Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ypU_M_scT7lrE5alY0-u-X3C9X4.roa
File: ypU_M_scT7lrE5alY0-u-X3C9X4.roa (raw, json)
Hash identifier: EROJCabV2U2fDlW1Ypshv5e1/AffQlIIM3EAD9/u6zM=
Subject key identifier: CA:95:3F:33:FB:1C:4F:B9:6B:13:96:A5:63:4F:AE:F9:7D:C2:F5:7E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13FA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ypU_M_scT7lrE5alY0-u-X3C9X4.roa
Signing time: Sat 13 Apr 2024 05:54:11 +0000
ROA not before: Sat 13 Apr 2024 05:54:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5114 (0x13fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 05:54:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CA953F33FB1C4FB96B1396A5634FAEF97DC2F57E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:bf:e2:a8:d6:cb:12:2d:fb:72:67:e2:db:
25:46:37:b8:f6:b3:74:f9:d3:23:93:97:9f:5a:80:
24:cf:eb:38:53:01:a3:9d:9a:59:a2:06:9d:aa:78:
3e:0a:ed:2b:20:5d:34:a3:93:46:81:10:12:9d:2f:
23:db:4f:ce:9d:31:7d:c8:9a:07:bd:76:f6:d8:83:
db:2b:d4:27:2f:e7:56:b7:4a:ef:58:16:20:a1:36:
89:c3:3a:68:fa:c9:53:1a:f3:21:89:85:de:78:2a:
c3:8a:d7:30:4b:13:4a:ca:14:a0:bc:e9:c6:b9:71:
08:10:66:5e:a9:4b:bb:c2:fd:8a:3b:1d:67:6f:3d:
4a:d1:52:38:db:d6:ef:0e:50:1b:53:ae:d3:12:ab:
b6:27:97:9a:66:61:13:00:40:99:8d:96:a2:d3:09:
56:e0:5b:df:2e:6e:fe:a3:5c:61:4a:9e:f4:bb:c5:
72:32:51:73:4d:e7:49:44:59:bb:f5:bb:cb:ed:62:
0f:4b:10:6d:6d:0a:0b:5b:95:30:24:61:b8:5e:dd:
e6:ed:23:b1:f6:f4:39:99:fa:73:15:cd:d3:98:a6:
9f:e8:3f:33:f3:9f:5a:04:a6:33:1a:01:68:70:8f:
55:25:ea:1a:0c:91:00:e0:8e:05:eb:c8:80:da:ba:
f8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:95:3F:33:FB:1C:4F:B9:6B:13:96:A5:63:4F:AE:F9:7D:C2:F5:7E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ypU_M_scT7lrE5alY0-u-X3C9X4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:49:4f:60:15:e6:4a:c5:b3:ea:80:7a:8d:bd:60:dc:6e:9f:
91:76:dd:70:83:93:bf:a4:10:ea:0d:b7:d0:65:c2:a8:30:c9:
b9:d2:86:b4:c9:c5:96:9a:04:52:ac:a0:67:7c:07:2d:bc:b0:
46:69:93:67:9f:82:15:43:c4:31:c3:ac:e1:b5:e9:f3:a8:3c:
e2:d7:d9:01:25:09:77:b0:84:5a:ee:8e:be:e3:8a:38:50:cc:
db:5c:8a:eb:76:ef:0d:f1:37:b0:bd:7e:72:26:f6:91:15:35:
f7:8b:5b:09:6e:94:26:48:f3:39:e6:cd:3f:d9:9d:60:2d:29:
e0:ed:6a:72:7e:bf:98:d2:fc:aa:41:74:ff:95:d4:47:6b:19:
5f:b7:b6:c6:c5:b8:4b:34:bb:3d:bf:56:2d:e1:f6:be:ce:83:
05:0e:1e:1b:7e:a5:75:a0:bf:be:7e:ec:08:71:8b:07:c7:1e:
53:76:82:7b:1b:f9:6b:59:76:f5:16:a1:90:22:e3:cd:39:30:
9e:6d:0f:a6:85:83:23:dd:d3:c1:76:d8:e9:dc:b2:f5:53:b6:
48:3d:1a:22:a5:8d:ea:5f:d9:ac:06:54:82:d7:97:aa:95:55:
77:00:74:f2:e1:2e:dc:c3:55:4d:ba:4e:0e:4e:6c:25:52:75:
f2:19:7f:49
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMw
NTU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBOTUzRjMzRkIxQzRG
Qjk2QjEzOTZBNTYzNEZBRUY5N0RDMkY1N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuqL/iqNbLEi37cmfi2yVGN7j2s3T50yOTl59agCTP6zhTAaOd
mlmiBp2qeD4K7SsgXTSjk0aBEBKdLyPbT86dMX3Imge9dvbYg9sr1Ccv51a3Su9Y
FiChNonDOmj6yVMa8yGJhd54KsOK1zBLE0rKFKC86ca5cQgQZl6pS7vC/Yo7HWdv
PUrRUjjb1u8OUBtTrtMSq7Ynl5pmYRMAQJmNlqLTCVbgW98ubv6jXGFKnvS7xXIy
UXNN50lEWbv1u8vtYg9LEG1tCgtblTAkYbhe3ebtI7H29DmZ+nMVzdOYpp/oPzPz
n1oEpjMaAWhwj1Ul6hoMkQDgjgXryIDauvizAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUypU/M/scT7lrE5alY0+u+X3C9X4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3lwVV9NX3NjVDdsckU1
YWxZMC11LVgzQzlYNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAYElPYBXmSsWz6oB6jb1g3G6fkXbdcIOT
v6QQ6g230GXCqDDJudKGtMnFlpoEUqygZ3wHLbywRmmTZ5+CFUPEMcOs4bXp86g8
4tfZASUJd7CEWu6OvuOKOFDM21yK63bvDfE3sL1+cib2kRU194tbCW6UJkjzOebN
P9mdYC0p4O1qcn6/mNL8qkF0/5XUR2sZX7e2xsW4SzS7Pb9WLeH2vs6DBQ4eG36l
daC/vn7sCHGLB8ceU3aCexv5a1l29RahkCLjzTkwnm0PpoWDI93TwXbY6dyy9VO2
SD0aIqWN6l/ZrAZUgteXqpVVdwB08uEu3MNVTbpODk5sJVJ18hl/SQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 09:22:12 2024 by rpki-client on console-fra.rpki-client.org