Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/-RSQKTFINYMCLw5SFhgpQBZRnIQ.roa
File: -RSQKTFINYMCLw5SFhgpQBZRnIQ.roa (raw, json)
Hash identifier: xTD59XYCUkDefa7ALwKhgMA4HppaL1zYIqj2d9z2HQ8=
Subject key identifier: F9:14:90:29:31:48:35:83:02:2F:0E:52:16:18:29:40:16:51:9C:84
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11D8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-RSQKTFINYMCLw5SFhgpQBZRnIQ.roa
Signing time: Sun 07 Apr 2024 13:22:54 +0000
ROA not before: Sun 07 Apr 2024 13:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4568 (0x11d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 13:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F914902931483583022F0E521618294016519C84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:03:51:eb:23:70:08:fd:ad:2d:c7:e4:40:93:
33:4b:88:ca:5e:cc:d4:42:fd:95:c4:58:d8:c6:fa:
5f:2b:b1:b5:68:15:72:13:17:98:8c:15:f9:7d:9a:
62:e6:bb:8a:95:2f:b2:c2:3e:51:0e:40:cd:72:2d:
5d:7b:a5:90:8d:3f:97:fa:2c:13:8b:02:78:36:87:
d1:5c:fc:46:60:4b:ca:01:cf:8c:03:8d:29:94:29:
22:eb:c5:82:2c:a9:6a:ee:ad:e6:f4:a6:ed:3f:ee:
7c:95:92:4d:70:2c:98:b5:17:2e:f9:27:61:ac:4e:
22:87:78:23:fb:19:d7:cb:82:c9:d2:fa:c1:0d:34:
3f:04:7b:c3:11:5f:e5:08:1d:a6:21:dd:f0:12:33:
ec:dc:65:c8:b8:5a:e0:84:41:9e:e6:cf:d0:44:c6:
50:06:50:de:f8:ae:9a:f9:f5:07:ba:84:7a:ef:f7:
e0:89:57:ef:47:58:6b:53:8c:6d:64:44:00:10:09:
c5:89:27:d8:77:69:02:d8:15:1b:7f:c1:8a:8a:b3:
fe:f6:dd:25:04:10:43:15:8d:e1:45:03:7f:f9:3f:
ba:df:d1:2b:87:55:7e:e2:b1:fa:64:cf:5b:25:e1:
ca:7e:c6:78:c7:4d:af:26:07:3c:24:6e:61:d8:dd:
b5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:14:90:29:31:48:35:83:02:2F:0E:52:16:18:29:40:16:51:9C:84
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-RSQKTFINYMCLw5SFhgpQBZRnIQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:1c:f0:f0:5a:38:c3:e4:ea:46:9e:f1:89:ab:ad:51:e9:24:
e9:c6:77:d6:b0:ca:84:c1:bb:fd:61:8c:64:ab:5b:2c:d8:5d:
b9:f6:ca:ec:c9:87:33:b8:c4:db:f2:78:7d:39:6f:3c:d9:fc:
29:f8:6c:c5:17:33:e2:8c:95:af:fb:bb:de:8c:f8:f0:82:ee:
31:ef:72:4a:99:ba:2e:61:f2:58:b5:5c:92:46:ef:fe:0b:10:
5e:8d:12:79:50:59:c1:12:42:15:03:89:ba:89:52:fe:20:b1:
9d:05:e1:d1:0a:50:55:2d:0d:29:a5:f9:64:8d:3e:6b:55:dd:
79:a3:3c:8d:5c:2c:8e:81:eb:4e:1b:9c:03:d4:a1:29:54:1a:
bc:65:1b:8c:3d:c5:48:84:73:41:5d:e9:69:18:08:3e:b8:18:
55:86:33:1b:f8:45:1f:87:fb:cb:2f:49:b9:d8:92:45:18:68:
ab:28:fc:22:ac:e1:0e:34:f9:28:3e:ea:93:25:28:ac:81:c2:
b4:f1:07:c3:3c:8e:af:bc:85:8d:9b:5a:ea:4f:a2:83:a9:24:
79:f5:02:c8:71:b4:60:63:a6:a9:b4:5e:3a:37:f1:15:5a:39:
03:e4:cc:ae:87:02:9c:6f:07:bd:30:c0:f2:81:2a:4c:2f:bd:
5a:67:5c:b9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcx
MzIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY5MTQ5MDI5MzE0ODM1
ODMwMjJGMEU1MjE2MTgyOTQwMTY1MTlDODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdA1HrI3AI/a0tx+RAkzNLiMpezNRC/ZXEWNjG+l8rsbVoFXIT
F5iMFfl9mmLmu4qVL7LCPlEOQM1yLV17pZCNP5f6LBOLAng2h9Fc/EZgS8oBz4wD
jSmUKSLrxYIsqWrureb0pu0/7nyVkk1wLJi1Fy75J2GsTiKHeCP7GdfLgsnS+sEN
ND8Ee8MRX+UIHaYh3fASM+zcZci4WuCEQZ7mz9BExlAGUN74rpr59Qe6hHrv9+CJ
V+9HWGtTjG1kRAAQCcWJJ9h3aQLYFRt/wYqKs/723SUEEEMVjeFFA3/5P7rf0SuH
VX7isfpkz1sl4cp+xnjHTa8mBzwkbmHY3bVjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+RSQKTFINYMCLw5SFhgpQBZRnIQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLy1SU1FLVEZJTllNQ0x3
NVNGaGdwUUJaUm5JUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAbBzw8Fo4w+TqRp7xiautUekk6cZ31rDK
hMG7/WGMZKtbLNhdufbK7MmHM7jE2/J4fTlvPNn8KfhsxRcz4oyVr/u73oz48ILu
Me9ySpm6LmHyWLVckkbv/gsQXo0SeVBZwRJCFQOJuolS/iCxnQXh0QpQVS0NKaX5
ZI0+a1XdeaM8jVwsjoHrThucA9ShKVQavGUbjD3FSIRzQV3paRgIPrgYVYYzG/hF
H4f7yy9JudiSRRhoqyj8IqzhDjT5KD7qkyUorIHCtPEHwzyOr7yFjZta6k+ig6kk
efUCyHG0YGOmqbReOjfxFVo5A+TMrocCnG8HvTDA8oEqTC+9WmdcuQ==
-----END CERTIFICATE-----
Generated at Sun Apr 7 15:31:15 2024 by rpki-client on console-fra.rpki-client.org