Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/v6YOmTEMthzfzBkBkI2IELGEWWA.roa
File: v6YOmTEMthzfzBkBkI2IELGEWWA.roa (raw, json)
Hash identifier: geni7G3bl8euXXJ13NGiByGhc4/TkHunQSuvMcpgbB0=
Subject key identifier: BF:A6:0E:99:31:0C:B6:1C:DF:CC:19:01:90:8D:88:10:B1:84:59:60
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11EC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v6YOmTEMthzfzBkBkI2IELGEWWA.roa
Signing time: Sun 07 Apr 2024 18:22:59 +0000
ROA not before: Sun 07 Apr 2024 18:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4588 (0x11ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 18:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BFA60E99310CB61CDFCC1901908D8810B1845960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:96:cf:5b:31:ea:be:83:48:33:72:67:b3:95:
ad:57:28:7a:f0:1b:e2:15:60:8b:4f:28:70:46:60:
b8:42:42:2f:b8:77:e6:bf:46:d1:8e:50:58:1b:70:
20:1b:73:d5:50:ff:be:30:80:56:a9:de:9e:17:f9:
c1:27:a9:4b:3a:05:7f:40:e7:f7:92:02:26:7a:73:
a2:35:1c:07:03:f2:9d:9d:9f:95:c2:38:69:49:e2:
af:71:1c:11:09:fd:ed:63:e6:5b:34:87:a1:58:5a:
b0:a2:2a:f8:c0:18:ef:64:9e:a2:d9:84:78:27:b9:
f4:ff:19:59:4e:e7:a4:6c:23:59:06:86:73:5d:84:
66:36:bf:6c:63:c5:c2:55:3b:40:1f:a8:b7:c5:d6:
ba:18:cc:ce:6d:7a:61:56:87:11:31:f5:f4:74:34:
a4:c1:10:bc:58:f5:60:04:fa:33:5f:e5:f1:4d:d8:
1c:00:40:6a:00:4f:e1:c3:97:ef:a0:e8:4e:d3:67:
44:b3:12:b6:f2:c3:11:a2:17:e7:fe:ac:60:43:8b:
04:84:f2:8e:5c:be:22:d9:08:f2:a2:17:8c:88:0f:
9c:ec:0a:28:71:87:17:8a:46:c1:45:84:76:d0:5f:
9a:95:4b:c0:c0:9b:72:6c:e0:af:fe:d1:4d:02:32:
dc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A6:0E:99:31:0C:B6:1C:DF:CC:19:01:90:8D:88:10:B1:84:59:60
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v6YOmTEMthzfzBkBkI2IELGEWWA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:e5:e7:48:67:98:a1:f8:fb:a0:a2:20:ea:ab:94:5a:1e:89:
d9:0f:35:09:f0:bb:e1:82:5f:0f:4a:fc:92:3d:79:f7:7e:e0:
ba:0c:ce:58:a7:c0:48:38:19:d6:1d:76:71:53:a5:58:50:1f:
60:56:fc:a0:64:e5:c8:fb:7d:17:ee:b2:4e:4c:d6:a7:d0:78:
2e:10:b4:47:55:11:50:27:28:a5:b6:77:8c:8b:ed:b1:e7:56:
e6:31:d0:94:b0:50:82:3c:48:b3:d5:3b:68:ea:fd:31:57:41:
9d:f9:df:60:5e:49:53:af:22:4f:8e:36:8d:b8:68:44:50:f4:
ac:5b:27:9c:6f:23:07:28:78:e3:4a:e9:d5:29:55:fe:dd:77:
3e:76:da:cd:a1:27:37:e3:d2:2b:00:c1:87:b0:42:64:6d:9f:
2b:ac:41:0b:f2:2e:a0:26:90:95:c8:0c:0a:6e:b0:90:01:23:
dd:10:d9:df:14:3b:e6:96:83:79:ac:43:9b:44:9c:fe:76:bd:
6f:97:b8:c4:bb:bd:0d:12:24:fe:a0:4f:eb:e4:93:6a:5f:e7:
5b:1e:68:ed:6f:70:5b:e9:37:d9:ea:3e:0c:67:43:94:57:02:
bb:98:29:42:22:3b:1a:1b:73:df:ab:44:dd:db:c7:e0:3a:87:
07:8b:2b:03
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcx
ODIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGQTYwRTk5MzEwQ0I2
MUNERkNDMTkwMTkwOEQ4ODEwQjE4NDU5NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPls9bMeq+g0gzcmezla1XKHrwG+IVYItPKHBGYLhCQi+4d+a/
RtGOUFgbcCAbc9VQ/74wgFap3p4X+cEnqUs6BX9A5/eSAiZ6c6I1HAcD8p2dn5XC
OGlJ4q9xHBEJ/e1j5ls0h6FYWrCiKvjAGO9knqLZhHgnufT/GVlO56RsI1kGhnNd
hGY2v2xjxcJVO0AfqLfF1roYzM5temFWhxEx9fR0NKTBELxY9WAE+jNf5fFN2BwA
QGoAT+HDl++g6E7TZ0SzErbywxGiF+f+rGBDiwSE8o5cviLZCPKiF4yID5zsCihx
hxeKRsFFhHbQX5qVS8DAm3Js4K/+0U0CMtwzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUv6YOmTEMthzfzBkBkI2IELGEWWAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3Y2WU9tVEVNdGh6ZnpC
a0JrSTJJRUxHRVdXQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAZeXnSGeYofj7oKIg6quUWh6J2Q81CfC7
4YJfD0r8kj15937gugzOWKfASDgZ1h12cVOlWFAfYFb8oGTlyPt9F+6yTkzWp9B4
LhC0R1URUCcopbZ3jIvtsedW5jHQlLBQgjxIs9U7aOr9MVdBnfnfYF5JU68iT442
jbhoRFD0rFsnnG8jByh440rp1SlV/t13PnbazaEnN+PSKwDBh7BCZG2fK6xBC/Iu
oCaQlcgMCm6wkAEj3RDZ3xQ75paDeaxDm0Sc/na9b5e4xLu9DRIk/qBP6+STal/n
Wx5o7W9wW+k32eo+DGdDlFcCu5gpQiI7Ghtz36tE3dvH4DqHB4srAw==
-----END CERTIFICATE-----
Generated at Sun Apr 7 21:51:12 2024 by rpki-client on console-ams.rpki-client.org