Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2KKOsXe6Btz1j8RBqHBQvjo0dSY.roa
File: 2KKOsXe6Btz1j8RBqHBQvjo0dSY.roa (raw, json)
Hash identifier: 3F6j1iH1wyJfGmmGADataB7DIWUwO2ag7B0Pa4tSryc=
Subject key identifier: D8:A2:8E:B1:77:BA:06:DC:F5:8F:C4:41:A8:70:50:BE:3A:34:75:26
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FB2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2KKOsXe6Btz1j8RBqHBQvjo0dSY.roa
Signing time: Mon 01 Apr 2024 19:52:38 +0000
ROA not before: Mon 01 Apr 2024 19:52:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4018 (0xfb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 19:52:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D8A28EB177BA06DCF58FC441A87050BE3A347526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4e:1f:08:b1:35:11:bc:0b:fe:ef:44:4f:68:
fe:5b:83:58:59:de:f3:15:a4:8e:5c:72:41:d5:46:
20:cd:b0:76:89:95:05:c8:0b:d7:ef:c7:ae:8f:70:
d4:29:45:58:5c:a4:83:74:5d:17:1a:0d:9a:c2:3b:
8d:a4:1a:5d:d9:72:99:b1:d7:38:50:e2:b7:73:ae:
81:33:2b:57:69:34:5b:90:6b:d5:b0:5e:7b:8b:da:
3c:a7:06:12:d6:f2:15:3e:58:a3:24:bd:52:b3:49:
01:94:71:20:c3:96:b0:7c:6f:a3:79:e1:4c:fc:c9:
05:f6:64:61:f1:cd:1a:b3:71:a2:9d:52:96:08:50:
8b:9f:57:ab:20:1d:d1:e2:c3:80:c1:30:3f:5a:fc:
07:20:a8:a8:93:58:db:b2:bd:da:09:cb:20:99:7a:
d5:1b:d5:4c:25:30:5e:65:d1:a5:da:e9:6e:f3:0c:
79:62:36:82:a8:50:77:5f:c0:28:aa:e8:fb:63:58:
12:a5:61:0d:97:dd:26:83:5c:0d:12:51:20:07:68:
c3:d9:14:a4:bb:4f:ae:ec:e5:59:68:8f:26:ef:5d:
0f:e4:df:94:22:89:ca:2a:4c:ca:ff:2f:7d:cc:a4:
5d:4b:59:12:24:3b:e4:37:50:6b:37:d3:9c:34:ee:
ff:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A2:8E:B1:77:BA:06:DC:F5:8F:C4:41:A8:70:50:BE:3A:34:75:26
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2KKOsXe6Btz1j8RBqHBQvjo0dSY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:bc:d5:19:8d:f9:97:8a:70:8a:ae:cd:f1:a5:6b:d4:2a:3a:
b3:0e:46:32:62:1f:1d:48:86:bf:d4:3d:7d:b8:33:12:6b:ea:
fa:c5:1e:d5:31:c3:ae:25:b4:8b:20:39:36:d4:67:cc:93:ef:
c1:fe:9c:27:2f:a4:08:55:d7:39:74:85:d9:25:fd:d2:31:e1:
ab:46:c0:d2:16:f3:ce:f1:ed:e6:07:38:9a:44:53:48:e0:22:
ed:40:a7:61:17:5d:93:c7:74:c6:2f:c6:b4:bf:22:23:6a:c0:
91:e1:22:d9:a9:ae:cb:4f:38:61:b4:64:33:b3:f1:4e:90:3d:
e3:06:3b:e0:7c:bb:16:3d:14:62:5b:73:c9:15:75:63:fb:82:
74:51:a9:00:e2:c4:a8:bd:ac:a1:1c:a5:4b:30:13:d9:af:97:
03:bb:54:72:fb:e8:d9:a8:bd:80:1e:4d:09:2b:39:8a:9f:a3:
c3:f1:aa:6c:f1:8f:01:95:8a:01:7b:91:34:3b:34:2d:a6:f4:
3b:4d:c6:53:58:47:a8:59:a9:c0:56:0b:03:bd:b1:d9:23:c9:
7e:a6:7f:e8:cd:a4:0d:e9:0b:64:5c:10:ff:21:f3:ae:cc:1c:
6e:0a:10:4c:ed:af:1b:14:6a:71:9a:54:65:8c:87:75:23:ab:
1a:ca:86:72
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEx
OTUyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ4QTI4RUIxNzdCQTA2
RENGNThGQzQ0MUE4NzA1MEJFM0EzNDc1MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4Th8IsTURvAv+70RPaP5bg1hZ3vMVpI5cckHVRiDNsHaJlQXI
C9fvx66PcNQpRVhcpIN0XRcaDZrCO42kGl3Zcpmx1zhQ4rdzroEzK1dpNFuQa9Ww
XnuL2jynBhLW8hU+WKMkvVKzSQGUcSDDlrB8b6N54Uz8yQX2ZGHxzRqzcaKdUpYI
UIufV6sgHdHiw4DBMD9a/AcgqKiTWNuyvdoJyyCZetUb1UwlMF5l0aXa6W7zDHli
NoKoUHdfwCiq6PtjWBKlYQ2X3SaDXA0SUSAHaMPZFKS7T67s5VlojybvXQ/k35Qi
icoqTMr/L33MpF1LWRIkO+Q3UGs305w07v9nAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2KKOsXe6Btz1j8RBqHBQvjo0dSYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJLS09zWGU2QnR6MWo4
UkJxSEJRdmpvMGRTWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAxrzVGY35l4pwiq7N8aVr1Co6sw5GMmIf
HUiGv9Q9fbgzEmvq+sUe1THDriW0iyA5NtRnzJPvwf6cJy+kCFXXOXSF2SX90jHh
q0bA0hbzzvHt5gc4mkRTSOAi7UCnYRddk8d0xi/GtL8iI2rAkeEi2amuy084YbRk
M7PxTpA94wY74Hy7Fj0UYltzyRV1Y/uCdFGpAOLEqL2soRylSzAT2a+XA7tUcvvo
2ai9gB5NCSs5ip+jw/GqbPGPAZWKAXuRNDs0Lab0O03GU1hHqFmpwFYLA72x2SPJ
fqZ/6M2kDekLZFwQ/yHzrswcbgoQTO2vGxRqcZpUZYyHdSOrGsqGcg==
-----END CERTIFICATE-----
Generated at Mon Apr 1 21:13:48 2024 by rpki-client on console-ams.rpki-client.org