Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/K_4HXdfAlIYUgRcrryAy27M--b8.roa
File: K_4HXdfAlIYUgRcrryAy27M--b8.roa (raw, json)
Hash identifier: ugdnVN5B6nVciKuURDCjIlsGcA4XUCbrVFbzKshRf5g=
Subject key identifier: 2B:FE:07:5D:D7:C0:94:86:14:81:17:2B:AF:20:32:DB:B3:3E:F9:BF
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D5E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/K_4HXdfAlIYUgRcrryAy27M--b8.roa
Signing time: Wed 08 May 2024 06:54:22 +0000
ROA not before: Wed 08 May 2024 06:54:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7518 (0x1d5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 8 06:54:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2BFE075DD7C094861481172BAF2032DBB33EF9BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f9:a2:f3:ab:7e:b3:94:e7:26:3f:94:17:87:
2f:75:9a:05:5c:2f:13:68:78:2b:4b:aa:f6:e6:91:
e2:3b:fd:69:97:5e:10:17:58:8c:9f:e0:92:0f:4d:
bf:5e:b7:f4:1a:84:82:59:47:cf:27:57:ff:51:9a:
12:9b:a2:f4:d0:6d:5f:75:e5:f6:09:91:31:16:43:
21:5b:99:9e:1a:79:91:bf:8e:79:93:62:72:26:b8:
8f:9f:e6:43:f7:8b:a3:38:19:42:44:9a:18:56:74:
c9:71:9a:e4:f5:af:06:f1:45:1f:c9:14:ff:d8:d8:
0c:ac:f0:33:2e:ae:b8:e8:5d:13:32:5a:65:f7:79:
95:e1:60:41:c6:c9:56:d8:7d:45:6c:69:e3:d9:fc:
5c:86:06:13:06:eb:68:9e:a9:00:72:f2:80:8b:27:
31:69:ac:ac:ef:aa:2b:97:96:85:23:e1:0f:95:1b:
b2:fe:e5:3f:7e:c2:cb:34:37:37:32:9c:96:c5:a5:
bb:c2:d5:fb:c2:16:37:34:78:7a:a5:13:3f:26:b0:
43:40:5d:56:4d:9a:ca:cd:c1:62:4a:19:80:53:ca:
8a:48:45:3c:70:b4:45:b5:5f:f2:f3:49:a6:29:2e:
39:b5:21:e0:63:c5:df:39:88:e1:b6:32:4c:be:30:
7a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FE:07:5D:D7:C0:94:86:14:81:17:2B:AF:20:32:DB:B3:3E:F9:BF
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/K_4HXdfAlIYUgRcrryAy27M--b8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:14:1e:58:1c:a3:70:c1:50:b5:aa:2b:14:90:4d:a9:63:f7:
94:9d:8d:b6:ee:a5:23:9f:50:db:f1:e4:f7:36:e7:8b:35:55:
a4:d9:8a:67:39:8c:6c:8c:e5:74:46:33:1e:ae:e9:c4:6f:17:
eb:86:c5:f2:ae:9f:47:10:ef:a0:f8:0d:f7:e5:93:3a:80:80:
db:eb:c5:32:73:9e:be:27:d5:fe:17:3e:9e:cf:ec:d1:03:fa:
06:1f:67:a8:2f:ee:8a:aa:e3:7d:9f:68:e8:ba:73:60:fc:81:
07:67:fe:3c:2b:e4:e3:12:8b:18:e5:6c:fa:49:b1:b7:e0:5d:
50:e5:ac:9e:9b:28:a5:ea:57:2e:ba:d9:3a:1c:c3:3f:25:78:
82:11:4f:bc:09:e4:8b:c0:06:45:f4:62:87:26:5c:08:36:95:
00:58:23:66:55:c4:6e:78:af:69:55:4a:65:c2:5f:57:49:f3:
4d:56:46:67:27:20:02:98:74:36:b3:b8:1b:8a:c3:51:aa:19:
a5:84:25:2d:a2:45:82:2f:38:00:34:a4:a1:8f:dc:20:ee:cf:
62:2a:d9:b1:f0:71:10:5b:e4:64:7a:46:73:2e:f4:78:c5:d9:
7e:f0:29:9b:b9:9a:04:f7:0e:9f:83:33:e2:67:d7:ff:59:1c:
8d:9a:08:85
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHV4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDgw
NjU0MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJCRkUwNzVERDdDMDk0
ODYxNDgxMTcyQkFGMjAzMkRCQjMzRUY5QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu+aLzq36zlOcmP5QXhy91mgVcLxNoeCtLqvbmkeI7/WmXXhAX
WIyf4JIPTb9et/QahIJZR88nV/9RmhKbovTQbV915fYJkTEWQyFbmZ4aeZG/jnmT
YnImuI+f5kP3i6M4GUJEmhhWdMlxmuT1rwbxRR/JFP/Y2Ays8DMurrjoXRMyWmX3
eZXhYEHGyVbYfUVsaePZ/FyGBhMG62ieqQBy8oCLJzFprKzvqiuXloUj4Q+VG7L+
5T9+wss0NzcynJbFpbvC1fvCFjc0eHqlEz8msENAXVZNmsrNwWJKGYBTyopIRTxw
tEW1X/LzSaYpLjm1IeBjxd85iOG2Mky+MHr7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUK/4HXdfAlIYUgRcrryAy27M++b8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0tfNEhYZGZBbElZVWdS
Y3JyeUF5MjdNLS1iOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAZBQeWByjcMFQtaorFJBNqWP3lJ2Ntu6l
I59Q2/Hk9zbnizVVpNmKZzmMbIzldEYzHq7pxG8X64bF8q6fRxDvoPgN9+WTOoCA
2+vFMnOevifV/hc+ns/s0QP6Bh9nqC/uiqrjfZ9o6LpzYPyBB2f+PCvk4xKLGOVs
+kmxt+BdUOWsnpsopepXLrrZOhzDPyV4ghFPvAnki8AGRfRihyZcCDaVAFgjZlXE
bnivaVVKZcJfV0nzTVZGZycgAph0NrO4G4rDUaoZpYQlLaJFgi84ADSkoY/cIO7P
YirZsfBxEFvkZHpGcy70eMXZfvApm7maBPcOn4Mz4mfX/1kcjZoIhQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:30 2024 by rpki-client on console-fra.rpki-client.org