Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/KiUiF0mOsBtP0jYdflABX_izFzE.roa
File: KiUiF0mOsBtP0jYdflABX_izFzE.roa (raw, json)
Hash identifier: IIJYeO1213qZ33iQW5tMlWK/SsSmIHuZO54Z0eABxGM=
Subject key identifier: 2A:25:22:17:49:8E:B0:1B:4F:D2:36:1D:7E:50:01:5F:F8:B3:17:31
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1418
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/KiUiF0mOsBtP0jYdflABX_izFzE.roa
Signing time: Sat 13 Apr 2024 13:23:15 +0000
ROA not before: Sat 13 Apr 2024 13:23:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5144 (0x1418)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 13:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2A252217498EB01B4FD2361D7E50015FF8B31731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:22:8b:4a:f1:9e:f7:1b:24:43:a2:b2:c6:
ed:11:03:72:d8:27:37:ff:da:af:cf:3c:9e:83:ef:
0a:2c:a4:a1:be:3b:55:d8:4d:58:cf:45:c3:bc:1e:
7b:ec:26:6d:52:52:48:c5:cc:bc:1e:ef:49:fb:be:
75:7e:3a:59:54:97:a0:55:7e:ba:11:9c:90:a5:f0:
dc:50:6b:d1:54:0a:dd:d4:1b:f3:50:f3:c7:76:2d:
37:d2:05:ad:28:5c:10:5d:c0:8e:da:69:5d:3f:1d:
a0:1e:e0:e7:b3:1d:bd:ce:63:31:28:45:4a:19:9a:
9e:64:9e:3e:6e:6e:81:80:87:ea:ba:db:84:7d:f9:
5c:24:28:d9:8b:9d:43:21:8b:39:5e:9d:df:f2:b7:
31:23:cf:ba:73:32:e3:42:52:94:38:99:7b:06:4a:
1d:59:23:c5:d6:0c:35:d9:5d:70:7c:f8:75:07:e7:
06:01:08:32:34:1b:65:72:77:7b:33:2c:5c:ba:cc:
67:41:4e:ef:2f:ab:5b:45:c2:e6:f1:bc:19:46:4d:
f9:85:cd:c3:18:f4:95:3b:77:5e:86:4d:04:13:e3:
40:66:5d:39:43:f1:98:fc:fc:bb:06:1a:ea:e1:9f:
12:95:fc:e5:c8:58:35:74:e7:14:5f:97:0b:85:8b:
bb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:25:22:17:49:8E:B0:1B:4F:D2:36:1D:7E:50:01:5F:F8:B3:17:31
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/KiUiF0mOsBtP0jYdflABX_izFzE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:68:2f:09:80:58:e3:cf:95:a0:29:25:33:1a:b0:98:da:dc:
28:4e:28:43:64:5a:f5:99:b7:32:ab:ff:58:40:25:16:d7:14:
56:39:17:e0:a1:72:d4:06:31:40:1c:0c:fa:c2:23:41:15:61:
d0:cd:b0:4a:5b:97:da:0e:41:46:ae:00:d0:aa:4a:bb:4e:bb:
46:d2:89:86:b2:ec:11:46:9f:b0:8d:59:a8:31:a2:ad:d3:41:
d1:48:fb:7d:a8:e9:c8:5d:50:be:98:5b:ec:7b:9c:63:30:7c:
aa:84:74:62:76:cc:a6:99:c2:f0:f0:9b:8e:d8:98:4f:f9:bc:
13:97:3c:03:4e:58:16:63:6f:24:92:ef:e8:47:f0:ee:b9:74:
6a:31:02:2c:8b:8e:66:67:75:be:d7:a0:17:a9:87:f7:24:b9:
da:93:38:08:08:c7:54:b6:fa:d7:5b:1e:f7:86:a9:c0:ef:8f:
10:12:e4:9b:52:f1:37:ac:e6:93:22:c8:e8:23:24:58:18:38:
c4:6f:ac:52:50:03:ac:38:cb:9d:f9:f0:1e:43:e2:df:dc:4c:
d3:83:49:56:44:d7:09:fa:24:61:59:42:1b:d7:71:c6:ee:62:
1d:8b:0f:a9:ca:18:44:68:03:86:61:0d:a5:22:94:60:b2:b2:
41:14:3e:65
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFBgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMx
MzIzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJBMjUyMjE3NDk4RUIw
MUI0RkQyMzYxRDdFNTAwMTVGRjhCMzE3MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC73yKLSvGe9xskQ6Kyxu0RA3LYJzf/2q/PPJ6D7wospKG+O1XY
TVjPRcO8HnvsJm1SUkjFzLwe70n7vnV+OllUl6BVfroRnJCl8NxQa9FUCt3UG/NQ
88d2LTfSBa0oXBBdwI7aaV0/HaAe4OezHb3OYzEoRUoZmp5knj5uboGAh+q624R9
+VwkKNmLnUMhizlend/ytzEjz7pzMuNCUpQ4mXsGSh1ZI8XWDDXZXXB8+HUH5wYB
CDI0G2Vyd3szLFy6zGdBTu8vq1tFwubxvBlGTfmFzcMY9JU7d16GTQQT40BmXTlD
8Zj8/LsGGurhnxKV/OXIWDV05xRflwuFi7t9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKiUiF0mOsBtP0jYdflABX/izFzEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0tpVWlGMG1Pc0J0UDBq
WWRmbEFCWF9pekZ6RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAUGgvCYBY48+VoCklMxqwmNrcKE4oQ2Ra
9Zm3Mqv/WEAlFtcUVjkX4KFy1AYxQBwM+sIjQRVh0M2wSluX2g5BRq4A0KpKu067
RtKJhrLsEUafsI1ZqDGirdNB0Uj7fajpyF1Qvphb7HucYzB8qoR0YnbMppnC8PCb
jtiYT/m8E5c8A05YFmNvJJLv6Efw7rl0ajECLIuOZmd1vtegF6mH9yS52pM4CAjH
VLb611se94apwO+PEBLkm1LxN6zmkyLI6CMkWBg4xG+sUlADrDjLnfnwHkPi39xM
04NJVkTXCfokYVlCG9dxxu5iHYsPqcoYRGgDhmENpSKUYLKyQRQ+ZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 17:25:03 2024 by rpki-client on console-fra.rpki-client.org