Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/xbkKHwR-oA9hQwMUsTlNylsWlOs.roa
File: xbkKHwR-oA9hQwMUsTlNylsWlOs.roa (raw, json)
Hash identifier: 3ElU7KFlr1yg4E1PlAZjcW0U5VdJ3ZUNO6Xa1VYYfn4=
Subject key identifier: C5:B9:0A:1F:04:7E:A0:0F:61:43:03:14:B1:39:4D:CA:5B:16:94:EB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1CFC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xbkKHwR-oA9hQwMUsTlNylsWlOs.roa
Signing time: Tue 07 May 2024 06:24:36 +0000
ROA not before: Tue 07 May 2024 06:24:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7420 (0x1cfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 7 06:24:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C5B90A1F047EA00F61430314B1394DCA5B1694EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:87:1a:40:33:a9:c7:b3:ad:ca:7c:71:c5:e9:
21:17:36:d3:e9:ec:82:de:49:c1:27:be:38:d3:0a:
57:1e:7c:61:84:d8:6a:ce:42:44:f6:af:e9:ff:e5:
15:05:1c:06:38:af:a4:96:a9:22:1b:80:4e:c2:63:
49:85:21:03:ff:0a:e2:90:98:d1:da:bd:0e:6f:a5:
41:07:19:73:73:76:d1:a5:9a:4d:ae:d9:d1:54:0a:
49:81:c4:01:bd:86:1d:47:38:03:27:c6:88:ee:6f:
a1:fc:b4:27:0d:f3:61:f3:0d:4a:93:63:32:bc:70:
d5:a5:fa:8e:74:dc:6b:f3:a8:4a:02:e8:e5:72:1d:
00:fb:11:62:ea:86:08:49:0e:b3:a1:75:68:99:ae:
be:ae:30:b4:54:0a:90:e2:c2:0b:6c:c0:d2:31:56:
2a:4e:66:f6:05:f0:fb:4d:0f:58:a6:4e:bb:8f:5d:
e3:a9:ba:36:c3:18:ef:60:8e:9e:07:51:f9:ee:aa:
63:12:cc:5d:4e:3f:89:26:87:75:9b:d1:2e:70:07:
19:cf:1d:b3:7b:86:3a:5b:f8:eb:b0:5c:74:6d:6a:
9d:d9:f7:e1:b1:a6:d6:3d:aa:1f:9e:e2:c8:08:94:
84:a0:05:dc:ca:ae:64:62:82:76:5d:4b:d7:fa:d7:
b8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B9:0A:1F:04:7E:A0:0F:61:43:03:14:B1:39:4D:CA:5B:16:94:EB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xbkKHwR-oA9hQwMUsTlNylsWlOs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:93:3b:73:90:62:90:96:51:74:af:36:60:32:81:5d:f2:e1:
79:36:87:7f:47:ec:fe:8c:56:bc:8b:bf:52:d6:0b:5b:bb:ad:
53:5a:8d:78:7a:be:a1:a6:f8:d3:1e:24:80:a5:ff:97:1f:2c:
0a:38:bd:6c:b5:53:86:a1:35:1f:66:a5:a4:18:24:a6:11:a6:
b7:0d:94:39:cf:bb:65:fd:ed:09:c1:e8:70:68:5c:0b:3a:6e:
58:83:f2:b4:8c:cc:5c:2c:de:6d:66:c3:1c:ff:ec:7c:e2:7b:
4b:36:6c:8b:ec:8e:9a:64:d0:21:0d:d8:69:2b:d4:e2:fc:53:
66:b1:e6:fc:93:d2:90:0a:eb:19:01:a4:ed:5a:63:9d:bb:fe:
1f:80:db:bf:96:de:40:0a:be:72:6b:48:de:1d:4c:5a:b4:99:
cf:d2:1c:d8:1a:31:fb:04:22:f4:ce:e2:a0:9f:2a:eb:56:76:
b8:aa:50:1d:9f:48:15:2b:7f:fe:28:c5:01:d1:00:a1:06:0a:
0d:3d:ae:50:9e:c4:4b:2d:3c:9f:9e:b6:bd:c8:ed:0f:e1:6b:
7d:f4:59:4b:06:dd:8c:91:97:fa:f7:4b:89:ae:fe:b9:c1:93:
3f:bb:e9:2b:be:74:a6:c3:87:55:7a:47:65:c1:8a:c4:db:82:
e7:32:c4:3a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDcw
NjI0MzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1QjkwQTFGMDQ3RUEw
MEY2MTQzMDMxNEIxMzk0RENBNUIxNjk0RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDhxpAM6nHs63KfHHF6SEXNtPp7ILeScEnvjjTClcefGGE2GrO
QkT2r+n/5RUFHAY4r6SWqSIbgE7CY0mFIQP/CuKQmNHavQ5vpUEHGXNzdtGlmk2u
2dFUCkmBxAG9hh1HOAMnxojub6H8tCcN82HzDUqTYzK8cNWl+o503GvzqEoC6OVy
HQD7EWLqhghJDrOhdWiZrr6uMLRUCpDiwgtswNIxVipOZvYF8PtND1imTruPXeOp
ujbDGO9gjp4HUfnuqmMSzF1OP4kmh3Wb0S5wBxnPHbN7hjpb+OuwXHRtap3Z9+Gx
ptY9qh+e4sgIlISgBdzKrmRignZdS9f617g5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxbkKHwR+oA9hQwMUsTlNylsWlOswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3hia0tId1Itb0E5aFF3
TVVzVGxOeWxzV2xPcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAbJM7c5BikJZRdK82YDKBXfLheTaHf0fs
/oxWvIu/UtYLW7utU1qNeHq+oab40x4kgKX/lx8sCji9bLVThqE1H2alpBgkphGm
tw2UOc+7Zf3tCcHocGhcCzpuWIPytIzMXCzebWbDHP/sfOJ7SzZsi+yOmmTQIQ3Y
aSvU4vxTZrHm/JPSkArrGQGk7Vpjnbv+H4Dbv5beQAq+cmtI3h1MWrSZz9Ic2Box
+wQi9M7ioJ8q61Z2uKpQHZ9IFSt//ijFAdEAoQYKDT2uUJ7ESy08n562vcjtD+Fr
ffRZSwbdjJGX+vdLia7+ucGTP7vpK750psOHVXpHZcGKxNuC5zLEOg==
-----END CERTIFICATE-----
Generated at Tue May 7 11:42:56 2024 by rpki-client on console-fra.rpki-client.org