Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/yhiu_P1b9WUzQaxcM8J7Azsx940.roa
File: yhiu_P1b9WUzQaxcM8J7Azsx940.roa (raw, json)
Hash identifier: uTMVvoJyzTuKEDff7EtAE0F0TU6RxJp2iFvXobXEA+s=
Subject key identifier: CA:18:AE:FC:FD:5B:F5:65:33:41:AC:5C:33:C2:7B:03:3B:31:F7:8D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E4C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yhiu_P1b9WUzQaxcM8J7Azsx940.roa
Signing time: Fri 29 Mar 2024 02:22:37 +0000
ROA not before: Fri 29 Mar 2024 02:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3660 (0xe4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 02:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CA18AEFCFD5BF5653341AC5C33C27B033B31F78D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ce:6e:f3:63:72:da:00:46:2e:27:bb:17:26:
9b:02:0f:8b:70:25:10:3f:3a:c0:66:9a:18:59:bd:
71:61:2a:35:93:ba:06:fb:07:83:b3:3e:60:c4:fc:
c8:77:df:92:92:31:f2:c4:dc:d1:00:c5:cd:a3:a8:
19:96:f7:a2:9a:a3:33:08:fc:75:b5:39:11:7a:05:
98:ea:9b:7b:41:13:16:18:25:00:0d:f9:e7:94:fc:
28:5f:56:48:6a:ee:9e:7d:9f:ab:ca:33:a2:53:a9:
49:df:a1:80:99:8d:73:da:7c:66:47:08:a9:d7:57:
2d:bb:c5:45:1f:ce:8a:a1:6a:c6:ed:d8:14:43:a5:
38:a7:83:d0:03:2b:bf:4a:1a:f9:7f:3e:7d:6e:8a:
11:f9:04:90:66:91:b6:5e:dc:59:d1:ad:b4:29:9f:
de:29:d3:ec:1c:47:9a:17:a3:c7:e2:4d:9f:ba:28:
b7:a0:af:b3:59:9d:20:71:10:c1:e0:7c:17:c8:4a:
9a:0d:59:e9:e2:ea:2b:db:97:d4:92:f3:f9:6d:21:
51:71:65:a4:01:46:db:42:24:10:2c:b5:11:45:3f:
c6:6f:c1:32:c9:48:28:97:dd:af:7f:e0:34:48:a5:
2d:d6:0e:1b:57:91:d4:76:be:41:e5:04:53:0f:94:
74:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:18:AE:FC:FD:5B:F5:65:33:41:AC:5C:33:C2:7B:03:3B:31:F7:8D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/yhiu_P1b9WUzQaxcM8J7Azsx940.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:61:d6:0c:a3:78:c8:ea:83:b7:d4:6e:36:33:7b:31:80:20:
d6:c8:f7:1c:97:ec:6e:f6:9c:47:43:cf:7e:fb:2d:29:30:5f:
c9:a1:a6:ab:39:a8:3b:95:a9:10:03:d8:29:5f:0c:36:6d:aa:
dc:3c:24:09:9b:87:f7:e0:73:91:c9:1e:74:99:a1:50:a5:e4:
2f:06:71:94:ee:3a:bb:92:cd:8a:31:c8:cd:a3:d1:f6:e4:b3:
46:57:44:a5:6e:02:3b:90:24:25:14:1d:1f:92:f5:62:f2:d4:
f5:8c:cb:cd:79:63:2e:1b:7b:60:28:08:ac:71:b5:6b:4c:85:
31:36:56:01:2d:87:75:81:c1:84:ae:46:ad:33:27:3a:68:ef:
fe:79:e9:c6:5d:0c:51:5d:ab:fd:d2:b6:11:b0:f6:c5:9a:04:
09:ad:fd:94:29:91:85:cc:62:ea:41:da:fe:17:e7:58:da:32:
7e:23:e5:a7:2e:bc:eb:06:c9:b2:e9:65:fb:1d:c2:03:0e:18:
f4:cc:cf:44:a8:7d:41:e0:11:50:16:aa:e6:57:87:22:d3:e8:
00:ab:66:46:05:af:5e:9f:22:4f:4d:cd:4c:56:b4:c3:b4:c9:
b8:59:50:03:d8:3f:1d:b2:34:0f:c6:a8:94:49:bf:e1:b5:4a:
34:9d:54:90
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkw
MjIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBMThBRUZDRkQ1QkY1
NjUzMzQxQUM1QzMzQzI3QjAzM0IzMUY3OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDczm7zY3LaAEYuJ7sXJpsCD4twJRA/OsBmmhhZvXFhKjWTugb7
B4OzPmDE/Mh335KSMfLE3NEAxc2jqBmW96KaozMI/HW1ORF6BZjqm3tBExYYJQAN
+eeU/ChfVkhq7p59n6vKM6JTqUnfoYCZjXPafGZHCKnXVy27xUUfzoqhasbt2BRD
pTing9ADK79KGvl/Pn1uihH5BJBmkbZe3FnRrbQpn94p0+wcR5oXo8fiTZ+6KLeg
r7NZnSBxEMHgfBfISpoNWeni6ivbl9SS8/ltIVFxZaQBRttCJBAstRFFP8ZvwTLJ
SCiX3a9/4DRIpS3WDhtXkdR2vkHlBFMPlHRXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyhiu/P1b9WUzQaxcM8J7Azsx940wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3loaXVfUDFiOVdVelFh
eGNNOEo3QXpzeDk0MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAfWHWDKN4yOqDt9RuNjN7MYAg1sj3HJfs
bvacR0PPfvstKTBfyaGmqzmoO5WpEAPYKV8MNm2q3DwkCZuH9+BzkckedJmhUKXk
LwZxlO46u5LNijHIzaPR9uSzRldEpW4CO5AkJRQdH5L1YvLU9YzLzXljLht7YCgI
rHG1a0yFMTZWAS2HdYHBhK5GrTMnOmjv/nnpxl0MUV2r/dK2EbD2xZoECa39lCmR
hcxi6kHa/hfnWNoyfiPlpy686wbJsull+x3CAw4Y9MzPRKh9QeARUBaq5leHItPo
AKtmRgWvXp8iT03NTFa0w7TJuFlQA9g/HbI0D8aolEm/4bVKNJ1UkA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:59:35 2024 by rpki-client on console.sobornost.net