Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/tKFn6Z8p_FQx1zQ_JTxRJM2kUiI.roa
File: tKFn6Z8p_FQx1zQ_JTxRJM2kUiI.roa (raw, json)
Hash identifier: 5XnhctJxCSDVyYnkH2PuFkq8inDJRosZoGK0nN0qpGE=
Subject key identifier: B4:A1:67:E9:9F:29:FC:54:31:D7:34:3F:25:3C:51:24:CD:A4:52:22
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13DE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/tKFn6Z8p_FQx1zQ_JTxRJM2kUiI.roa
Signing time: Fri 12 Apr 2024 22:53:17 +0000
ROA not before: Fri 12 Apr 2024 22:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5086 (0x13de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 22:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B4A167E99F29FC5431D7343F253C5124CDA45222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:81:01:fa:6e:64:d3:cb:b3:19:28:53:70:0d:
40:c9:ba:a1:c6:47:19:e6:c9:b5:ac:b2:66:74:de:
a9:85:64:a2:1a:55:cd:7a:64:93:00:55:69:07:ce:
cd:7e:1b:71:62:44:6b:64:b6:27:09:0b:7d:77:0b:
60:33:43:27:90:e6:a0:ea:d7:37:5c:64:1d:3e:98:
83:37:32:5c:5e:69:40:b3:53:08:d8:70:cf:db:35:
26:f6:00:af:5d:e4:8a:53:c1:1d:fb:18:82:d2:83:
3d:7a:83:18:fd:8a:9f:bc:33:f4:5a:e4:29:76:1f:
de:e9:1b:60:5e:ab:d3:14:21:f4:88:f8:d6:90:7f:
b2:c7:3c:6b:7c:d1:8a:71:46:7c:7e:9c:b3:0e:9b:
9c:06:6c:25:cd:72:41:03:23:c8:93:e8:97:2a:f3:
32:94:1c:f0:8e:51:27:95:a4:79:bc:53:33:8a:5d:
e8:96:4d:9d:88:d7:68:d3:f2:9c:4f:2b:3e:83:01:
77:33:f4:6f:07:92:16:e5:bf:e7:be:ee:82:d0:98:
d5:f8:2f:45:41:3e:93:74:9d:6d:97:45:cb:68:c9:
f1:3b:aa:7b:bb:f0:a9:d2:cf:dc:26:9d:29:9e:71:
9d:1d:9b:4d:4b:4b:c0:7f:7a:ae:b1:6d:6d:a5:30:
c9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A1:67:E9:9F:29:FC:54:31:D7:34:3F:25:3C:51:24:CD:A4:52:22
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/tKFn6Z8p_FQx1zQ_JTxRJM2kUiI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:83:d1:81:f9:89:39:53:7b:64:49:19:09:e2:f6:65:4f:3f:
ee:1b:db:7f:3e:58:da:f1:83:d4:4b:13:a8:23:f6:ad:2e:b1:
30:da:fd:97:49:97:23:c3:04:9b:a6:c8:9a:9e:bf:29:84:0e:
b7:13:ad:d7:1a:44:e8:70:03:5d:e5:68:94:9c:9c:98:78:d7:
5d:fa:a5:78:03:8f:03:2c:7c:8c:b4:ce:c0:52:a6:04:cf:5b:
bc:fa:b0:30:3e:3d:ca:2e:c2:14:d4:b6:1c:5a:1c:0f:fc:b8:
4e:bb:f8:b8:66:73:f1:db:47:71:ff:d8:d5:1c:00:48:fe:9d:
78:22:20:37:00:0c:3c:7b:8d:07:16:8f:85:9c:81:89:75:96:
0f:e1:21:8a:41:25:75:92:1a:87:a4:7a:f2:a9:48:93:56:12:
85:ae:8e:25:e1:50:eb:af:12:95:45:0a:3a:7e:95:af:9e:6f:
b3:b0:d5:c8:58:c9:61:d3:b4:14:4c:b2:06:57:96:7b:24:3f:
3a:58:d9:f6:81:db:b5:9b:0f:86:56:d7:56:2a:9b:6d:0f:89:
f8:c9:5b:8f:ad:ac:9d:1d:2b:37:b0:e0:28:86:1c:b4:a7:de:
e8:04:cc:4a:d5:8d:52:af:b4:19:57:37:cc:36:b4:11:82:a9:
b4:fc:8d:21
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIy
MjUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI0QTE2N0U5OUYyOUZD
NTQzMUQ3MzQzRjI1M0M1MTI0Q0RBNDUyMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/gQH6bmTTy7MZKFNwDUDJuqHGRxnmybWssmZ03qmFZKIaVc16
ZJMAVWkHzs1+G3FiRGtkticJC313C2AzQyeQ5qDq1zdcZB0+mIM3MlxeaUCzUwjY
cM/bNSb2AK9d5IpTwR37GILSgz16gxj9ip+8M/Ra5Cl2H97pG2Beq9MUIfSI+NaQ
f7LHPGt80YpxRnx+nLMOm5wGbCXNckEDI8iT6Jcq8zKUHPCOUSeVpHm8UzOKXeiW
TZ2I12jT8pxPKz6DAXcz9G8Hkhblv+e+7oLQmNX4L0VBPpN0nW2XRctoyfE7qnu7
8KnSz9wmnSmecZ0dm01LS8B/eq6xbW2lMMmZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtKFn6Z8p/FQx1zQ/JTxRJM2kUiIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3RLRm42WjhwX0ZReDF6
UV9KVHhSSk0ya1VpSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKoPRgfmJOVN7ZEkZCeL2ZU8/7hvbfz5Y
2vGD1EsTqCP2rS6xMNr9l0mXI8MEm6bImp6/KYQOtxOt1xpE6HADXeVolJycmHjX
XfqleAOPAyx8jLTOwFKmBM9bvPqwMD49yi7CFNS2HFocD/y4Trv4uGZz8dtHcf/Y
1RwASP6deCIgNwAMPHuNBxaPhZyBiXWWD+EhikEldZIah6R68qlIk1YSha6OJeFQ
668SlUUKOn6Vr55vs7DVyFjJYdO0FEyyBleWeyQ/OljZ9oHbtZsPhlbXViqbbQ+J
+Mlbj62snR0rN7DgKIYctKfe6ATMStWNUq+0GVc3zDa0EYKptPyNIQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 00:15:56 2024 by rpki-client on console-fra.rpki-client.org