Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/-f4Q4l9XQVIhEU7Y4K1jASDX428.roa
File: -f4Q4l9XQVIhEU7Y4K1jASDX428.roa (raw, json)
Hash identifier: 5P5His+XWWqFHKD2S5lw+q/O7iQPahQ+o5fbotCQimo=
Subject key identifier: F9:FE:10:E2:5F:57:41:52:21:11:4E:D8:E0:AD:63:01:20:D7:E3:6F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1432
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-f4Q4l9XQVIhEU7Y4K1jASDX428.roa
Signing time: Sat 13 Apr 2024 19:53:16 +0000
ROA not before: Sat 13 Apr 2024 19:53:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5170 (0x1432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 19:53:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F9FE10E25F57415221114ED8E0AD630120D7E36F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ad:4b:06:0c:95:e6:55:72:24:2f:3c:aa:70:
5d:db:54:ba:99:61:86:bd:87:db:aa:03:b5:c7:c4:
41:c0:9a:20:64:f8:b0:81:00:7b:90:65:24:42:44:
1e:58:65:19:b0:ad:7d:3c:0b:3f:78:9a:80:3e:13:
e1:c0:d7:fb:25:f8:c5:d6:f4:06:00:d4:a0:38:6a:
19:75:f8:69:e6:f4:27:bb:6e:e3:f5:96:c0:8d:7b:
d3:61:d2:7c:4e:06:9b:e0:27:89:29:3d:a0:cf:f2:
c4:66:e7:d2:bb:d2:6b:d6:40:fd:ca:ed:6f:91:43:
42:17:3a:2a:8c:d8:80:8b:87:57:b1:5f:23:46:b5:
52:ab:de:19:93:1e:a2:72:f9:06:7d:b7:1d:54:d6:
63:47:3e:38:79:9e:ab:64:31:b4:b3:1a:0f:84:dc:
9e:d4:00:4a:7a:7b:5c:a7:d1:f7:74:91:e5:e8:fe:
6f:36:a0:80:ff:2e:d3:d6:5b:6d:a8:8e:2f:4f:ac:
23:3d:0a:93:fb:19:e7:33:6b:ad:38:bd:e8:ba:b1:
89:1f:df:a0:b5:7e:55:08:8f:76:88:dd:42:d0:eb:
3b:39:39:65:10:6d:e2:41:c7:98:03:fa:61:d6:98:
93:54:33:40:36:b8:62:ac:46:c4:ff:18:a2:7e:28:
90:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FE:10:E2:5F:57:41:52:21:11:4E:D8:E0:AD:63:01:20:D7:E3:6F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-f4Q4l9XQVIhEU7Y4K1jASDX428.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:5e:c8:b1:bb:b8:e9:1a:4d:b9:00:84:67:fd:85:1b:d5:22:
0b:63:fe:c5:2b:b5:e0:1f:7d:1d:14:83:a7:52:32:88:5a:9a:
f2:01:bb:c6:10:14:b7:1d:e8:8c:b5:8c:b2:95:9b:d4:6c:66:
ec:b1:7e:ed:cd:9c:1b:e4:92:eb:5a:8f:32:97:aa:32:6b:a1:
3e:02:ca:92:df:40:14:5a:a5:f9:c9:61:a1:4e:e1:18:fc:a5:
90:44:ff:3e:61:88:fe:da:ab:16:d6:69:5a:99:b9:9f:36:61:
1c:d0:c8:84:db:48:b4:89:63:da:4a:54:cb:57:99:8a:43:56:
d0:bd:4d:7f:83:51:aa:24:e3:b6:a0:ae:f1:41:0c:0e:dc:49:
3a:08:23:56:ec:f6:6b:48:ac:66:6b:5b:82:da:d9:fa:47:b9:
e5:aa:d1:09:4a:32:cc:f7:74:4d:ca:1d:5b:45:8a:25:8f:15:
06:90:79:15:6a:fa:c5:60:11:6b:e0:c1:ef:43:54:99:e7:1b:
f3:81:82:7a:ff:e1:16:42:de:7b:98:20:ea:68:5a:97:54:1a:
99:e9:15:a5:96:14:f2:2b:06:5b:fb:66:d6:e5:53:49:a0:4d:
d2:3c:72:04:e1:76:35:0c:6b:cf:63:ef:42:67:47:b8:e3:42:
48:5d:87:60
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMx
OTUzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY5RkUxMEUyNUY1NzQx
NTIyMTExNEVEOEUwQUQ2MzAxMjBEN0UzNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPrUsGDJXmVXIkLzyqcF3bVLqZYYa9h9uqA7XHxEHAmiBk+LCB
AHuQZSRCRB5YZRmwrX08Cz94moA+E+HA1/sl+MXW9AYA1KA4ahl1+Gnm9Ce7buP1
lsCNe9Nh0nxOBpvgJ4kpPaDP8sRm59K70mvWQP3K7W+RQ0IXOiqM2ICLh1exXyNG
tVKr3hmTHqJy+QZ9tx1U1mNHPjh5nqtkMbSzGg+E3J7UAEp6e1yn0fd0keXo/m82
oID/LtPWW22oji9PrCM9CpP7Gecza604vei6sYkf36C1flUIj3aI3ULQ6zs5OWUQ
beJBx5gD+mHWmJNUM0A2uGKsRsT/GKJ+KJADAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+f4Q4l9XQVIhEU7Y4K1jASDX428wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLy1mNFE0bDlYUVZJaEVV
N1k0SzFqQVNEWDQyOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEArl7Isbu46RpNuQCEZ/2FG9UiC2P+xSu1
4B99HRSDp1IyiFqa8gG7xhAUtx3ojLWMspWb1Gxm7LF+7c2cG+SS61qPMpeqMmuh
PgLKkt9AFFql+clhoU7hGPylkET/PmGI/tqrFtZpWpm5nzZhHNDIhNtItIlj2kpU
y1eZikNW0L1Nf4NRqiTjtqCu8UEMDtxJOggjVuz2a0isZmtbgtrZ+ke55arRCUoy
zPd0TcodW0WKJY8VBpB5FWr6xWARa+DB70NUmecb84GCev/hFkLee5gg6mhal1Qa
mekVpZYU8isGW/tm1uVTSaBN0jxyBOF2NQxrz2PvQmdHuONCSF2HYA==
-----END CERTIFICATE-----
Generated at Sat Apr 13 20:54:15 2024 by rpki-client on console-fra.rpki-client.org