Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/6LfVeZ37ih55iuimJKclsRs5l_k.roa
File: 6LfVeZ37ih55iuimJKclsRs5l_k.roa (raw, json)
Hash identifier: AsWtK8pv2lI7LyXYhQB8SAD5zxkimyDXX5qWN4eq864=
Subject key identifier: E8:B7:D5:79:9D:FB:8A:1E:79:8A:E8:A6:24:A7:25:B1:1B:39:97:F9
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15E8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/6LfVeZ37ih55iuimJKclsRs5l_k.roa
Signing time: Thu 18 Apr 2024 09:23:25 +0000
ROA not before: Thu 18 Apr 2024 09:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5608 (0x15e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 09:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E8B7D5799DFB8A1E798AE8A624A725B11B3997F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c3:4f:d2:88:3c:68:32:88:a5:de:0b:37:d3:
a0:6f:ae:39:d4:c5:c3:a0:c7:49:12:15:82:57:28:
14:fb:e7:83:e8:60:2a:a9:ae:51:02:74:3b:0d:4f:
d8:17:01:48:6c:32:31:fc:7f:0c:81:32:86:8e:fa:
81:95:8a:79:80:67:f1:e7:b1:6d:e7:ee:bb:69:09:
cd:17:89:2d:16:07:0d:47:12:39:05:f7:57:1d:14:
54:e7:e9:2a:a8:ad:ef:6f:aa:b9:33:c6:6c:b4:0a:
07:fa:7a:49:9c:49:bf:30:cb:2c:7a:57:f6:cf:db:
a3:1b:f1:72:45:af:08:bf:c2:df:7e:f9:ac:c8:fe:
e9:81:33:e5:ce:6a:66:d1:45:32:46:8b:9c:18:87:
34:a8:f4:84:89:4d:32:b2:41:b4:84:28:fe:c3:8b:
ce:71:93:b8:8d:86:dc:54:97:87:89:88:9a:e1:65:
03:4b:3c:d2:14:6c:d5:13:82:e5:01:6b:be:9e:0c:
1b:d2:07:28:68:a0:6d:a5:26:dc:b7:76:9c:03:90:
5a:47:ab:33:6b:b7:9e:bc:b3:4c:62:e4:1c:0e:5a:
9f:41:f1:5f:e0:70:1e:f9:89:c7:3b:a2:6d:d7:37:
0e:ed:e5:ce:21:bf:ac:d2:0a:d5:9a:af:81:e0:55:
0f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B7:D5:79:9D:FB:8A:1E:79:8A:E8:A6:24:A7:25:B1:1B:39:97:F9
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/6LfVeZ37ih55iuimJKclsRs5l_k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:98:15:7a:4d:e4:aa:d6:df:34:f9:f8:e1:c8:1e:5b:2c:ee:
f7:3a:9f:eb:9a:e2:bf:17:4c:b6:f5:e6:95:22:55:18:e1:30:
89:a6:16:88:16:24:49:fc:a8:d6:d7:89:39:a2:48:db:52:cf:
fb:12:f9:75:41:50:64:4e:75:29:8e:36:cc:51:ca:ae:a3:ac:
4a:f9:30:c8:18:7f:49:27:71:52:d3:5a:23:a6:38:ae:c0:5a:
ab:d0:f3:7a:6f:8d:7a:f3:59:5d:75:73:9e:c1:b3:98:32:51:
47:e3:0c:f6:90:ba:ec:f2:d3:58:d8:9a:9a:87:2c:a2:5d:4d:
2d:bc:72:d5:35:ab:06:c6:69:4f:cb:4f:f6:e6:4f:3c:29:d9:
d6:4e:3c:3e:f7:66:b9:fe:b8:e6:54:db:4c:28:3e:55:5a:80:
80:69:fb:b8:2f:08:c6:1c:96:60:9e:a6:53:d1:a3:e9:6b:ef:
6e:be:04:c4:df:be:4f:1e:53:f9:01:ad:85:1a:61:91:02:34:
6d:f5:d1:4b:c0:b6:6c:9b:95:65:a5:63:8f:48:44:62:41:14:
6a:f7:7c:81:36:02:9d:50:8d:15:1d:91:2d:35:69:ab:c6:9b:
8a:2b:33:3f:0d:65:c6:61:51:0c:01:e0:1f:36:82:2a:f1:25:
0a:da:8b:e0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgw
OTIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU4QjdENTc5OURGQjhB
MUU3OThBRThBNjI0QTcyNUIxMUIzOTk3RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3w0/SiDxoMoil3gs306BvrjnUxcOgx0kSFYJXKBT754PoYCqp
rlECdDsNT9gXAUhsMjH8fwyBMoaO+oGVinmAZ/HnsW3n7rtpCc0XiS0WBw1HEjkF
91cdFFTn6Sqore9vqrkzxmy0Cgf6ekmcSb8wyyx6V/bP26Mb8XJFrwi/wt9++azI
/umBM+XOambRRTJGi5wYhzSo9ISJTTKyQbSEKP7Di85xk7iNhtxUl4eJiJrhZQNL
PNIUbNUTguUBa76eDBvSByhooG2lJty3dpwDkFpHqzNrt568s0xi5BwOWp9B8V/g
cB75icc7om3XNw7t5c4hv6zSCtWar4HgVQ8jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6LfVeZ37ih55iuimJKclsRs5l/kwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzZMZlZlWjM3aWg1NWl1
aW1KS2Nsc1JzNWxfay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEARJgVek3kqtbfNPn44cgeWyzu9zqf65ri
vxdMtvXmlSJVGOEwiaYWiBYkSfyo1teJOaJI21LP+xL5dUFQZE51KY42zFHKrqOs
SvkwyBh/SSdxUtNaI6Y4rsBaq9Dzem+NevNZXXVznsGzmDJRR+MM9pC67PLTWNia
mocsol1NLbxy1TWrBsZpT8tP9uZPPCnZ1k48Pvdmuf645lTbTCg+VVqAgGn7uC8I
xhyWYJ6mU9Gj6Wvvbr4ExN++Tx5T+QGthRphkQI0bfXRS8C2bJuVZaVjj0hEYkEU
avd8gTYCnVCNFR2RLTVpq8abiiszPw1lxmFRDAHgHzaCKvElCtqL4A==
-----END CERTIFICATE-----
Generated at Thu Apr 18 13:30:08 2024 by rpki-client on console-fra.rpki-client.org