Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/rYufCgpwcJkMpRIOfTn867kRjkk.roa
File: rYufCgpwcJkMpRIOfTn867kRjkk.roa (raw, json)
Hash identifier: khl+cv/+ptlfojmoGNUkKTemXFN8/x7fZsJ48UudP4E=
Subject key identifier: AD:8B:9F:0A:0A:70:70:99:0C:A5:12:0E:7D:39:FC:EB:B9:11:8E:49
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C02
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rYufCgpwcJkMpRIOfTn867kRjkk.roa
Signing time: Sat 04 May 2024 15:54:48 +0000
ROA not before: Sat 04 May 2024 15:54:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7170 (0x1c02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 15:54:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD8B9F0A0A7070990CA5120E7D39FCEBB9118E49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:70:d5:b6:51:ae:15:cd:db:93:c4:7d:03:
cc:d2:ac:d2:67:4e:ad:34:68:15:65:72:39:cc:41:
46:f2:7f:60:d2:9b:05:12:b0:ff:4d:e7:bc:54:41:
a8:5d:9c:a2:a0:11:0c:c4:7c:b0:fb:fc:28:f0:18:
8f:da:af:b9:e2:e6:4e:32:83:8d:2e:64:ef:27:2e:
a2:ef:fc:10:02:08:36:ae:be:da:dd:df:1e:ae:56:
0e:48:e6:dc:81:3e:64:63:10:29:7f:c5:f0:b0:81:
b6:46:be:32:bf:42:43:6c:1f:f1:0e:92:4b:ba:e5:
2a:e2:b7:64:32:08:b1:88:d9:ad:94:65:04:03:74:
1b:7d:1b:ab:5e:f4:fd:32:48:69:55:05:bc:d8:a1:
c9:55:c5:27:fe:cc:4f:38:fd:0a:af:34:59:ca:63:
c7:59:9b:d6:cf:d2:e2:5f:df:dc:9b:33:0f:13:29:
13:96:c2:f4:77:b0:dc:de:35:86:68:3d:13:90:f4:
5b:67:8b:e4:fe:01:6e:f6:27:89:46:cc:e2:c9:be:
b1:31:34:b2:cd:9b:7f:03:3c:07:d5:40:0a:70:6d:
45:e8:f8:d8:ae:a6:e7:b1:f7:75:8e:e5:ae:df:dc:
32:fa:6e:03:2e:c6:af:ef:9b:26:88:50:d8:2b:fd:
5e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:8B:9F:0A:0A:70:70:99:0C:A5:12:0E:7D:39:FC:EB:B9:11:8E:49
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rYufCgpwcJkMpRIOfTn867kRjkk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:3c:9e:e5:1d:b9:f1:f5:45:8c:91:b6:34:65:f1:94:62:9e:
66:8d:65:23:23:3e:62:95:c7:1d:2f:b8:1c:1c:9c:fd:53:5c:
4e:11:95:40:12:67:d5:92:46:21:d5:d7:37:56:a7:57:49:20:
3e:75:75:b5:1f:3e:f3:b8:a8:ac:10:04:04:2f:31:53:af:bb:
55:9b:43:51:ef:43:1e:de:70:f6:f3:f9:4f:34:8a:cb:2e:c5:
1e:88:b4:49:06:db:b7:6f:a9:fe:e9:3d:53:cd:76:66:f9:13:
3e:7a:40:67:9e:49:24:6f:c9:c8:fb:48:fd:36:fa:aa:f0:ff:
86:f3:fa:e5:04:7f:cc:26:9f:10:a0:e5:bd:fd:7a:df:e7:22:
84:5f:51:94:76:97:51:e6:8e:1b:c1:07:c5:bd:34:b8:ab:47:
b2:69:b7:02:41:c7:9a:af:92:d9:45:3d:f3:48:a3:73:86:28:
c7:b4:ff:9e:56:d1:d7:4d:9b:50:d0:e2:6d:be:15:a3:33:d1:
53:c3:1b:7a:df:ae:ad:f3:69:b7:c1:4b:2b:29:8c:a7:ce:43:
3c:37:89:e8:72:d9:f2:54:79:68:95:a9:d0:61:fa:bf:c3:10:
64:d2:c8:7d:b3:c0:25:5f:1c:15:0f:09:9b:59:9a:93:c7:9a:
63:eb:62:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQx
NTU0NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFEOEI5RjBBMEE3MDcw
OTkwQ0E1MTIwRTdEMzlGQ0VCQjkxMThFNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8BXDVtlGuFc3bk8R9A8zSrNJnTq00aBVlcjnMQUbyf2DSmwUS
sP9N57xUQahdnKKgEQzEfLD7/CjwGI/ar7ni5k4yg40uZO8nLqLv/BACCDauvtrd
3x6uVg5I5tyBPmRjECl/xfCwgbZGvjK/QkNsH/EOkku65Srit2QyCLGI2a2UZQQD
dBt9G6te9P0ySGlVBbzYoclVxSf+zE84/QqvNFnKY8dZm9bP0uJf39ybMw8TKROW
wvR3sNzeNYZoPROQ9Ftni+T+AW72J4lGzOLJvrExNLLNm38DPAfVQApwbUXo+Niu
puex93WO5a7f3DL6bgMuxq/vmyaIUNgr/V5JAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrYufCgpwcJkMpRIOfTn867kRjkkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3JZdWZDZ3B3Y0prTXBS
SU9mVG44NjdrUmpray5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAWDye5R258fVFjJG2NGXxlGKeZo1lIyM+
YpXHHS+4HByc/VNcThGVQBJn1ZJGIdXXN1anV0kgPnV1tR8+87iorBAEBC8xU6+7
VZtDUe9DHt5w9vP5TzSKyy7FHoi0SQbbt2+p/uk9U812ZvkTPnpAZ55JJG/JyPtI
/Tb6qvD/hvP65QR/zCafEKDlvf163+cihF9RlHaXUeaOG8EHxb00uKtHsmm3AkHH
mq+S2UU980ijc4Yox7T/nlbR102bUNDibb4VozPRU8Mbet+urfNpt8FLKymMp85D
PDeJ6HLZ8lR5aJWp0GH6v8MQZNLIfbPAJV8cFQ8Jm1mak8eaY+tiCg==
-----END CERTIFICATE-----
Generated at Sat May 4 17:20:57 2024 by rpki-client on console-fra.rpki-client.org