Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/yetVDxiYtL6tbbXesRXAnPFoC7o.roa
File: yetVDxiYtL6tbbXesRXAnPFoC7o.roa (raw, json)
Hash identifier: Ns0Mm+9QNX6sBZvudBbuiw4wLq7kFrXqbXu2k9HXxnY=
Subject key identifier: C9:EB:55:0F:18:98:B4:BE:AD:6D:B5:DE:B1:15:C0:9C:F1:68:0B:BA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10DE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yetVDxiYtL6tbbXesRXAnPFoC7o.roa
Signing time: Thu 04 Apr 2024 22:52:47 +0000
ROA not before: Thu 04 Apr 2024 22:52:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4318 (0x10de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 22:52:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C9EB550F1898B4BEAD6DB5DEB115C09CF1680BBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cd:41:30:7b:7f:01:fb:e7:fa:18:d3:14:0b:
11:6d:f0:f7:8c:35:72:ca:0a:f3:a2:ae:d9:a1:c7:
0c:7c:63:8f:45:93:4b:ed:b5:e5:62:98:c6:2e:a8:
8f:8c:6a:13:67:24:b2:3a:30:b9:90:27:e9:00:28:
09:96:1e:ea:f4:4c:df:60:00:fe:83:a1:36:08:67:
94:5e:59:46:14:2c:b1:49:64:1a:fd:5a:8f:3f:8f:
ea:16:ac:4e:15:00:05:4a:e1:28:37:06:cd:44:c7:
50:c1:94:0d:dd:57:6b:89:6e:4d:95:55:e6:61:56:
ae:b7:9e:5c:e0:7e:11:63:bf:da:e7:3d:86:0e:eb:
23:fa:40:71:6c:73:75:21:33:e8:20:a2:54:b0:28:
b4:43:10:85:16:f1:51:c9:48:bd:5c:a6:72:88:94:
f0:7a:37:8f:86:35:12:37:1c:c3:6b:66:08:8e:e8:
04:9e:0d:bc:bb:58:91:85:73:41:42:04:ec:45:46:
ee:8d:8c:8b:b6:e4:cd:29:8d:32:13:7c:ef:48:d2:
77:00:ce:b1:d9:f4:14:69:a8:7f:37:c6:d8:e8:30:
89:f1:e5:d1:cc:cd:79:0a:b6:8f:96:ec:25:6e:26:
d1:76:a2:2b:b0:86:df:51:58:e1:97:2c:62:9c:63:
aa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EB:55:0F:18:98:B4:BE:AD:6D:B5:DE:B1:15:C0:9C:F1:68:0B:BA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yetVDxiYtL6tbbXesRXAnPFoC7o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c5:0f:e4:9e:1c:06:3b:6d:5b:0e:40:f9:4e:7e:b0:b8:87:39:
20:6c:da:8c:a7:3a:ab:05:0a:29:cc:42:eb:4c:13:d1:3b:ca:
ba:f3:a7:8c:5f:e6:08:03:31:31:2e:d3:a7:b9:af:ca:b9:e7:
f6:a0:c5:13:9e:88:09:e0:cd:cd:3c:64:e7:24:83:c4:7f:ce:
68:62:c6:7e:3e:0a:97:7b:02:59:c5:16:f8:7e:de:e5:c4:ce:
14:53:06:bf:5d:17:bf:a0:a5:35:1b:f2:1c:89:16:73:63:e0:
bc:c4:7d:23:ab:88:c9:dc:51:7b:58:31:0c:4d:32:13:36:20:
fc:37:ea:8b:5a:e9:18:1d:63:58:03:9c:91:48:ee:90:f1:55:
2d:ac:ba:79:14:d8:99:e5:39:24:b8:1c:af:e7:ed:17:ce:9a:
29:25:4a:83:5c:55:c0:f0:1f:b7:35:69:09:78:e3:8c:22:5b:
ca:d6:72:c4:d6:bd:99:5b:97:8b:4d:26:08:09:9d:dd:88:84:
e2:4a:dd:ca:8c:39:30:90:6a:b0:f1:a8:cb:59:85:36:8e:0c:
5e:00:58:85:15:88:06:7c:c1:a1:92:55:1f:28:30:1f:e7:48:
13:d8:c3:0f:b2:d2:d0:ba:98:e9:bc:00:fe:e7:58:09:8b:7e:
2a:6c:d8:ca
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQy
MjUyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM5RUI1NTBGMTg5OEI0
QkVBRDZEQjVERUIxMTVDMDlDRjE2ODBCQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDzUEwe38B++f6GNMUCxFt8PeMNXLKCvOirtmhxwx8Y49Fk0vt
teVimMYuqI+MahNnJLI6MLmQJ+kAKAmWHur0TN9gAP6DoTYIZ5ReWUYULLFJZBr9
Wo8/j+oWrE4VAAVK4Sg3Bs1Ex1DBlA3dV2uJbk2VVeZhVq63nlzgfhFjv9rnPYYO
6yP6QHFsc3UhM+ggolSwKLRDEIUW8VHJSL1cpnKIlPB6N4+GNRI3HMNrZgiO6ASe
Dby7WJGFc0FCBOxFRu6NjIu25M0pjTITfO9I0ncAzrHZ9BRpqH83xtjoMInx5dHM
zXkKto+W7CVuJtF2oiuwht9RWOGXLGKcY6pZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyetVDxiYtL6tbbXesRXAnPFoC7owHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3lldFZEeGlZdEw2dGJi
WGVzUlhBblBGb0M3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAxQ/knhwGO21bDkD5Tn6wuIc5IGzajKc6
qwUKKcxC60wT0TvKuvOnjF/mCAMxMS7Tp7mvyrnn9qDFE56ICeDNzTxk5ySDxH/O
aGLGfj4Kl3sCWcUW+H7e5cTOFFMGv10Xv6ClNRvyHIkWc2PgvMR9I6uIydxRe1gx
DE0yEzYg/Dfqi1rpGB1jWAOckUjukPFVLay6eRTYmeU5JLgcr+ftF86aKSVKg1xV
wPAftzVpCXjjjCJbytZyxNa9mVuXi00mCAmd3YiE4krdyow5MJBqsPGoy1mFNo4M
XgBYhRWIBnzBoZJVHygwH+dIE9jDD7LS0LqY6bwA/udYCYt+KmzYyg==
-----END CERTIFICATE-----
Generated at Fri Apr 5 03:07:36 2024 by rpki-client on console-fra.rpki-client.org