Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/5z4rpKBbkM_CymfDeFPUyTImeco.roa
File: 5z4rpKBbkM_CymfDeFPUyTImeco.roa (raw, json)
Hash identifier: xxDYW5skPYYv8o2M/Qb8NFOSlAqN8wsCR8H9VaWMBM4=
Subject key identifier: E7:3E:2B:A4:A0:5B:90:CF:C2:CA:67:C3:78:53:D4:C9:32:26:79:CA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F84
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5z4rpKBbkM_CymfDeFPUyTImeco.roa
Signing time: Mon 01 Apr 2024 08:22:37 +0000
ROA not before: Mon 01 Apr 2024 08:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3972 (0xf84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 08:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E73E2BA4A05B90CFC2CA67C37853D4C9322679CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6d:66:f8:e9:70:df:3e:94:03:3f:d4:a7:65:
11:5d:b3:60:25:21:11:02:54:97:7d:c0:88:8e:ab:
36:58:a4:18:3d:9d:f4:98:8c:fc:0f:4c:65:55:90:
e4:2b:09:a5:d2:2f:fa:fe:b9:fc:49:20:47:4b:e2:
33:ba:e8:37:03:63:8d:7c:9d:a9:96:56:26:91:13:
ae:7a:41:da:5b:06:aa:65:85:dd:6f:97:1a:d2:cf:
1c:39:cb:4b:f4:1b:65:06:30:df:83:b7:7c:52:bc:
92:17:c6:22:ea:44:86:86:5b:8b:3a:fd:57:3a:b8:
3b:34:f5:0c:80:55:24:78:59:94:c9:09:b4:1a:03:
92:6f:a8:2d:66:10:80:e4:db:c9:0f:98:d3:05:69:
83:8c:a5:42:d0:bd:d7:e4:f7:0a:7d:18:0d:2e:6c:
95:72:f1:2d:d4:70:df:db:3f:87:72:be:42:40:e0:
3f:c2:86:c4:e2:2a:99:31:11:ec:b2:9b:4a:57:8c:
73:c3:ec:eb:65:b6:4c:cf:35:a5:80:31:05:65:c8:
72:d9:29:0e:78:ee:ab:75:58:69:fa:19:13:08:3c:
4c:78:c6:97:68:7d:dc:31:b8:93:63:99:2c:43:19:
a1:fe:2b:0d:ba:79:36:5c:2c:0e:bd:3c:b3:57:f5:
de:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3E:2B:A4:A0:5B:90:CF:C2:CA:67:C3:78:53:D4:C9:32:26:79:CA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5z4rpKBbkM_CymfDeFPUyTImeco.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:e6:cc:9f:bb:8d:d9:a0:32:f4:ba:07:cc:bd:ad:c7:2b:5c:
62:6d:08:63:eb:e4:44:16:cf:f2:86:e6:33:b1:b9:6d:82:7f:
26:88:39:7d:03:4d:54:f5:1a:79:b8:23:24:5b:b3:91:8a:fd:
44:a8:a4:16:79:23:28:94:26:8e:d3:0f:a1:e4:b7:5b:5c:2e:
4d:f1:da:6d:27:35:f9:c9:63:17:89:00:06:ff:f4:f1:f0:dc:
c0:37:99:c5:f9:ee:28:0b:d5:cf:79:ee:d8:d0:e8:cc:7e:91:
f5:42:28:2f:6c:2b:c9:26:28:98:10:34:d6:63:d2:98:35:ad:
3f:b5:07:c0:ca:7d:f4:f2:ee:a5:88:6f:f2:8d:aa:de:34:17:
8f:1d:ce:db:2d:27:5f:a4:c9:84:16:12:1f:e4:bb:9f:cd:07:
af:99:20:75:05:fe:56:c9:24:02:fd:b2:b4:e4:82:ec:1e:52:
2a:be:4e:97:c7:24:84:19:c4:f1:50:cf:d4:97:fd:4c:b3:38:
63:97:d6:57:95:a9:62:e6:eb:49:bd:f5:e2:50:42:bf:84:f5:
3c:c1:c6:8a:3f:70:7e:10:fc:5f:22:90:a8:a3:68:8f:1e:4a:
17:b2:3a:af:27:43:8b:8b:fa:65:2b:f3:06:29:e1:34:16:10:
2c:c8:89:5f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEw
ODIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3M0UyQkE0QTA1Qjkw
Q0ZDMkNBNjdDMzc4NTNENEM5MzIyNjc5Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTbWb46XDfPpQDP9SnZRFds2AlIRECVJd9wIiOqzZYpBg9nfSY
jPwPTGVVkOQrCaXSL/r+ufxJIEdL4jO66DcDY418namWViaRE656QdpbBqplhd1v
lxrSzxw5y0v0G2UGMN+Dt3xSvJIXxiLqRIaGW4s6/Vc6uDs09QyAVSR4WZTJCbQa
A5JvqC1mEIDk28kPmNMFaYOMpULQvdfk9wp9GA0ubJVy8S3UcN/bP4dyvkJA4D/C
hsTiKpkxEeyym0pXjHPD7OtltkzPNaWAMQVlyHLZKQ547qt1WGn6GRMIPEx4xpdo
fdwxuJNjmSxDGaH+Kw26eTZcLA69PLNX9d4nAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5z4rpKBbkM/CymfDeFPUyTImecowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzV6NHJwS0Jia01fQ3lt
ZkRlRlBVeVRJbWVjby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAZebMn7uN2aAy9LoHzL2txytcYm0IY+vk
RBbP8obmM7G5bYJ/Jog5fQNNVPUaebgjJFuzkYr9RKikFnkjKJQmjtMPoeS3W1wu
TfHabSc1+cljF4kABv/08fDcwDeZxfnuKAvVz3nu2NDozH6R9UIoL2wrySYomBA0
1mPSmDWtP7UHwMp99PLupYhv8o2q3jQXjx3O2y0nX6TJhBYSH+S7n80Hr5kgdQX+
VskkAv2ytOSC7B5SKr5Ol8ckhBnE8VDP1Jf9TLM4Y5fWV5WpYubrSb314lBCv4T1
PMHGij9wfhD8XyKQqKNojx5KF7I6rydDi4v6ZSvzBinhNBYQLMiJXw==
-----END CERTIFICATE-----
Generated at Mon Apr 1 09:53:14 2024 by rpki-client on console-fra.rpki-client.org