92:20:f8:e2:48:d5:50:82:8e:05:1d:b4:91:0b:
e1:1c:59:44:90:1e:0f:da:15:47:23:a2:8f:f7:de:
d2:d9:47:d4:0f:4f:5e:23:ff:b5:70:03:10:24:1e:
db:4c:45:1b:aa:64:51:ca:ad:89:00:18:37:d2:73:
9e:5a:64:65:32:b4:59:9c:8f:c6:82:39:07:fb:8f:
8d:7a:51:b7:59:d4:fe:e2:aa:92:98:f4:35:56:3e:
35:29:5e:84:41:24:1e:ec:f5:48:ca:af:74:c4:c5:
12:a4:d2:94:93:a1:90:ad:4e:28:49:ab:f0:49:86:
84:36:9e:41:04:39:f3:19:90:c9:1c:a1:36:32:db:
cb:88:16:86:f0:f6:30:e7:62:dc:c0:df:62:52:6a:
2c:d5:69:02:2f:a3:2a:39:11:7d:4c:aa:bb:86:0b:
67:ed:f7:b4:72:b8:5d:40:37:36:dc:d5:4f:f9:b7:
ff:c8:7e:43:31:a3:d0:98:ce:36:68:03:f0:29:03:
de:dc:56:75:58:ac:d6:46:47:53:b2:35:f6:8a:2f:
40:4f:d0:6a:54:b7:f0:3b:93:75:23:57:ab:f0:54:
7c:10:e8:85:a5:88:85:2f:0e:5f:e6:bc:6a:85:49:
30:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5A:FC:D8:73:19:B3:33:90:A1:47:7C:7D:23:09:E6:9A:C3:E0:6D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yVr82HMZszOQoUd8fSMJ5prD4G0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:68:0f:97:3d:6f:b8:13:26:98:a3:3b:ec:04:8d:cc:3f:82:
8a:f3:23:75:77:b4:0c:69:6a:6a:ab:58:22:8c:ff:0f:47:d8:
c1:50:80:4a:95:f8:92:b0:b3:d8:ec:20:d3:af:fc:3b:b7:aa:
1c:c6:37:9c:25:0a:49:e3:83:97:a4:b1:78:56:9a:95:8b:5b:
38:c8:55:af:f1:9c:c0:71:83:7f:5e:29:fe:5c:63:a3:23:8d:
1e:fb:77:fb:bc:c5:c0:e8:b2:88:5b:af:60:de:ab:eb:8e:8a:
eb:65:31:72:96:0e:e1:ce:83:55:48:9e:c8:c6:8d:6a:db:3b:
6a:36:fd:55:8a:20:83:81:81:a4:9b:1e:4b:e1:dc:ef:af:bc:
4c:35:b4:28:7b:20:75:d0:37:ef:d7:da:a9:54:fd:48:0c:15:
12:b3:b3:1e:21:55:65:ac:89:67:89:62:1a:28:20:bb:55:d6:
00:69:0c:bc:02:36:ae:46:58:f8:25:e3:54:29:41:33:26:23:
b0:70:47:ee:8b:f9:ed:e4:71:e1:cf:09:d7:5b:26:05:ac:76:
2c:87:fc:0a:54:f7:5d:bd:f4:5a:09:b9:da:54:e9:a9:d8:11:
35:c9:d1:86:37:e9:ee:57:b3:52:16:4a:02:88:eb:5a:ad:91:
11:b2:28:30
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjgw
MjUyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM5NUFGQ0Q4NzMxOUIz
MzM5MEExNDc3QzdEMjMwOUU2OUFDM0UwNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAr2e6/lkhXRcfxQRF1KKSIPjiSNVQgo4FHbSRC+EcWUSQHg/a
FUcjoo/33tLZR9QPT14j/7VwAxAkHttMRRuqZFHKrYkAGDfSc55aZGUytFmcj8aC
OQf7j416UbdZ1P7iqpKY9DVWPjUpXoRBJB7s9UjKr3TExRKk0pSToZCtTihJq/BJ
hoQ2nkEEOfMZkMkcoTYy28uIFobw9jDnYtzA32JSaizVaQIvoyo5EX1MqruGC2ft
97RyuF1ANzbc1U/5t//IfkMxo9CYzjZoA/ApA97cVnVYrNZGR1OyNfaKL0BP0GpU
t/A7k3UjV6vwVHwQ6IWliIUvDl/mvGqFSTCXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyVr82HMZszOQoUd8fSMJ5prD4G0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3lWcjgySE1ac3pPUW9V
ZDhmU01KNXByRDRHMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAI2gPlz1vuBMmmKM77ASNzD+CivMjdXe0
DGlqaqtYIoz/D0fYwVCASpX4krCz2Owg06/8O7eqHMY3nCUKSeODl6SxeFaalYtb
OMhVr/GcwHGDf14p/lxjoyONHvt3+7zFwOiyiFuvYN6r646K62UxcpYO4c6DVUie
yMaNats7ajb9VYogg4GBpJseS+Hc76+8TDW0KHsgddA379faqVT9SAwVErOzHiFV
ZayJZ4liGiggu1XWAGkMvAI2rkZY+CXjVClBMyYjsHBH7ov57eRx4c8J11smBax2
LIf8ClT3Xb30Wgm52lTpqdgRNcnRhjfp7lezUhZKAojrWq2REbIoMA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:01:45 2024 by rpki-client on console-fra.rpki-client.org