Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/KHEHDyxPx0FbcTe_9iypyzQxf9E.roa
File: KHEHDyxPx0FbcTe_9iypyzQxf9E.roa (raw, json)
Hash identifier: xlOfS4i+9AIoaVi9f4AfocQ5shbfC4CRF2jSnLg17wQ=
Subject key identifier: 28:71:07:0F:2C:4F:C7:41:5B:71:37:BF:F6:2C:A9:CB:34:31:7F:D1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15C4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/KHEHDyxPx0FbcTe_9iypyzQxf9E.roa
Signing time: Thu 18 Apr 2024 00:23:25 +0000
ROA not before: Thu 18 Apr 2024 00:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5572 (0x15c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 00:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2871070F2C4FC7415B7137BFF62CA9CB34317FD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:96:f8:bb:2a:19:45:c7:a3:ae:d4:db:6b:f3:
c7:9b:81:f6:af:81:6f:72:89:41:1f:84:d8:8e:c3:
0d:1b:97:d2:2c:cf:37:10:79:f5:0a:65:44:01:b6:
cf:3d:d6:77:1a:48:e5:06:5f:84:61:bb:a9:93:dd:
b5:8f:f0:2d:0f:a9:4e:7f:1e:5e:7e:a8:45:31:dc:
a1:71:fb:5e:d8:08:06:e5:f1:05:7f:8b:22:82:74:
5b:92:ec:3c:d6:23:1a:0a:80:ab:78:ac:12:65:12:
d6:8b:c2:f3:d0:6b:ce:60:2b:bb:aa:33:80:18:6c:
9c:7d:c7:41:20:7e:13:42:7c:28:8b:c6:46:09:a5:
72:79:f4:e5:a4:f3:7c:5a:2b:cb:77:23:3b:3e:7e:
ad:c1:d9:56:3b:7c:09:5b:83:b9:e0:98:ec:18:1f:
1c:8f:aa:e4:90:ad:fc:ab:51:3b:a1:a2:47:d5:bd:
a0:d7:33:0c:7a:21:2c:a6:d1:ad:09:19:39:ed:64:
b2:79:cd:3c:10:a8:87:07:c6:13:98:67:53:68:08:
2e:ff:56:84:fa:fa:b7:d2:47:7d:d8:fa:27:9e:4f:
73:2e:65:a1:90:b5:bb:3b:ae:8e:89:21:85:34:b0:
76:0f:e8:b7:75:70:bc:58:67:b1:b8:3c:c9:3a:0f:
79:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:71:07:0F:2C:4F:C7:41:5B:71:37:BF:F6:2C:A9:CB:34:31:7F:D1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/KHEHDyxPx0FbcTe_9iypyzQxf9E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
db:cb:c1:7f:d3:f1:2b:3e:f2:76:36:6a:9b:96:ad:1c:fc:5f:
34:39:44:96:ce:5e:44:92:76:ac:a2:08:9c:4d:be:50:c0:15:
0c:c4:e7:ae:73:91:3a:29:0a:59:34:e2:bf:4f:f7:25:05:7f:
84:3b:36:3f:c3:b5:6b:e5:f9:97:00:6e:77:49:a3:58:41:50:
4c:fb:d9:eb:70:28:67:67:3e:f4:e6:10:5b:6e:1c:5b:8c:fd:
18:66:58:b3:4c:af:e0:ec:7f:37:59:5c:89:b4:97:d2:5f:38:
af:80:f9:ad:a7:8b:f3:b7:83:f3:53:21:de:14:2f:1c:50:59:
30:f6:33:2f:02:91:29:0d:41:24:4b:e6:60:3c:46:30:2d:7e:
d1:26:3d:15:97:e9:50:8e:07:46:10:6a:f6:4d:30:69:79:89:
db:99:dc:65:14:93:cd:cc:8c:ce:de:bd:66:3c:35:19:ba:06:
13:cf:0e:8a:0e:61:39:ff:f7:3a:0e:d5:4a:2c:1c:a1:51:c1:
fe:c8:6a:5d:9a:b5:dc:9a:aa:37:14:28:18:85:4a:f5:75:1d:
94:ac:ca:b0:ae:74:99:a7:cc:fa:8c:92:db:9d:f3:61:dc:a5:
60:35:7d:87:10:29:d1:50:a5:d9:bb:ae:4a:68:29:87:53:5e:
9e:c0:b0:46
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFcQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgw
MDIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI4NzEwNzBGMkM0RkM3
NDE1QjcxMzdCRkY2MkNBOUNCMzQzMTdGRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRlvi7KhlFx6Ou1Ntr88ebgfavgW9yiUEfhNiOww0bl9IszzcQ
efUKZUQBts891ncaSOUGX4Rhu6mT3bWP8C0PqU5/Hl5+qEUx3KFx+17YCAbl8QV/
iyKCdFuS7DzWIxoKgKt4rBJlEtaLwvPQa85gK7uqM4AYbJx9x0EgfhNCfCiLxkYJ
pXJ59OWk83xaK8t3Izs+fq3B2VY7fAlbg7ngmOwYHxyPquSQrfyrUTuhokfVvaDX
Mwx6ISym0a0JGTntZLJ5zTwQqIcHxhOYZ1NoCC7/VoT6+rfSR33Y+ieeT3MuZaGQ
tbs7ro6JIYU0sHYP6Ld1cLxYZ7G4PMk6D3k9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKHEHDyxPx0FbcTe/9iypyzQxf9EwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0tIRUhEeXhQeDBGYmNU
ZV85aXlweXpReGY5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA28vBf9PxKz7ydjZqm5atHPxfNDlEls5e
RJJ2rKIInE2+UMAVDMTnrnOROikKWTTiv0/3JQV/hDs2P8O1a+X5lwBud0mjWEFQ
TPvZ63AoZ2c+9OYQW24cW4z9GGZYs0yv4Ox/N1lcibSX0l84r4D5raeL87eD81Mh
3hQvHFBZMPYzLwKRKQ1BJEvmYDxGMC1+0SY9FZfpUI4HRhBq9k0waXmJ25ncZRST
zcyMzt69Zjw1GboGE88Oig5hOf/3Og7VSiwcoVHB/shqXZq13JqqNxQoGIVK9XUd
lKzKsK50mafM+oyS253zYdylYDV9hxAp0VCl2buuSmgph1NensCwRg==
-----END CERTIFICATE-----
Generated at Thu Apr 18 03:14:39 2024 by rpki-client on console-fra.rpki-client.org