Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/KR0L-J7uOQlVaO_uTvXKQHdxYes.roa
File: KR0L-J7uOQlVaO_uTvXKQHdxYes.roa (raw, json)
Hash identifier: Egw+f1Dl6DIz/lyi6EOAF9lLSewH2Op04yqf2/3olig=
Subject key identifier: 29:1D:0B:F8:9E:EE:39:09:55:68:EF:EE:4E:F5:CA:40:77:71:61:EB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D94
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/KR0L-J7uOQlVaO_uTvXKQHdxYes.roa
Signing time: Wed 08 May 2024 20:24:21 +0000
ROA not before: Wed 08 May 2024 20:24:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7572 (0x1d94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 8 20:24:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=291D0BF89EEE39095568EFEE4EF5CA40777161EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0a:1e:4d:0a:bd:88:91:4d:b1:9e:31:42:c2:
db:e4:aa:93:13:65:47:a4:34:b2:55:40:63:b4:89:
1a:8b:df:af:7a:90:15:db:b5:b1:19:3f:ed:c1:bc:
30:8e:ec:b0:f9:b4:7e:cc:8c:92:5f:1c:19:09:55:
de:83:4f:66:93:41:e9:6d:6f:31:d1:f1:55:79:2b:
24:63:b3:2d:c9:64:c0:3c:b5:00:ce:89:ea:6a:86:
a4:2f:7b:e4:f0:a4:43:b8:25:8e:1d:8c:71:9d:66:
9a:03:d6:62:30:23:06:50:04:2a:aa:21:7d:09:b1:
4c:ce:13:d7:85:2e:e2:dd:7c:a2:0f:63:ad:00:7c:
bb:60:01:ce:af:0e:aa:9f:f9:b1:5c:ed:d7:94:fe:
74:a5:2d:8a:86:83:4b:31:ba:1d:93:83:ac:4e:7b:
ae:a8:c2:34:0b:9b:59:18:4a:7f:af:fe:e6:e3:a9:
20:8d:20:83:3f:11:9a:07:29:87:02:f7:9d:19:d3:
36:ba:76:8f:9c:9b:f2:10:af:f3:43:e8:ea:84:2b:
21:20:87:4c:ad:9e:28:4f:b1:67:c1:f7:d5:1d:78:
aa:d4:bd:0b:1e:89:e2:1d:8e:82:bd:76:05:f2:e2:
b1:70:42:c8:4e:f9:39:32:fb:38:cc:67:b0:b3:73:
fa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1D:0B:F8:9E:EE:39:09:55:68:EF:EE:4E:F5:CA:40:77:71:61:EB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/KR0L-J7uOQlVaO_uTvXKQHdxYes.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:12:58:ac:c0:ec:b9:81:43:66:05:91:0d:a4:bb:21:79:5d:
3a:13:b2:74:da:74:9e:6c:48:40:04:71:6f:11:b0:1a:6a:a3:
b6:1f:40:be:43:cf:94:ff:57:89:a3:b1:c5:d3:d5:c1:67:41:
e2:84:2a:d9:eb:91:d6:a9:85:8f:16:1b:be:36:d9:b9:ec:2b:
d3:83:1f:81:d6:8f:27:b8:60:5e:01:2a:88:98:da:c5:35:a9:
36:7b:af:99:36:47:4a:00:c8:78:db:0f:f8:7d:79:83:0f:1c:
17:c1:56:53:70:f6:4a:99:4f:5a:66:d4:4a:50:27:8f:72:07:
ad:d2:d2:ac:9a:40:c1:28:87:9f:0e:57:d8:fa:f0:45:b3:e8:
c4:81:fe:1a:23:fe:f8:7c:fe:33:76:9c:90:fe:23:a3:94:89:
a2:19:7f:8b:a7:96:43:40:ed:46:97:bf:ac:b7:3e:7f:ac:46:
07:3d:6e:61:4f:67:56:9f:3b:46:ce:2b:bf:05:95:36:61:96:
7c:dc:07:f3:a2:34:d4:2b:4d:57:7f:32:85:e0:f5:6d:5d:98:
f2:65:bd:67:2b:c8:8b:9d:0f:67:5e:e5:5a:dd:3a:12:53:a7:
78:1a:56:88:23:00:23:09:44:2b:15:01:69:6f:31:40:75:ce:
bf:fc:cf:8b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDgy
MDI0MjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5MUQwQkY4OUVFRTM5
MDk1NTY4RUZFRTRFRjVDQTQwNzc3MTYxRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeCh5NCr2IkU2xnjFCwtvkqpMTZUekNLJVQGO0iRqL3696kBXb
tbEZP+3BvDCO7LD5tH7MjJJfHBkJVd6DT2aTQeltbzHR8VV5KyRjsy3JZMA8tQDO
iepqhqQve+TwpEO4JY4djHGdZpoD1mIwIwZQBCqqIX0JsUzOE9eFLuLdfKIPY60A
fLtgAc6vDqqf+bFc7deU/nSlLYqGg0sxuh2Tg6xOe66owjQLm1kYSn+v/ubjqSCN
IIM/EZoHKYcC950Z0za6do+cm/IQr/ND6OqEKyEgh0ytnihPsWfB99UdeKrUvQse
ieIdjoK9dgXy4rFwQshO+Tky+zjMZ7Czc/rNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKR0L+J7uOQlVaO/uTvXKQHdxYeswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0tSMEwtSjd1T1FsVmFP
X3VUdlhLUUhkeFllcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAtBJYrMDsuYFDZgWRDaS7IXldOhOydNp0
nmxIQARxbxGwGmqjth9AvkPPlP9XiaOxxdPVwWdB4oQq2euR1qmFjxYbvjbZuewr
04MfgdaPJ7hgXgEqiJjaxTWpNnuvmTZHSgDIeNsP+H15gw8cF8FWU3D2SplPWmbU
SlAnj3IHrdLSrJpAwSiHnw5X2PrwRbPoxIH+GiP++Hz+M3ackP4jo5SJohl/i6eW
Q0DtRpe/rLc+f6xGBz1uYU9nVp87Rs4rvwWVNmGWfNwH86I01CtNV38yheD1bV2Y
8mW9ZyvIi50PZ17lWt06ElOneBpWiCMAIwlEKxUBaW8xQHXOv/zPiw==
-----END CERTIFICATE-----
Generated at Thu May 9 00:00:33 2024 by rpki-client on console-fra.rpki-client.org