Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/CUlKWTufbwfB9CsaCjuTzCC6MUg.roa
File: CUlKWTufbwfB9CsaCjuTzCC6MUg.roa (raw, json)
Hash identifier: 8f5bwuM3s1Q0W1S8q43j74qBXO2G/+Rrb8t9h1soMpg=
Subject key identifier: 09:49:4A:59:3B:9F:6F:07:C1:F4:2B:1A:0A:3B:93:CC:20:BA:31:48
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16E2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CUlKWTufbwfB9CsaCjuTzCC6MUg.roa
Signing time: Sat 20 Apr 2024 23:54:19 +0000
ROA not before: Sat 20 Apr 2024 23:54:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5858 (0x16e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 23:54:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=09494A593B9F6F07C1F42B1A0A3B93CC20BA3148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:8e:af:27:7a:67:57:aa:48:da:0b:ed:15:
e8:9e:bd:d2:53:89:c9:c0:eb:24:d6:11:84:90:a6:
66:b6:d0:b0:13:da:d1:4a:08:eb:70:1a:8c:43:a4:
d6:32:ae:8c:7f:89:61:d5:87:ad:b3:60:83:a9:d5:
dc:76:19:87:4a:99:5d:36:fe:90:8f:8a:f4:71:2c:
0e:01:54:a8:06:74:c2:f2:9d:23:a1:1d:3c:c8:27:
f3:88:db:fd:e3:dc:33:a9:70:f0:07:ae:92:7a:0a:
2f:21:2e:57:15:cc:9f:44:d7:82:ee:09:5f:ee:34:
3d:62:ec:b8:d2:bb:30:78:f1:03:82:41:14:4b:0c:
c7:45:1e:ad:d9:64:2c:63:79:e4:b2:9b:6d:64:92:
70:4d:54:71:a5:52:72:6e:45:23:aa:a1:33:66:b6:
ba:d6:ca:d1:92:4a:39:02:de:4e:fd:7b:33:a8:70:
a9:08:18:d5:ce:82:2c:fd:fb:10:0c:c9:1a:fb:bf:
1a:2f:e0:3f:c2:a3:35:18:ae:02:91:d4:15:cf:de:
1f:62:dd:19:ab:ac:f9:05:b9:d8:67:f3:6d:6d:81:
f3:48:a5:12:02:6d:21:cb:02:d8:ce:1f:be:f3:c4:
7f:31:2d:93:21:24:86:bf:c6:0d:a0:31:5d:0f:09:
8f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:49:4A:59:3B:9F:6F:07:C1:F4:2B:1A:0A:3B:93:CC:20:BA:31:48
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CUlKWTufbwfB9CsaCjuTzCC6MUg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:bf:cf:0d:c2:89:4d:51:dd:28:86:71:af:89:d1:9e:35:4b:
34:ef:05:fc:b9:df:80:e5:10:06:8d:7e:38:97:cf:9e:be:c5:
0e:e2:92:5d:67:ca:dc:1b:1a:1c:ea:4c:d5:59:f6:55:db:3a:
db:5e:c4:9a:9f:43:0c:9c:3e:68:47:29:f4:7d:15:55:9a:a7:
b7:2f:3f:d2:ea:2b:36:f9:85:d9:48:5b:a0:86:15:e6:ec:18:
b8:27:19:50:a3:07:47:89:f1:19:f4:3c:57:e6:03:86:ec:04:
a4:31:70:9d:44:56:84:c1:62:24:04:67:9b:10:0b:e3:a8:8f:
b8:dd:9f:ca:92:78:e3:62:1b:c8:a8:6b:bb:a5:9c:f4:07:72:
ef:65:de:a1:ca:ac:95:96:c4:43:8a:9d:fb:8f:39:62:11:3f:
ef:d4:6e:ef:33:cb:d0:d7:17:42:ca:08:fa:b2:77:10:28:bf:
31:1e:a1:92:b7:bc:41:56:b4:6d:68:59:a2:04:45:e7:76:59:
fd:ba:b8:dc:3d:3e:e7:e4:12:04:aa:6f:a8:3a:21:54:ae:ce:
c7:b8:ce:22:81:40:7e:2f:18:02:d6:84:6f:5b:3e:57:3f:02:
5e:a1:36:78:3a:0e:d2:67:72:05:3f:df:ed:92:01:f0:c2:0f:
87:8b:d7:c0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAy
MzU0MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA5NDk0QTU5M0I5RjZG
MDdDMUY0MkIxQTBBM0I5M0NDMjBCQTMxNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCioo6vJ3pnV6pI2gvtFeievdJTicnA6yTWEYSQpma20LAT2tFK
COtwGoxDpNYyrox/iWHVh62zYIOp1dx2GYdKmV02/pCPivRxLA4BVKgGdMLynSOh
HTzIJ/OI2/3j3DOpcPAHrpJ6Ci8hLlcVzJ9E14LuCV/uND1i7LjSuzB48QOCQRRL
DMdFHq3ZZCxjeeSym21kknBNVHGlUnJuRSOqoTNmtrrWytGSSjkC3k79ezOocKkI
GNXOgiz9+xAMyRr7vxov4D/CozUYrgKR1BXP3h9i3RmrrPkFudhn821tgfNIpRIC
bSHLAtjOH77zxH8xLZMhJIa/xg2gMV0PCY8DAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCUlKWTufbwfB9CsaCjuTzCC6MUgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0NVbEtXVHVmYndmQjlD
c2FDanVUekNDNk1VZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKr/PDcKJTVHdKIZxr4nRnjVLNO8F/Lnf
gOUQBo1+OJfPnr7FDuKSXWfK3BsaHOpM1Vn2Vds6217Emp9DDJw+aEcp9H0VVZqn
ty8/0uorNvmF2UhboIYV5uwYuCcZUKMHR4nxGfQ8V+YDhuwEpDFwnURWhMFiJARn
mxAL46iPuN2fypJ442IbyKhru6Wc9Ady72XeocqslZbEQ4qd+485YhE/79Ru7zPL
0NcXQsoI+rJ3ECi/MR6hkre8QVa0bWhZogRF53ZZ/bq43D0+5+QSBKpvqDohVK7O
x7jOIoFAfi8YAtaEb1s+Vz8CXqE2eDoO0mdyBT/f7ZIB8MIPh4vXwA==
-----END CERTIFICATE-----
Generated at Sun Apr 21 00:18:33 2024 by rpki-client on console-fra.rpki-client.org