Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/kOR2el4yqCbvF5jKG-L7DlzE8Lw.roa
File: kOR2el4yqCbvF5jKG-L7DlzE8Lw.roa (raw, json)
Hash identifier: gAN0cQ/OXG5fxnm9e6JGERuSuySUEh9snGWYxYrx4ws=
Subject key identifier: 90:E4:76:7A:5E:32:A8:26:EF:17:98:CA:1B:E2:FB:0E:5C:C4:F0:BC
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15CC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/kOR2el4yqCbvF5jKG-L7DlzE8Lw.roa
Signing time: Thu 18 Apr 2024 02:23:24 +0000
ROA not before: Thu 18 Apr 2024 02:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5580 (0x15cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 02:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90E4767A5E32A826EF1798CA1BE2FB0E5CC4F0BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a7:e7:e1:77:a2:e7:a5:63:8c:6f:25:18:bd:
25:7e:30:0f:d4:55:61:9e:b5:82:60:0a:56:6f:d2:
e0:2b:b2:88:e7:41:ac:c0:31:fb:22:5f:3c:a0:9a:
5c:74:e1:e7:e4:ce:93:44:39:a9:77:de:15:b9:07:
07:ac:07:5c:62:e0:7f:11:05:83:f1:bb:43:0b:65:
d5:cd:a6:17:bf:6c:f4:46:a6:de:97:79:c6:62:e5:
22:56:b4:8f:27:f2:e0:8e:af:cd:fd:f8:e1:21:39:
f9:2a:01:d6:d5:37:23:5c:ff:cb:76:8c:3d:90:74:
34:ec:7f:73:db:c6:4b:55:67:53:72:c2:40:f2:7c:
4a:a6:28:16:64:b3:05:f9:a1:fb:57:6a:1a:db:ec:
c9:78:02:54:4a:81:c8:29:b5:fd:6b:d2:28:2d:78:
f2:c2:bc:32:25:f2:f3:0d:6f:2c:e8:02:1e:16:5c:
cc:64:bf:54:07:0f:20:3d:04:6b:ac:e0:d9:ec:ee:
83:d1:c0:41:8a:57:f8:29:e8:f4:0a:c9:20:9b:2b:
a8:85:9a:5b:e6:36:5b:01:52:8c:38:6d:70:10:70:
61:69:bc:18:5e:ef:84:37:47:a8:05:7c:61:dc:67:
76:36:63:49:e5:be:12:f4:9b:88:20:a3:7c:7c:7a:
64:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E4:76:7A:5E:32:A8:26:EF:17:98:CA:1B:E2:FB:0E:5C:C4:F0:BC
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/kOR2el4yqCbvF5jKG-L7DlzE8Lw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:df:f4:c5:e7:51:35:f6:f4:d1:b9:52:e7:f1:c4:bc:ab:4a:
fc:d8:bf:79:bc:8a:8c:1a:e9:79:c2:df:81:eb:3a:15:9e:a2:
14:c7:02:87:51:3a:45:fe:d2:a3:7d:1a:40:fc:9d:ac:4d:71:
e5:cc:67:dd:e0:0f:9d:f1:8f:7c:9f:25:1d:4f:f3:4d:a8:4b:
08:18:12:21:58:86:48:86:35:ef:12:41:58:07:8c:19:88:e9:
76:d5:31:b8:6c:c5:1e:7b:38:6e:07:5e:44:ef:82:a6:ba:f6:
7f:07:2d:01:b9:49:2d:fe:21:86:38:d1:62:a9:4a:d3:da:39:
59:69:33:e3:a4:35:50:50:b6:77:8e:76:7e:3a:43:a2:31:f5:
c6:cc:cf:60:37:2d:c6:44:ce:4b:b7:51:86:f9:42:2a:c7:81:
ab:5c:69:bc:49:51:2f:4f:a2:47:93:3e:8e:ed:be:d5:04:a6:
50:af:f8:ed:c4:0a:f2:64:4b:7f:04:b6:74:19:f7:97:3a:30:
b7:2d:c7:d0:dc:b3:30:a3:f2:4f:b8:fc:e1:0c:6c:d3:45:74:
1b:06:31:a3:e8:6d:69:7e:65:2d:d1:a3:e8:65:16:02:75:ea:
6b:53:38:b9:a7:55:53:a5:66:66:d8:18:ce:00:c3:f4:4a:77:
0d:5f:4f:7f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgw
MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwRTQ3NjdBNUUzMkE4
MjZFRjE3OThDQTFCRTJGQjBFNUNDNEYwQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwp+fhd6LnpWOMbyUYvSV+MA/UVWGetYJgClZv0uArsojnQazA
MfsiXzygmlx04efkzpNEOal33hW5BwesB1xi4H8RBYPxu0MLZdXNphe/bPRGpt6X
ecZi5SJWtI8n8uCOr839+OEhOfkqAdbVNyNc/8t2jD2QdDTsf3PbxktVZ1NywkDy
fEqmKBZkswX5oftXahrb7Ml4AlRKgcgptf1r0igtePLCvDIl8vMNbyzoAh4WXMxk
v1QHDyA9BGus4Nns7oPRwEGKV/gp6PQKySCbK6iFmlvmNlsBUow4bXAQcGFpvBhe
74Q3R6gFfGHcZ3Y2Y0nlvhL0m4ggo3x8emSLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkOR2el4yqCbvF5jKG+L7DlzE8LwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2tPUjJlbDR5cUNidkY1
aktHLUw3RGx6RThMdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEANt/0xedRNfb00blS5/HEvKtK/Ni/ebyK
jBrpecLfges6FZ6iFMcCh1E6Rf7So30aQPydrE1x5cxn3eAPnfGPfJ8lHU/zTahL
CBgSIViGSIY17xJBWAeMGYjpdtUxuGzFHns4bgdeRO+Cprr2fwctAblJLf4hhjjR
YqlK09o5WWkz46Q1UFC2d452fjpDojH1xszPYDctxkTOS7dRhvlCKseBq1xpvElR
L0+iR5M+ju2+1QSmUK/47cQK8mRLfwS2dBn3lzowty3H0NyzMKPyT7j84Qxs00V0
GwYxo+htaX5lLdGj6GUWAnXqa1M4uadVU6VmZtgYzgDD9Ep3DV9Pfw==
-----END CERTIFICATE-----
Generated at Thu Apr 18 03:54:59 2024 by rpki-client on console-fra.rpki-client.org