Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PYtYDH_X7Y-w6wUgnbAe4xpR6_E.roa
File: PYtYDH_X7Y-w6wUgnbAe4xpR6_E.roa (raw, json)
Hash identifier: p0Cv/XDL1jLlhue9cl9UQqfNWswbHP3Z2VsxnfbQ6NU=
Subject key identifier: 3D:8B:58:0C:7F:D7:ED:8F:B0:EB:05:20:9D:B0:1E:E3:1A:51:EB:F1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0EDE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PYtYDH_X7Y-w6wUgnbAe4xpR6_E.roa
Signing time: Sat 30 Mar 2024 14:52:32 +0000
ROA not before: Sat 30 Mar 2024 14:52:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3806 (0xede)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 14:52:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3D8B580C7FD7ED8FB0EB05209DB01EE31A51EBF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:5c:ce:61:db:47:91:19:54:ce:23:59:d9:
cc:6d:c8:bc:76:a5:1c:f7:fc:29:fd:6f:97:14:fb:
b2:ef:d0:24:c4:c3:d1:26:dd:29:a2:3d:ff:54:70:
a6:81:8f:0c:09:41:91:1a:3b:0f:fe:02:0b:6d:59:
8f:39:6c:8c:ad:42:a4:7d:a8:0b:f8:42:be:3d:7a:
ab:a7:a7:0b:dd:25:4e:70:04:63:01:56:c9:16:23:
19:f0:fb:7a:b3:af:c0:03:fb:ee:50:93:ed:ba:79:
18:be:ba:ae:9e:b1:af:71:51:84:58:1b:ab:34:95:
b9:c6:b0:a8:07:46:02:29:ce:0a:af:7c:b6:dd:c4:
bb:ec:7a:8a:e0:15:fd:52:2a:04:6a:cb:cd:5c:e5:
0b:04:cf:9b:df:1b:b3:0a:c0:db:26:29:f9:3c:0c:
b5:4e:b5:05:ff:cb:65:71:f4:fc:5b:62:32:df:ed:
bb:52:0b:af:dd:65:dd:0d:7f:55:b3:81:80:e9:9b:
48:04:8b:be:7f:46:26:99:22:eb:e2:92:01:93:3b:
39:bb:d0:69:09:4c:70:52:37:93:79:b6:5a:6d:5b:
9d:68:d9:81:9d:b6:55:bc:fa:f3:55:3a:3d:f7:19:
ae:a5:82:50:fd:6b:a3:b1:41:a5:00:48:75:23:8c:
b4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:58:0C:7F:D7:ED:8F:B0:EB:05:20:9D:B0:1E:E3:1A:51:EB:F1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PYtYDH_X7Y-w6wUgnbAe4xpR6_E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:e7:3d:05:3d:9d:d3:bb:a5:53:08:61:69:d7:ea:f3:fc:38:
f0:2d:a1:18:f6:9b:da:4f:f6:c7:5b:01:e0:4d:0c:6c:b3:12:
af:0a:88:81:df:12:3a:ec:82:88:9a:e2:c6:54:fb:e4:a7:d3:
cd:60:69:07:82:3d:48:9e:7f:76:ea:b1:b1:87:09:12:c9:92:
18:7b:e4:2a:49:97:d6:bc:be:c3:74:f5:ec:12:55:0e:60:3d:
3d:09:b8:e5:87:ac:27:22:6f:f8:6d:53:72:d4:8e:05:6d:34:
c7:e5:ee:85:85:be:d9:6a:e3:19:6e:c1:62:58:9a:95:7a:a7:
ad:57:ef:59:cd:f4:5c:05:ee:06:f0:0d:3b:fb:77:a6:a9:a5:
af:3a:06:2f:a4:1b:ce:48:46:eb:7e:55:7f:f9:47:81:05:82:
94:b9:bd:e9:0a:42:e3:39:d2:7d:81:0f:35:29:00:87:b4:6d:
30:a5:0f:f6:05:21:44:10:cc:69:12:4d:69:87:1a:8d:2f:50:
af:01:b6:60:a4:ce:af:a8:94:c5:49:51:09:70:be:5c:b0:10:
3e:b0:36:1b:10:f8:4e:00:db:a3:72:3d:b4:34:3c:e2:06:4d:
25:e4:c4:92:53:d1:9c:9d:f1:40:4c:98:f9:87:bf:a7:6f:c0:
11:eb:1f:a9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAx
NDUyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNEOEI1ODBDN0ZEN0VE
OEZCMEVCMDUyMDlEQjAxRUUzMUE1MUVCRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw7VzOYdtHkRlUziNZ2cxtyLx2pRz3/Cn9b5cU+7Lv0CTEw9Em
3SmiPf9UcKaBjwwJQZEaOw/+AgttWY85bIytQqR9qAv4Qr49equnpwvdJU5wBGMB
VskWIxnw+3qzr8AD++5Qk+26eRi+uq6esa9xUYRYG6s0lbnGsKgHRgIpzgqvfLbd
xLvseorgFf1SKgRqy81c5QsEz5vfG7MKwNsmKfk8DLVOtQX/y2Vx9PxbYjLf7btS
C6/dZd0Nf1WzgYDpm0gEi75/RiaZIuvikgGTOzm70GkJTHBSN5N5tlptW51o2YGd
tlW8+vNVOj33Ga6lglD9a6OxQaUASHUjjLTbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPYtYDH/X7Y+w6wUgnbAe4xpR6/EwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BZdFlESF9YN1ktdzZ3
VWduYkFlNHhwUjZfRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAeuc9BT2d07ulUwhhadfq8/w48C2hGPab
2k/2x1sB4E0MbLMSrwqIgd8SOuyCiJrixlT75KfTzWBpB4I9SJ5/duqxsYcJEsmS
GHvkKkmX1ry+w3T17BJVDmA9PQm45YesJyJv+G1TctSOBW00x+XuhYW+2WrjGW7B
YlialXqnrVfvWc30XAXuBvANO/t3pqmlrzoGL6QbzkhG635Vf/lHgQWClLm96QpC
4znSfYEPNSkAh7RtMKUP9gUhRBDMaRJNaYcajS9QrwG2YKTOr6iUxUlRCXC+XLAQ
PrA2GxD4TgDbo3I9tDQ84gZNJeTEklPRnJ3xQEyY+Ye/p2/AEesfqQ==
-----END CERTIFICATE-----
Generated at Sat Mar 30 18:21:33 2024 by rpki-client on console.sobornost.net