Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/yXiVV-oIe4BDQfzlJVeK6niHfVw.roa
File: yXiVV-oIe4BDQfzlJVeK6niHfVw.roa (raw, json)
Hash identifier: WawjJajtNOtkqdgzBHjA8lephLlmHE29ejGumB3Rkzs=
Subject key identifier: C9:78:95:57:EA:08:7B:80:43:41:FC:E5:25:57:8A:EA:78:87:7D:5C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1456
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yXiVV-oIe4BDQfzlJVeK6niHfVw.roa
Signing time: Sun 14 Apr 2024 04:53:20 +0000
ROA not before: Sun 14 Apr 2024 04:53:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5206 (0x1456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 04:53:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C9789557EA087B804341FCE525578AEA78877D5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:40:c0:40:25:bf:39:80:47:8d:25:d6:90:
9d:14:9d:be:a7:84:e3:31:2f:b2:6f:e7:f4:1f:5a:
11:98:e4:11:13:b7:94:66:36:96:c2:45:91:78:cc:
95:fe:30:43:94:e2:ad:c4:65:55:86:01:c2:d7:1c:
34:fd:07:a4:df:1b:45:6c:09:9b:74:26:ae:e2:89:
28:72:4f:ae:7b:cb:ee:9e:c4:03:88:0f:43:e9:1c:
b2:d9:44:ec:f1:3c:06:8e:ab:1d:56:c5:24:56:7f:
25:fd:4d:f9:ea:b0:fe:f5:09:5e:99:8c:9d:3e:22:
e6:4c:b4:0b:51:53:26:b6:f0:92:5e:4e:e6:31:19:
8d:40:52:29:58:5d:c3:62:d4:cb:0d:44:62:ee:00:
79:99:76:ba:e1:09:ef:38:20:da:db:77:3f:c5:cd:
06:e3:60:1a:7f:4b:37:e7:c4:56:5a:10:ba:1f:da:
39:50:ad:cf:9d:b3:8c:43:02:b5:7d:f4:5f:95:0e:
1c:81:38:da:32:46:8d:ac:cd:9c:91:cc:9f:93:9d:
dc:a2:80:86:e8:3c:23:65:51:2f:03:53:43:20:52:
8b:dd:e4:87:70:b1:07:01:5c:e8:30:cf:e8:7a:f5:
fd:90:d2:a6:c3:f0:de:66:7d:9e:be:f5:a2:68:af:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:78:95:57:EA:08:7B:80:43:41:FC:E5:25:57:8A:EA:78:87:7D:5C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yXiVV-oIe4BDQfzlJVeK6niHfVw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:fc:59:d7:82:06:72:e1:a9:cd:8c:ae:e4:d3:a8:33:13:40:
77:21:35:43:c0:53:2c:38:ba:b2:0f:e0:ba:56:06:9e:b4:52:
d6:67:48:3c:15:a0:b5:c8:12:83:f9:23:d2:99:c3:cb:3b:d2:
b1:02:2f:ce:8f:21:3a:38:07:4e:d3:70:fa:a5:42:54:e0:c9:
fe:0c:41:f0:30:63:94:c2:7b:7f:f7:04:1c:68:24:5f:c7:00:
3e:e6:30:e7:c4:17:56:9b:f3:f4:f4:7b:fc:82:5c:85:38:8e:
76:a6:3e:e8:42:80:10:ce:9f:c4:44:85:41:2d:fb:55:82:42:
a9:7b:67:53:ba:6c:d9:dd:71:cd:05:ac:3a:72:62:45:3f:c7:
0d:b6:ff:b5:78:b5:36:67:a6:09:70:fa:61:af:3b:56:b3:2b:
22:f4:eb:2c:32:e1:94:34:00:90:fc:11:d8:48:1c:08:a1:37:
ce:bf:d6:64:e2:5a:f1:5c:d3:33:cb:55:13:be:ab:21:6a:2e:
40:86:0c:64:53:c7:0a:ed:ea:01:08:9e:db:f7:92:dd:cb:b1:
21:3d:2d:00:a5:54:fd:ed:34:5c:dc:a9:cc:f4:77:9e:37:ba:
1d:35:37:5e:e7:2d:42:14:a8:69:c5:8b:26:f4:f0:21:a8:10:
65:4e:15:14
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQw
NDUzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM5Nzg5NTU3RUEwODdC
ODA0MzQxRkNFNTI1NTc4QUVBNzg4NzdENUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnsUDAQCW/OYBHjSXWkJ0Unb6nhOMxL7Jv5/QfWhGY5BETt5Rm
NpbCRZF4zJX+MEOU4q3EZVWGAcLXHDT9B6TfG0VsCZt0Jq7iiShyT657y+6exAOI
D0PpHLLZROzxPAaOqx1WxSRWfyX9TfnqsP71CV6ZjJ0+IuZMtAtRUya28JJeTuYx
GY1AUilYXcNi1MsNRGLuAHmZdrrhCe84INrbdz/FzQbjYBp/SzfnxFZaELof2jlQ
rc+ds4xDArV99F+VDhyBONoyRo2szZyRzJ+TndyigIboPCNlUS8DU0MgUovd5Idw
sQcBXOgwz+h69f2Q0qbD8N5mfZ6+9aJor1uLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyXiVV+oIe4BDQfzlJVeK6niHfVwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3lYaVZWLW9JZTRCRFFm
emxKVmVLNm5pSGZWdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAF/xZ14IGcuGpzYyu5NOoMxNAdyE1Q8BT
LDi6sg/gulYGnrRS1mdIPBWgtcgSg/kj0pnDyzvSsQIvzo8hOjgHTtNw+qVCVODJ
/gxB8DBjlMJ7f/cEHGgkX8cAPuYw58QXVpvz9PR7/IJchTiOdqY+6EKAEM6fxESF
QS37VYJCqXtnU7ps2d1xzQWsOnJiRT/HDbb/tXi1NmemCXD6Ya87VrMrIvTrLDLh
lDQAkPwR2EgcCKE3zr/WZOJa8VzTM8tVE76rIWouQIYMZFPHCu3qAQie2/eS3cux
IT0tAKVU/e00XNypzPR3nje6HTU3XuctQhSoacWLJvTwIagQZU4VFA==
-----END CERTIFICATE-----
Generated at Sun Apr 14 06:15:57 2024 by rpki-client on console-ams.rpki-client.org