Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/X-kiLF0MybLm8vETDg79NqzAJjY.roa
File: X-kiLF0MybLm8vETDg79NqzAJjY.roa (raw, json)
Hash identifier: ZkbRJYrDRWXO84eQuBH4/olw7EXTrLs8nfIFzEqNpIg=
Subject key identifier: 5F:E9:22:2C:5D:0C:C9:B2:E6:F2:F1:13:0E:0E:FD:36:AC:C0:26:36
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1490
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/X-kiLF0MybLm8vETDg79NqzAJjY.roa
Signing time: Sun 14 Apr 2024 19:23:17 +0000
ROA not before: Sun 14 Apr 2024 19:23:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5264 (0x1490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 19:23:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5FE9222C5D0CC9B2E6F2F1130E0EFD36ACC02636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bf:8a:b6:6d:56:91:e7:07:9f:be:2e:3b:43:
e2:af:71:21:69:11:1b:0f:ea:a9:1d:75:d3:09:de:
ab:d7:50:39:4f:7e:04:ed:09:cf:c7:df:34:99:82:
a7:aa:d5:0e:6a:2b:42:72:4d:39:77:ce:d4:18:cc:
83:66:6c:a4:d4:33:ac:31:26:ad:98:a5:95:4d:f4:
70:6d:ac:c8:3b:80:c0:09:6e:56:7a:9e:02:2a:7c:
44:b5:7e:e9:f1:86:97:50:51:78:53:3d:d6:f4:9b:
98:3c:15:d9:04:2c:0a:08:b0:09:54:83:81:ec:de:
00:32:82:8e:66:de:e9:96:ee:03:56:f7:05:25:db:
16:fe:62:18:ab:61:5d:74:84:71:73:fa:f3:49:3f:
f5:d0:c5:f0:a7:2d:69:4e:db:69:d3:f4:a1:78:f5:
a2:4a:ea:4f:a5:ca:6e:a4:47:c4:c8:55:c5:e1:c9:
66:3a:6f:c8:2e:43:b8:75:d8:4f:cd:ff:58:dd:66:
c0:e2:85:fa:81:9f:2a:c6:00:73:30:03:18:e5:b2:
73:c1:5f:5c:55:4f:1b:53:52:55:b6:04:92:03:5a:
c8:2b:6a:28:64:89:39:22:0f:46:72:21:cc:a4:b4:
15:e6:95:48:cd:8f:9f:5c:81:6e:9a:6f:59:4c:69:
ab:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E9:22:2C:5D:0C:C9:B2:E6:F2:F1:13:0E:0E:FD:36:AC:C0:26:36
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/X-kiLF0MybLm8vETDg79NqzAJjY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:56:c4:06:50:aa:77:1b:27:cd:f0:7c:5e:f7:76:5a:3f:2a:
98:26:c5:1a:06:d1:24:c9:e7:18:42:12:d1:89:2f:c4:e1:d6:
bc:f5:e9:3b:8d:40:38:21:16:d1:1b:78:2d:9f:b0:d6:cc:f7:
0f:77:be:ce:d5:90:35:77:8a:d4:05:5b:03:56:8e:0d:8d:90:
32:50:42:a6:c6:44:e3:41:86:f9:36:9b:07:90:0a:84:b3:6a:
80:98:00:57:a0:63:c6:94:31:38:ff:9e:29:73:da:74:7d:2a:
5e:8d:47:99:c3:98:05:e2:c7:e3:b4:92:35:d2:9a:9c:5c:63:
c1:09:86:6f:bc:5b:44:09:c6:ea:6f:eb:a1:c3:70:31:50:b9:
c0:76:04:c1:2b:9f:b4:45:75:ca:f3:89:ab:05:79:75:98:94:
37:d0:b3:de:d2:e8:a1:3c:29:5b:8c:55:42:1c:63:e6:7c:7a:
c6:ff:b2:e7:07:8f:97:1f:4c:95:1f:03:46:26:25:1f:ed:5d:
d1:ef:b0:15:2f:2a:9e:74:d0:01:6e:17:0a:5f:c2:53:7b:d9:
17:e8:bf:42:62:cb:d0:fe:ef:83:cf:cb:f7:ad:ad:35:7f:a5:
58:12:b1:66:05:1b:fc:ef:4b:d6:d0:c8:b1:d9:32:ca:b1:07:
d4:dd:4f:8e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQx
OTIzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGRTkyMjJDNUQwQ0M5
QjJFNkYyRjExMzBFMEVGRDM2QUNDMDI2MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmv4q2bVaR5wefvi47Q+KvcSFpERsP6qkdddMJ3qvXUDlPfgTt
Cc/H3zSZgqeq1Q5qK0JyTTl3ztQYzINmbKTUM6wxJq2YpZVN9HBtrMg7gMAJblZ6
ngIqfES1funxhpdQUXhTPdb0m5g8FdkELAoIsAlUg4Hs3gAygo5m3umW7gNW9wUl
2xb+YhirYV10hHFz+vNJP/XQxfCnLWlO22nT9KF49aJK6k+lym6kR8TIVcXhyWY6
b8guQ7h12E/N/1jdZsDihfqBnyrGAHMwAxjlsnPBX1xVTxtTUlW2BJIDWsgraihk
iTkiD0ZyIcyktBXmlUjNj59cgW6ab1lMaav1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUX+kiLF0MybLm8vETDg79NqzAJjYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1gta2lMRjBNeWJMbTh2
RVREZzc5TnF6QUpqWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAAVbEBlCqdxsnzfB8Xvd2Wj8qmCbFGgbR
JMnnGEIS0YkvxOHWvPXpO41AOCEW0Rt4LZ+w1sz3D3e+ztWQNXeK1AVbA1aODY2Q
MlBCpsZE40GG+TabB5AKhLNqgJgAV6BjxpQxOP+eKXPadH0qXo1HmcOYBeLH47SS
NdKanFxjwQmGb7xbRAnG6m/rocNwMVC5wHYEwSuftEV1yvOJqwV5dZiUN9Cz3tLo
oTwpW4xVQhxj5nx6xv+y5wePlx9MlR8DRiYlH+1d0e+wFS8qnnTQAW4XCl/CU3vZ
F+i/QmLL0P7vg8/L962tNX+lWBKxZgUb/O9L1tDIsdkyyrEH1N1Pjg==
-----END CERTIFICATE-----
Generated at Sun Apr 14 22:52:32 2024 by rpki-client on console-fra.rpki-client.org