Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/TIKFXwp-BVG9e1V1KrR2hR9ydpw.roa
File: TIKFXwp-BVG9e1V1KrR2hR9ydpw.roa (raw, json)
Hash identifier: pN0C9IjJONniGWyWzaCIWoVZTwA4bUQ46OMGd0JxkPY=
Subject key identifier: 4C:82:85:5F:0A:7E:05:51:BD:7B:55:75:2A:B4:76:85:1F:72:76:9C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 150E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/TIKFXwp-BVG9e1V1KrR2hR9ydpw.roa
Signing time: Tue 16 Apr 2024 02:53:19 +0000
ROA not before: Tue 16 Apr 2024 02:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5390 (0x150e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 16 02:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4C82855F0A7E0551BD7B55752AB476851F72769C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:8c:50:d3:f0:47:56:7c:02:77:30:a0:6b:
c7:15:2a:0b:a7:25:a6:d8:18:87:52:d9:b6:ce:f9:
04:c7:fd:2c:a6:68:67:fe:e9:8d:ce:a1:e8:6c:ed:
39:fb:0e:d0:9b:52:d3:ab:b3:6e:0a:5d:a6:9e:f3:
3e:1d:8b:61:87:9b:a5:23:69:21:eb:d2:e4:76:cd:
c9:e1:22:cd:44:65:56:ec:3e:df:e8:38:3c:02:ec:
f5:31:80:b8:4e:c5:ef:53:a5:ba:16:a8:4e:70:26:
66:df:e2:c4:f7:cb:f8:e5:5c:90:1b:e4:db:e0:3d:
e9:be:cc:41:23:ae:dc:9e:a2:d1:03:3a:2b:72:47:
7d:d6:5d:79:e6:17:56:9e:89:6b:60:1d:22:e6:44:
ce:43:8f:7c:b9:1a:0a:9c:c6:cb:80:d2:cf:91:ee:
6c:7c:3d:4e:32:a2:59:91:33:41:78:e4:31:fe:48:
f9:13:4d:c7:bd:80:45:88:05:61:19:bd:7c:7e:c2:
c4:40:89:e4:04:e2:10:de:6d:c1:aa:8a:2e:73:9d:
d2:a9:ed:69:5a:e0:85:94:3f:e1:87:09:4c:00:8e:
35:5f:87:e1:42:6a:92:07:97:94:e8:9a:9f:a4:cc:
fb:4a:de:2b:38:e3:01:a2:e2:0f:15:84:93:a5:78:
d5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:82:85:5F:0A:7E:05:51:BD:7B:55:75:2A:B4:76:85:1F:72:76:9C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/TIKFXwp-BVG9e1V1KrR2hR9ydpw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:fe:8d:1c:d8:3c:8d:97:b4:86:0b:42:82:5b:81:cb:5c:08:
84:9e:ba:a2:71:62:7d:cb:cb:53:f2:35:c3:28:e9:cd:96:de:
e1:eb:d7:fa:22:8f:44:94:1d:e9:0f:0c:a8:0c:b2:12:dc:d1:
59:fa:c7:cc:95:ec:98:11:56:51:f3:cf:ef:a8:b3:58:df:69:
c6:31:04:ec:d1:9b:54:9e:62:49:d8:b6:ce:3f:fd:4c:c4:a5:
18:a0:04:1d:b4:79:40:08:75:7a:35:53:f4:db:42:83:42:71:
60:2c:95:d0:93:d8:18:74:53:23:59:ef:a9:f2:4c:1e:1b:0e:
2d:0f:ca:3f:bd:c9:7a:46:ca:0a:1a:91:2f:9a:4c:5e:ae:3a:
2c:56:16:98:76:68:34:a3:b6:4f:aa:e9:3b:54:55:ef:a5:02:
ba:90:01:7c:97:fb:c6:6d:70:23:b1:9c:64:12:23:11:3d:fa:
00:7a:fb:1e:cb:f9:81:64:11:7e:a3:ec:00:2e:cd:ae:e5:6b:
b4:9f:94:a1:79:d4:a1:26:9a:fe:1a:b2:a3:c2:5a:92:ba:b7:
30:a5:f9:b6:c1:c8:c0:20:cc:c1:a2:01:83:ee:8d:d9:81:d3:
67:a6:5a:7b:8f:38:19:4a:ec:bb:b7:b4:1f:79:5d:b1:71:68:
b5:86:de:92
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFQ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTYw
MjUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRDODI4NTVGMEE3RTA1
NTFCRDdCNTU3NTJBQjQ3Njg1MUY3Mjc2OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8b4xQ0/BHVnwCdzCga8cVKgunJabYGIdS2bbO+QTH/SymaGf+
6Y3Ooehs7Tn7DtCbUtOrs24KXaae8z4di2GHm6UjaSHr0uR2zcnhIs1EZVbsPt/o
ODwC7PUxgLhOxe9TpboWqE5wJmbf4sT3y/jlXJAb5NvgPem+zEEjrtyeotEDOity
R33WXXnmF1aeiWtgHSLmRM5Dj3y5GgqcxsuA0s+R7mx8PU4yolmRM0F45DH+SPkT
Tce9gEWIBWEZvXx+wsRAieQE4hDebcGqii5zndKp7Wla4IWUP+GHCUwAjjVfh+FC
apIHl5Tomp+kzPtK3is44wGi4g8VhJOleNWFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTIKFXwp+BVG9e1V1KrR2hR9ydpwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1RJS0ZYd3AtQlZHOWUx
VjFLclIyaFI5eWRwdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAEf6NHNg8jZe0hgtCgluBy1wIhJ66onFi
fcvLU/I1wyjpzZbe4evX+iKPRJQd6Q8MqAyyEtzRWfrHzJXsmBFWUfPP76izWN9p
xjEE7NGbVJ5iSdi2zj/9TMSlGKAEHbR5QAh1ejVT9NtCg0JxYCyV0JPYGHRTI1nv
qfJMHhsOLQ/KP73JekbKChqRL5pMXq46LFYWmHZoNKO2T6rpO1RV76UCupABfJf7
xm1wI7GcZBIjET36AHr7Hsv5gWQRfqPsAC7NruVrtJ+UoXnUoSaa/hqyo8Jakrq3
MKX5tsHIwCDMwaIBg+6N2YHTZ6Zae484GUrsu7e0H3ldsXFotYbekg==
-----END CERTIFICATE-----
Generated at Tue Apr 16 03:50:56 2024 by rpki-client on console-fra.rpki-client.org