Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/K6KeOoT5G1sMG-gNJr9QcBawI3M.roa
File: K6KeOoT5G1sMG-gNJr9QcBawI3M.roa (raw, json)
Hash identifier: wddXyRuuoN3GfABGaSXySt5AsCrqs73HSN+2IFzj7sA=
Subject key identifier: 2B:A2:9E:3A:84:F9:1B:5B:0C:1B:E8:0D:26:BF:50:70:16:B0:23:73
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13F2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/K6KeOoT5G1sMG-gNJr9QcBawI3M.roa
Signing time: Sat 13 Apr 2024 03:53:18 +0000
ROA not before: Sat 13 Apr 2024 03:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5106 (0x13f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 03:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2BA29E3A84F91B5B0C1BE80D26BF507016B02373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b2:2b:cb:42:86:95:2c:2b:8f:0d:f0:ec:5e:
fd:ad:91:41:fc:fe:f2:65:87:1c:38:19:ca:7f:bb:
f6:c8:56:42:97:87:67:a5:e3:a5:d7:ac:93:b9:ba:
2f:84:9f:ce:cd:e8:55:2f:0c:06:c5:7c:26:73:d8:
a8:67:9f:e3:49:0e:f8:b9:dc:96:c3:77:22:6c:95:
82:2d:22:92:1c:1d:bd:44:7c:c8:ee:3e:06:b9:62:
fe:a9:95:2d:6f:b7:2f:d7:3b:74:e5:aa:a6:ea:4d:
3b:1a:87:c9:64:6d:72:34:d3:de:e1:4d:75:da:f1:
83:5c:8f:3b:ad:ab:28:3a:dd:8f:21:4e:a3:ed:39:
65:52:99:11:3a:02:e4:64:ec:9b:99:22:a0:ba:ba:
dc:f7:63:6c:30:76:57:6e:c5:91:23:6e:e3:9d:09:
b1:6c:04:01:04:ba:42:6e:30:a2:de:a3:23:82:51:
43:6a:6e:8e:b4:16:15:16:ba:50:17:b9:cb:8e:92:
52:64:f7:c4:dd:14:50:de:bc:f1:f0:dd:d8:5c:c8:
ab:c8:2d:2c:e5:43:66:a8:d8:19:9c:52:c3:73:1c:
4e:86:29:16:67:56:07:4a:56:d7:eb:95:5c:5b:75:
12:59:74:6a:ae:84:40:01:73:c6:33:f7:87:44:49:
5d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A2:9E:3A:84:F9:1B:5B:0C:1B:E8:0D:26:BF:50:70:16:B0:23:73
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/K6KeOoT5G1sMG-gNJr9QcBawI3M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:b4:0b:ae:66:59:7b:7f:c4:ab:3c:01:54:16:0e:6b:ae:fb:
8b:17:4f:c4:a4:cf:e8:9a:50:8f:fb:32:3c:0a:74:51:c8:66:
79:35:a2:24:bb:a4:af:c0:83:bf:37:9e:f7:61:da:79:4b:d6:
6f:16:55:bf:c3:04:75:c9:4f:22:63:ea:71:7f:3c:0f:dd:29:
0b:db:bb:25:56:75:b0:08:7c:dc:f6:f8:d0:b2:6c:f1:34:42:
63:98:b5:53:93:f2:74:22:ff:22:b0:77:9a:5c:84:96:33:c3:
7b:61:37:f1:46:02:d2:68:a8:82:41:f0:a2:33:ea:ba:46:d2:
7b:84:b7:3e:be:70:5a:eb:fe:1b:0a:09:36:c6:fb:8c:31:f7:
62:ad:a9:44:8e:32:00:b1:e2:bf:cc:ad:84:34:ea:49:e7:75:
c8:ea:aa:9e:42:0c:c8:11:a8:9c:33:2d:9b:2d:94:28:b8:ca:
1d:8b:08:6f:f9:fb:c6:31:99:6d:48:4a:03:e7:74:eb:f9:26:
e7:5d:d0:ba:dd:59:8a:23:9a:fc:e0:6b:a0:32:30:6a:b7:0b:
5f:0d:1e:be:f8:6b:89:ec:90:4d:61:f5:fb:37:a1:f2:56:00:
87:f5:bf:7f:a3:d2:97:5f:d3:9c:2d:28:a1:31:15:ef:c4:84:
a8:74:c7:82
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMw
MzUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJCQTI5RTNBODRGOTFC
NUIwQzFCRTgwRDI2QkY1MDcwMTZCMDIzNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9sivLQoaVLCuPDfDsXv2tkUH8/vJlhxw4Gcp/u/bIVkKXh2el
46XXrJO5ui+En87N6FUvDAbFfCZz2Khnn+NJDvi53JbDdyJslYItIpIcHb1EfMju
Pga5Yv6plS1vty/XO3TlqqbqTTsah8lkbXI0097hTXXa8YNcjzutqyg63Y8hTqPt
OWVSmRE6AuRk7JuZIqC6utz3Y2wwdlduxZEjbuOdCbFsBAEEukJuMKLeoyOCUUNq
bo60FhUWulAXucuOklJk98TdFFDevPHw3dhcyKvILSzlQ2ao2BmcUsNzHE6GKRZn
VgdKVtfrlVxbdRJZdGquhEABc8Yz94dESV2pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUK6KeOoT5G1sMG+gNJr9QcBawI3MwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0s2S2VPb1Q1RzFzTUct
Z05KcjlRY0Jhd0kzTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAFrQLrmZZe3/EqzwBVBYOa677ixdPxKTP
6JpQj/syPAp0UchmeTWiJLukr8CDvzee92HaeUvWbxZVv8MEdclPImPqcX88D90p
C9u7JVZ1sAh83Pb40LJs8TRCY5i1U5PydCL/IrB3mlyEljPDe2E38UYC0miogkHw
ojPqukbSe4S3Pr5wWuv+GwoJNsb7jDH3Yq2pRI4yALHiv8ythDTqSed1yOqqnkIM
yBGonDMtmy2UKLjKHYsIb/n7xjGZbUhKA+d06/km513Qut1ZiiOa/OBroDIwarcL
Xw0evvhrieyQTWH1+zeh8lYAh/W/f6PSl1/TnC0ooTEV78SEqHTHgg==
-----END CERTIFICATE-----
Generated at Sat Apr 13 05:21:45 2024 by rpki-client on console-fra.rpki-client.org