Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/TUdD68-vjLWCCivOMkNQG2Eyxko.roa
File: TUdD68-vjLWCCivOMkNQG2Eyxko.roa (raw, json)
Hash identifier: kdLBeMZnSOY7Gu0hMSmcICLVu2QBXWqhucURnQo67Pg=
Subject key identifier: 4D:47:43:EB:CF:AF:8C:B5:82:0A:2B:CE:32:43:50:1B:61:32:C6:4A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A8C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/TUdD68-vjLWCCivOMkNQG2Eyxko.roa
Signing time: Tue 30 Apr 2024 18:24:46 +0000
ROA not before: Tue 30 Apr 2024 18:24:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6796 (0x1a8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 18:24:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4D4743EBCFAF8CB5820A2BCE3243501B6132C64A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:8e:c9:d4:46:8d:60:10:0d:31:94:60:6e:bc:
93:3b:a6:ac:43:12:a2:81:24:2a:e1:ae:23:d9:e7:
cb:6b:0f:7e:93:6d:8a:86:1c:26:e5:d0:d4:5f:e3:
f2:d2:77:13:b0:2b:91:85:b5:8c:17:75:70:b3:d8:
b0:e3:27:12:0e:00:a7:fd:02:c4:47:95:47:82:2f:
1e:a3:dd:c3:64:71:de:0c:bc:74:21:25:e6:02:10:
ff:45:cc:d5:e8:7c:0e:f9:d6:67:42:74:d9:7b:ac:
45:b2:10:1d:36:c2:06:e5:6e:28:29:aa:98:88:b5:
cb:50:b0:08:9b:ce:b0:9a:b2:00:81:ea:9c:18:78:
8a:2b:22:1e:77:7f:e4:2c:d6:9d:72:b1:15:e1:73:
37:d5:5c:fd:8b:10:75:fc:ca:ca:2a:26:c4:ef:9a:
f5:c5:f8:e7:2f:ff:6e:bc:50:c3:a9:4e:34:43:fa:
93:b0:85:b4:0d:f9:8f:03:3a:46:d5:85:cf:97:2c:
07:b7:30:56:aa:48:69:72:4e:9f:79:33:7b:8b:29:
c4:71:83:17:29:ab:a0:36:a5:25:22:fc:74:a2:d5:
57:cb:1e:41:da:87:1a:b9:1a:d8:23:00:cd:6c:1f:
97:4e:f6:e5:46:0e:6e:6c:6f:5d:ca:e9:d9:74:7e:
ed:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:47:43:EB:CF:AF:8C:B5:82:0A:2B:CE:32:43:50:1B:61:32:C6:4A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/TUdD68-vjLWCCivOMkNQG2Eyxko.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cf:ea:a0:7d:59:80:ab:fc:c6:1f:71:ce:49:5e:8e:b5:76:c1:
5b:44:0c:c6:06:e9:1d:1f:f9:02:98:6b:81:18:fe:07:84:47:
fb:88:4d:e4:88:22:27:6b:4c:cb:79:be:7b:ad:ff:0b:37:a2:
83:59:2d:fd:8c:fa:39:7e:46:96:1b:65:47:ea:cb:e8:a7:74:
fa:f1:5c:4f:d6:54:c9:e3:b1:98:bc:4b:ab:b6:1e:d2:d3:15:
50:f1:e6:ac:21:41:a0:2c:6e:8b:36:15:ca:9e:76:6d:1e:b2:
01:67:c5:de:3f:5a:65:ed:fa:ab:1c:3a:f3:ef:d7:02:b0:04:
8a:a9:4a:d9:45:19:d9:61:8e:18:22:a8:dd:42:e2:c6:5d:fa:
1f:90:53:9c:a6:01:82:ab:6b:41:11:b7:bd:73:f1:6a:71:39:
1e:9b:3b:67:dc:57:51:2e:d7:b0:6b:ed:f8:8d:c5:15:c4:92:
25:e2:3d:28:f7:4c:16:2a:f8:90:df:e5:59:49:7f:b0:f9:7d:
11:33:49:38:73:78:ad:49:f7:e0:d7:8a:ee:98:49:93:3a:43:
c9:09:ee:b7:a6:34:84:49:a4:0e:ca:e4:93:5e:e4:76:3a:f2:
68:9a:4c:47:63:b8:0c:9e:58:d4:e9:83:01:d6:20:21:a1:ea:
96:a3:29:4b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAx
ODI0NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRENDc0M0VCQ0ZBRjhD
QjU4MjBBMkJDRTMyNDM1MDFCNjEzMkM2NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2jsnURo1gEA0xlGBuvJM7pqxDEqKBJCrhriPZ58trD36TbYqG
HCbl0NRf4/LSdxOwK5GFtYwXdXCz2LDjJxIOAKf9AsRHlUeCLx6j3cNkcd4MvHQh
JeYCEP9FzNXofA751mdCdNl7rEWyEB02wgblbigpqpiItctQsAibzrCasgCB6pwY
eIorIh53f+Qs1p1ysRXhczfVXP2LEHX8ysoqJsTvmvXF+Ocv/268UMOpTjRD+pOw
hbQN+Y8DOkbVhc+XLAe3MFaqSGlyTp95M3uLKcRxgxcpq6A2pSUi/HSi1VfLHkHa
hxq5GtgjAM1sH5dO9uVGDm5sb13K6dl0fu2dAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUTUdD68+vjLWCCivOMkNQG2EyxkowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1RVZEQ2OC12akxXQ0Np
dk9Na05RRzJFeXhrby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAz+qgfVmAq/zGH3HOSV6OtXbBW0QMxgbp
HR/5AphrgRj+B4RH+4hN5IgiJ2tMy3m+e63/Czeig1kt/Yz6OX5GlhtlR+rL6Kd0
+vFcT9ZUyeOxmLxLq7Ye0tMVUPHmrCFBoCxuizYVyp52bR6yAWfF3j9aZe36qxw6
8+/XArAEiqlK2UUZ2WGOGCKo3ULixl36H5BTnKYBgqtrQRG3vXPxanE5Hps7Z9xX
US7XsGvt+I3FFcSSJeI9KPdMFir4kN/lWUl/sPl9ETNJOHN4rUn34NeK7phJkzpD
yQnut6Y0hEmkDsrkk17kdjryaJpMR2O4DJ5Y1OmDAdYgIaHqlqMpSw==
-----END CERTIFICATE-----
Generated at Tue Apr 30 22:24:05 2024 by rpki-client on console-ams.rpki-client.org