Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/7ZFwLkPeFgPRWhWX7rAp3wrv5Rw.roa
File: 7ZFwLkPeFgPRWhWX7rAp3wrv5Rw.roa (raw, json)
Hash identifier: 5D9qvaJyPIWeFRf+T+2OhDQYvKhP81JSClcmBUlcqzM=
Subject key identifier: ED:91:70:2E:43:DE:16:03:D1:5A:15:97:EE:B0:29:DF:0A:EF:E5:1C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F10
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/7ZFwLkPeFgPRWhWX7rAp3wrv5Rw.roa
Signing time: Sun 31 Mar 2024 03:22:35 +0000
ROA not before: Sun 31 Mar 2024 03:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3856 (0xf10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 03:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ED91702E43DE1603D15A1597EEB029DF0AEFE51C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1c:05:e2:c7:8c:8c:7d:a2:26:e9:a8:e7:a5:
db:93:a8:ab:f1:27:06:a1:4a:ff:09:b7:a8:a5:4d:
bb:b3:1c:a3:f8:b3:e9:ba:3e:5c:ba:db:d2:28:f4:
73:55:8c:e9:40:41:0f:3f:93:e7:6e:31:61:f7:88:
98:4a:ad:33:60:7b:f0:8b:a1:80:44:f6:d2:44:a4:
84:e1:6f:53:d6:4c:46:4f:24:44:fa:ae:d8:0d:09:
55:03:6d:bc:5c:c3:f3:ea:e2:e4:a8:f0:02:2b:6d:
91:74:5d:60:b2:12:45:e4:21:4d:80:1c:47:7d:07:
0f:73:08:13:35:4c:e4:d5:5b:b4:08:7d:2e:ab:ed:
16:bd:dc:a7:2d:b5:f3:e9:ca:2a:47:ec:2a:df:f6:
86:43:56:59:db:73:4b:bf:40:f6:91:01:8f:bb:cf:
7f:02:4c:4b:8f:bb:5b:f2:b5:a3:59:18:b6:7a:04:
3e:32:bd:4f:f6:cc:33:d4:7b:96:f8:df:78:cd:1f:
6f:71:1b:c1:c5:66:48:79:f1:78:be:2a:ff:e2:ff:
f8:f8:60:fe:44:10:19:ef:41:70:b4:91:df:48:59:
b9:2e:9e:a5:44:5d:22:a8:42:ff:ae:28:51:0a:6c:
b0:d7:31:fc:d0:9e:0f:59:fd:83:d0:f6:82:67:94:
23:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:91:70:2E:43:DE:16:03:D1:5A:15:97:EE:B0:29:DF:0A:EF:E5:1C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/7ZFwLkPeFgPRWhWX7rAp3wrv5Rw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:9a:9b:72:1d:1e:87:53:f2:5d:65:17:37:e8:03:0b:d3:46:
48:31:fe:c9:4c:93:3a:9b:01:cb:2f:83:45:ad:45:14:5b:79:
8b:10:64:18:87:85:b8:b6:e3:4e:69:ba:97:79:05:03:71:12:
e5:11:6d:2c:62:8a:49:4e:12:07:cc:67:b5:89:56:6d:80:68:
a2:60:58:c6:a2:19:23:07:83:50:fd:a1:41:cd:1f:86:93:93:
29:b2:b6:d3:a6:a1:a1:db:9c:9b:9e:eb:02:3f:ed:d1:2e:ff:
e6:2a:00:c2:4e:2a:5c:cb:9b:86:6d:ee:8e:b2:72:3b:74:91:
7f:7c:b5:91:7c:e6:8d:60:34:09:1e:44:33:11:f6:79:fc:13:
1c:b2:f4:01:ad:b1:69:5e:09:48:d0:f6:3d:67:3e:cd:18:3e:
c1:9b:65:b2:df:38:5e:c6:d7:c9:60:18:fb:f1:24:e4:9d:a0:
66:52:7b:b9:a0:20:e3:36:4f:b8:3d:70:77:16:9c:df:91:f9:
65:bb:1b:3a:0f:fc:fa:d4:2d:eb:36:0c:b2:c8:ec:d7:bd:31:
2c:30:47:e8:7b:a9:7a:bb:af:6c:b8:a5:1f:d3:6e:c1:7b:43:
90:5f:90:68:1e:71:7f:c7:50:b0:be:62:0f:70:6d:b7:65:71:
9a:6f:77:5d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDxAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEw
MzIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVEOTE3MDJFNDNERTE2
MDNEMTVBMTU5N0VFQjAyOURGMEFFRkU1MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHHAXix4yMfaIm6ajnpduTqKvxJwahSv8Jt6ilTbuzHKP4s+m6
Ply629Io9HNVjOlAQQ8/k+duMWH3iJhKrTNge/CLoYBE9tJEpIThb1PWTEZPJET6
rtgNCVUDbbxcw/Pq4uSo8AIrbZF0XWCyEkXkIU2AHEd9Bw9zCBM1TOTVW7QIfS6r
7Ra93KcttfPpyipH7Crf9oZDVlnbc0u/QPaRAY+7z38CTEuPu1vytaNZGLZ6BD4y
vU/2zDPUe5b433jNH29xG8HFZkh58Xi+Kv/i//j4YP5EEBnvQXC0kd9IWbkunqVE
XSKoQv+uKFEKbLDXMfzQng9Z/YPQ9oJnlCO7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU7ZFwLkPeFgPRWhWX7rAp3wrv5RwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzdaRndMa1BlRmdQUldo
V1g3ckFwM3dydjVSdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAhZqbch0eh1PyXWUXN+gDC9NGSDH+yUyT
OpsByy+DRa1FFFt5ixBkGIeFuLbjTmm6l3kFA3ES5RFtLGKKSU4SB8xntYlWbYBo
omBYxqIZIweDUP2hQc0fhpOTKbK206ahoducm57rAj/t0S7/5ioAwk4qXMubhm3u
jrJyO3SRf3y1kXzmjWA0CR5EMxH2efwTHLL0Aa2xaV4JSND2PWc+zRg+wZtlst84
XsbXyWAY+/Ek5J2gZlJ7uaAg4zZPuD1wdxac35H5ZbsbOg/8+tQt6zYMssjs170x
LDBH6HuperuvbLilH9NuwXtDkF+QaB5xf8dQsL5iD3Btt2Vxmm93XQ==
-----END CERTIFICATE-----
Generated at Sun Mar 31 04:43:45 2024 by rpki-client on console-fra.rpki-client.org