Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/km7AqRrN5mfkF-5bdE9DQDqr45E.roa
File: km7AqRrN5mfkF-5bdE9DQDqr45E.roa (raw, json)
Hash identifier: vaXBHTTEOaogeEfuxVV9p/4bcyHRhb/iiSRhkooUfQw=
Subject key identifier: 92:6E:C0:A9:1A:CD:E6:67:E4:17:EE:5B:74:4F:43:40:3A:AB:E3:91
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BBA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/km7AqRrN5mfkF-5bdE9DQDqr45E.roa
Signing time: Fri 03 May 2024 21:54:14 +0000
ROA not before: Fri 03 May 2024 21:54:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7098 (0x1bba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 21:54:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=926EC0A91ACDE667E417EE5B744F43403AABE391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:50:8d:7a:46:b5:2a:2e:d9:ad:ed:d8:41:7c:
26:ea:09:45:3d:e2:99:a6:d7:ce:84:99:82:5d:aa:
0a:1a:2e:40:76:78:46:84:7b:51:13:26:63:aa:a3:
a3:ab:44:69:4f:d3:93:70:b8:ed:72:7c:23:7e:51:
7c:ed:ba:85:9c:d0:56:31:5d:ce:b6:f9:05:d2:94:
86:aa:35:28:b7:95:7d:b3:37:2d:6c:de:a6:de:37:
25:e3:12:86:ec:22:54:22:cb:94:33:ee:43:d8:31:
81:b8:27:f1:51:54:51:ff:7e:d5:c7:74:61:60:94:
59:4d:7a:8b:80:e5:3c:97:0a:ad:d1:e2:6f:02:6a:
f9:fb:0a:d8:25:b5:4c:c7:c0:96:a7:69:93:21:c6:
07:db:0c:8f:19:10:1f:14:6f:b5:0b:4a:37:11:13:
32:70:06:83:9b:4b:fe:c0:b3:75:4d:01:05:5f:32:
45:b1:e1:b6:c7:3d:4b:80:2a:71:7f:e3:06:b6:2d:
63:82:6c:53:3f:67:83:b4:dc:23:a9:94:88:06:72:
c5:e5:aa:12:81:77:5a:58:fe:e8:25:8e:eb:87:60:
39:9f:74:98:5a:b8:6e:51:13:6b:03:72:7c:3f:ae:
eb:8b:44:93:f5:e4:38:ce:95:1b:3c:ae:3d:1f:a2:
c0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6E:C0:A9:1A:CD:E6:67:E4:17:EE:5B:74:4F:43:40:3A:AB:E3:91
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/km7AqRrN5mfkF-5bdE9DQDqr45E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:43:da:e3:cd:34:d1:9c:57:1c:80:2f:4d:29:09:57:3e:cc:
7e:e3:dc:fa:e1:58:9d:98:9a:28:f6:d7:d0:4b:37:ea:a0:86:
69:7f:4a:84:fc:4a:1b:8d:12:1d:1f:b9:30:38:8b:3b:c8:f6:
12:43:42:40:01:db:5b:28:c8:91:ff:4e:09:9c:18:ed:1a:9b:
fb:c2:38:3a:b5:2c:59:d3:4a:f4:b4:76:69:85:c4:bd:77:57:
3a:bb:f0:e3:1e:59:49:88:6a:55:da:36:ca:39:c9:eb:e2:52:
26:c8:4d:bb:e1:89:c0:17:61:7a:fd:52:ba:d5:c7:cc:68:ac:
8b:f6:7d:95:a1:bb:0e:94:c6:80:40:a8:4a:9a:19:78:1d:a9:
6f:25:76:c3:df:50:f6:a3:36:c9:51:c6:38:47:d2:4c:36:01:
b0:64:d2:75:0a:86:8c:d0:22:95:90:79:10:a4:c1:68:dc:b6:
d5:a9:c2:3c:0a:4e:e2:62:8f:0f:38:43:e9:e7:90:9e:3c:a4:
d8:37:7c:e8:44:aa:6a:b4:40:db:bd:5e:d2:b0:bd:62:5f:ae:
05:38:62:4a:9e:df:e4:a7:2a:b9:9f:44:3b:1f:4b:f1:b5:77:
32:e2:03:c9:81:e3:f6:ef:21:c3:64:c8:d5:78:e9:81:01:86:
bf:64:d5:f1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMy
MTU0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkyNkVDMEE5MUFDREU2
NjdFNDE3RUU1Qjc0NEY0MzQwM0FBQkUzOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6UI16RrUqLtmt7dhBfCbqCUU94pmm186EmYJdqgoaLkB2eEaE
e1ETJmOqo6OrRGlP05NwuO1yfCN+UXztuoWc0FYxXc62+QXSlIaqNSi3lX2zNy1s
3qbeNyXjEobsIlQiy5Qz7kPYMYG4J/FRVFH/ftXHdGFglFlNeouA5TyXCq3R4m8C
avn7CtgltUzHwJanaZMhxgfbDI8ZEB8Ub7ULSjcREzJwBoObS/7As3VNAQVfMkWx
4bbHPUuAKnF/4wa2LWOCbFM/Z4O03COplIgGcsXlqhKBd1pY/ugljuuHYDmfdJha
uG5RE2sDcnw/ruuLRJP15DjOlRs8rj0fosC9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkm7AqRrN5mfkF+5bdE9DQDqr45EwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2ttN0FxUnJONW1ma0Yt
NWJkRTlEUURxcjQ1RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEApEPa48000ZxXHIAvTSkJVz7MfuPc+uFY
nZiaKPbX0Es36qCGaX9KhPxKG40SHR+5MDiLO8j2EkNCQAHbWyjIkf9OCZwY7Rqb
+8I4OrUsWdNK9LR2aYXEvXdXOrvw4x5ZSYhqVdo2yjnJ6+JSJshNu+GJwBdhev1S
utXHzGisi/Z9laG7DpTGgECoSpoZeB2pbyV2w99Q9qM2yVHGOEfSTDYBsGTSdQqG
jNAilZB5EKTBaNy21anCPApO4mKPDzhD6eeQnjyk2Dd86ESqarRA271e0rC9Yl+u
BThiSp7f5KcquZ9EOx9L8bV3MuIDyYHj9u8hw2TI1XjpgQGGv2TV8Q==
-----END CERTIFICATE-----
Generated at Fri May 3 23:18:47 2024 by rpki-client on console-fra.rpki-client.org