Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/kN44p4hLlQlkiRKuEoWhqAK4cB4.roa
File: kN44p4hLlQlkiRKuEoWhqAK4cB4.roa (raw, json)
Hash identifier: DmLyjOx14hudkvkAeWqfhBO1NsW5S8bnF/ONIT6wcIE=
Subject key identifier: 90:DE:38:A7:88:4B:95:09:64:89:12:AE:12:85:A1:A8:02:B8:70:1E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1672
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/kN44p4hLlQlkiRKuEoWhqAK4cB4.roa
Signing time: Fri 19 Apr 2024 19:53:30 +0000
ROA not before: Fri 19 Apr 2024 19:53:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5746 (0x1672)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 19 19:53:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90DE38A7884B9509648912AE1285A1A802B8701E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:72:67:63:c2:49:79:4d:7b:56:98:0d:0b:31:
80:b5:bb:0f:aa:25:b3:6e:8f:be:a4:e3:d5:22:5c:
d8:d7:29:19:d2:bf:9b:dc:05:13:fc:7c:8e:d6:85:
18:fc:55:84:e4:5e:e6:c6:b1:97:5b:4c:1a:29:44:
d4:f6:f5:d9:37:3f:0c:1b:01:f8:68:87:72:c2:7b:
e1:ea:51:8a:08:bb:06:76:1e:7a:08:bf:b4:d7:ea:
11:3a:c6:3a:fc:f7:3a:cc:c3:8f:9e:0c:c8:2b:4c:
99:ad:9e:cd:eb:18:cc:6d:1e:1b:f5:f6:5b:c2:cd:
99:94:14:3a:42:66:8f:d4:b1:f9:b0:ec:f9:10:1a:
71:fc:3e:6a:52:7b:ce:5d:5b:07:09:ff:3e:cc:2c:
22:19:ca:55:98:5e:ed:cc:87:ab:22:0e:80:77:cf:
c1:39:71:d9:c7:cf:b3:39:e7:20:1c:78:54:d0:00:
84:14:0a:59:e0:dc:8c:15:5c:5a:5d:22:2e:cf:d2:
58:38:67:db:f6:87:34:bc:83:f8:1d:29:30:b4:09:
86:85:dd:ee:f4:80:b4:be:91:7a:68:72:2c:48:2f:
2d:11:63:95:09:34:78:f5:bc:19:14:3b:55:40:8f:
0b:48:05:19:e6:d5:cf:8c:e5:5e:01:c0:54:c3:50:
3c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DE:38:A7:88:4B:95:09:64:89:12:AE:12:85:A1:A8:02:B8:70:1E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/kN44p4hLlQlkiRKuEoWhqAK4cB4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:e8:7b:8d:17:3d:bd:6d:b2:ca:b8:e3:61:a2:25:d7:45:8d:
43:af:ef:c5:05:74:ce:bd:4b:a2:00:59:51:95:ad:c6:f9:10:
86:13:30:0f:03:5c:cc:38:31:84:43:e8:32:73:16:bd:b2:39:
ee:37:f0:96:54:2f:15:1d:5e:89:f2:e1:62:46:d5:b2:52:5f:
20:de:e7:54:62:69:74:14:73:7a:07:fd:4d:32:e1:5b:d3:d4:
a7:61:ea:47:af:4f:c7:fa:7b:02:16:51:2d:4a:3f:ed:6f:f0:
63:3b:73:1d:2f:b4:5e:5a:90:52:a7:56:cd:61:76:52:4f:21:
14:f1:f6:65:cb:72:a1:37:86:44:f0:11:cc:78:05:a4:15:93:
38:ee:d7:09:86:26:e9:2b:e7:96:c4:c5:9d:19:f9:28:d5:7a:
bc:5d:2b:7c:ac:45:16:b7:d7:4d:b5:33:9c:18:25:52:a5:0f:
de:cd:77:13:06:e9:6c:1f:15:d0:0a:0c:76:c0:5f:2d:c9:25:
19:00:50:73:8f:51:e5:db:41:b9:5f:71:eb:85:42:26:99:9e:
67:11:60:d1:07:e8:38:b6:73:cd:a0:ff:f2:09:b0:4d:86:77:
bb:40:68:d9:7f:4a:5a:d3:5b:5d:a7:eb:e5:aa:a7:93:5f:74:
bd:96:60:e3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTkx
OTUzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwREUzOEE3ODg0Qjk1
MDk2NDg5MTJBRTEyODVBMUE4MDJCODcwMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpcmdjwkl5TXtWmA0LMYC1uw+qJbNuj76k49UiXNjXKRnSv5vc
BRP8fI7WhRj8VYTkXubGsZdbTBopRNT29dk3PwwbAfhoh3LCe+HqUYoIuwZ2HnoI
v7TX6hE6xjr89zrMw4+eDMgrTJmtns3rGMxtHhv19lvCzZmUFDpCZo/Usfmw7PkQ
GnH8PmpSe85dWwcJ/z7MLCIZylWYXu3Mh6siDoB3z8E5cdnHz7M55yAceFTQAIQU
Clng3IwVXFpdIi7P0lg4Z9v2hzS8g/gdKTC0CYaF3e70gLS+kXpocixILy0RY5UJ
NHj1vBkUO1VAjwtIBRnm1c+M5V4BwFTDUDyTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkN44p4hLlQlkiRKuEoWhqAK4cB4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2tONDRwNGhMbFFsa2lS
S3VFb1docUFLNGNCNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAjuh7jRc9vW2yyrjjYaIl10WNQ6/vxQV0
zr1LogBZUZWtxvkQhhMwDwNczDgxhEPoMnMWvbI57jfwllQvFR1eifLhYkbVslJf
IN7nVGJpdBRzegf9TTLhW9PUp2HqR69Px/p7AhZRLUo/7W/wYztzHS+0XlqQUqdW
zWF2Uk8hFPH2ZctyoTeGRPARzHgFpBWTOO7XCYYm6SvnlsTFnRn5KNV6vF0rfKxF
FrfXTbUznBglUqUP3s13EwbpbB8V0AoMdsBfLcklGQBQc49R5dtBuV9x64VCJpme
ZxFg0QfoOLZzzaD/8gmwTYZ3u0Bo2X9KWtNbXafr5aqnk190vZZg4w==
-----END CERTIFICATE-----
Generated at Fri Apr 19 23:37:32 2024 by rpki-client on console-fra.rpki-client.org