Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/kFMydrPyyGxIVB__QcboDWwXGws.roa
File: kFMydrPyyGxIVB__QcboDWwXGws.roa (raw, json)
Hash identifier: Jayz4wjw74TFwEvwagVlCaBucw64anZIZxEBIk+Clmw=
Subject key identifier: 90:53:32:76:B3:F2:C8:6C:48:54:1F:FF:41:C6:E8:0D:6C:17:1B:0B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16FC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/kFMydrPyyGxIVB__QcboDWwXGws.roa
Signing time: Sun 21 Apr 2024 06:23:29 +0000
ROA not before: Sun 21 Apr 2024 06:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5884 (0x16fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 21 06:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90533276B3F2C86C48541FFF41C6E80D6C171B0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:8c:eb:5f:2a:46:61:c1:04:28:36:b2:45:
35:8d:52:dc:77:dc:17:56:49:9f:3d:75:e8:34:fa:
2f:8c:1c:7f:51:93:25:92:c6:f8:10:4b:4e:24:ca:
46:7c:cd:6c:54:56:a7:61:bc:34:5e:7c:4d:10:bc:
f8:40:23:64:b3:eb:a6:2f:81:7b:97:02:d6:16:11:
47:f3:07:9c:d9:c1:a8:df:d6:d6:e9:b8:ad:fd:70:
bb:7d:33:b2:88:98:05:1a:eb:6a:f3:a4:e6:62:30:
d7:33:cb:11:8b:55:48:4a:58:0c:19:76:21:5f:03:
d6:dd:bf:b3:31:9f:73:1e:ed:fa:e6:43:33:5a:a5:
ac:b6:72:50:2a:ab:84:11:62:0b:c2:29:5a:60:85:
51:de:34:fe:b4:96:3f:dd:0d:69:65:67:f5:80:48:
ce:b8:10:b7:20:55:e8:bb:6f:ab:98:36:b5:dc:7f:
73:3c:32:42:b5:44:95:90:2b:18:81:03:90:63:b0:
7c:f7:17:c5:19:01:0c:49:00:42:98:be:4c:2c:10:
91:fe:e6:68:33:ee:4d:8e:02:56:a6:f6:3f:b0:58:
53:53:f0:78:f8:17:16:97:21:c2:d6:a7:f1:ef:94:
b9:fb:e6:a9:91:65:fa:e2:67:fd:37:c6:fd:2c:6d:
6a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:53:32:76:B3:F2:C8:6C:48:54:1F:FF:41:C6:E8:0D:6C:17:1B:0B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/kFMydrPyyGxIVB__QcboDWwXGws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:9e:cf:4f:36:7b:16:67:ea:eb:05:ee:7d:44:e4:d0:38:fd:
f5:27:76:20:49:25:4f:fe:70:47:67:16:8b:01:bd:66:6e:81:
83:20:b2:89:b1:81:aa:52:1e:35:83:32:e0:3b:f8:7b:62:ec:
f2:3b:73:75:cf:a9:9b:39:16:8c:21:9e:07:9c:5e:65:5b:38:
73:01:ef:88:7b:46:aa:b5:d3:b1:d9:a8:0d:a6:ae:ae:a6:a4:
d3:5c:02:ae:b9:ed:4a:74:d2:3c:d5:6a:73:81:70:16:e9:ee:
fa:6c:f1:07:40:c9:6e:27:35:e4:9f:c9:69:5b:ed:9a:ce:ac:
56:24:11:ce:d9:80:52:fc:75:7c:b1:70:42:5c:7c:26:a4:cd:
3d:d6:85:ab:a2:99:41:25:d7:24:8e:90:f9:1a:b2:c9:dc:8f:
4f:b3:26:24:0f:68:97:12:50:00:c8:d7:e8:d7:37:77:25:13:
dd:5f:b0:73:3e:fa:1f:c8:8f:d3:54:d8:d4:ff:ff:5a:0f:e7:
b6:0b:55:ec:ca:5d:f3:5b:34:05:8f:16:51:d0:5c:bf:3a:42:
0c:45:b6:cf:a7:f6:5e:89:e1:20:4f:01:9a:5d:57:14:13:95:
95:c9:8b:da:b2:5d:e1:53:d5:32:26:19:e1:9a:61:65:b8:20:
06:a1:59:f8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFvwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjEw
NjIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwNTMzMjc2QjNGMkM4
NkM0ODU0MUZGRjQxQzZFODBENkMxNzFCMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKJozrXypGYcEEKDayRTWNUtx33BdWSZ89deg0+i+MHH9RkyWS
xvgQS04kykZ8zWxUVqdhvDRefE0QvPhAI2Sz66YvgXuXAtYWEUfzB5zZwajf1tbp
uK39cLt9M7KImAUa62rzpOZiMNczyxGLVUhKWAwZdiFfA9bdv7Mxn3Me7frmQzNa
pay2clAqq4QRYgvCKVpghVHeNP60lj/dDWllZ/WASM64ELcgVei7b6uYNrXcf3M8
MkK1RJWQKxiBA5BjsHz3F8UZAQxJAEKYvkwsEJH+5mgz7k2OAlam9j+wWFNT8Hj4
FxaXIcLWp/HvlLn75qmRZfriZ/03xv0sbWolAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkFMydrPyyGxIVB//QcboDWwXGwswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2tGTXlkclB5eUd4SVZC
X19RY2JvRFd3WEd3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAT57PTzZ7Fmfq6wXufUTk0Dj99Sd2IEkl
T/5wR2cWiwG9Zm6BgyCyibGBqlIeNYMy4Dv4e2Ls8jtzdc+pmzkWjCGeB5xeZVs4
cwHviHtGqrXTsdmoDaaurqak01wCrrntSnTSPNVqc4FwFunu+mzxB0DJbic15J/J
aVvtms6sViQRztmAUvx1fLFwQlx8JqTNPdaFq6KZQSXXJI6Q+RqyydyPT7MmJA9o
lxJQAMjX6Nc3dyUT3V+wcz76H8iP01TY1P//Wg/ntgtV7Mpd81s0BY8WUdBcvzpC
DEW2z6f2XonhIE8Bml1XFBOVlcmL2rJd4VPVMiYZ4ZphZbggBqFZ+A==
-----END CERTIFICATE-----
Generated at Sun Apr 21 13:43:41 2024 by rpki-client on console.sobornost.net