Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/B2WF5_qxtRmnMyQiPTZXNsfaBts.roa
File: B2WF5_qxtRmnMyQiPTZXNsfaBts.roa (raw, json)
Hash identifier: U5nbCumbChge586lAP2g//VFWiJzBMDG6uZdG1VCZQ0=
Subject key identifier: 07:65:85:E7:FA:B1:B5:19:A7:33:24:22:3D:36:57:36:C7:DA:06:DB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E18
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/B2WF5_qxtRmnMyQiPTZXNsfaBts.roa
Signing time: Thu 28 Mar 2024 13:22:27 +0000
ROA not before: Thu 28 Mar 2024 13:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3608 (0xe18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 28 13:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=076585E7FAB1B519A73324223D365736C7DA06DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:49:9f:8a:2f:bf:f4:fe:57:f4:8c:98:57:
dc:74:7f:88:82:0c:4f:67:a8:19:2f:25:ca:74:43:
4f:98:a0:1f:e9:9d:31:dd:3d:ce:5d:d8:a0:ee:ad:
a7:ac:48:72:d8:11:74:fc:37:56:f9:fd:25:9d:fd:
ed:3e:37:2a:a2:0e:12:8f:e2:13:79:20:31:91:61:
46:30:e5:f1:f9:7c:9a:27:00:b6:f2:e6:8c:e3:44:
88:51:9d:24:09:9b:70:83:94:ca:d5:e6:ad:8d:fc:
fe:32:b0:71:40:02:55:93:12:d6:f2:82:4a:a2:5a:
33:d1:4b:43:b7:ec:db:81:df:40:67:fe:d4:ee:54:
94:65:07:21:4e:d9:c0:3b:dc:fe:c8:4f:a4:d1:99:
7e:73:3c:cc:90:65:e5:fa:47:fa:05:d8:e5:c5:05:
89:38:45:8b:a3:40:88:35:b7:fb:1d:f2:ad:87:d5:
8d:21:38:a9:f2:0a:cd:f9:36:b6:08:36:03:b3:a4:
d7:d0:62:93:d1:fc:b9:39:f9:48:c3:47:ec:73:ea:
6e:14:22:ce:24:bd:e5:2f:fa:aa:e1:91:8c:8b:c4:
c5:62:f7:56:e5:07:ad:6f:4d:41:66:c8:9b:d2:ca:
fa:62:e9:e5:53:fc:70:7c:85:2c:af:ce:c4:44:81:
50:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:65:85:E7:FA:B1:B5:19:A7:33:24:22:3D:36:57:36:C7:DA:06:DB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/B2WF5_qxtRmnMyQiPTZXNsfaBts.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:fa:9a:c9:d2:54:d1:c4:fa:ab:75:1b:0d:0f:da:c5:69:c5:
ae:fe:f8:05:9d:a2:ee:8b:76:b6:b9:89:85:ca:3f:3d:10:a0:
2a:3f:ef:34:a8:39:33:05:61:f0:69:6a:49:27:1e:fc:db:40:
2d:89:d4:f0:a0:e2:ce:5b:cb:17:c7:95:da:ab:b1:5e:97:a4:
91:4f:22:42:5b:c5:d1:d4:d5:03:51:0c:54:f7:00:34:bb:50:
74:68:e0:95:4f:3a:5c:54:8b:b6:d2:54:39:6c:d3:72:0f:b0:
c4:55:9c:70:13:f1:b8:bc:de:87:bd:b4:a3:2b:22:9d:13:3d:
63:f3:3d:c5:c9:d8:fa:3f:ad:74:89:2d:13:07:d9:0e:b7:bb:
8e:25:84:e3:ed:6e:d7:1a:f2:68:3d:54:51:9f:9b:d2:a9:33:
24:23:21:f6:5f:27:8b:d0:f9:13:79:83:55:2a:46:30:18:37:
97:a2:d5:5d:cb:fd:3b:a0:14:b8:ea:70:6e:7a:ec:e3:71:9a:
d0:ad:36:ce:c5:62:ed:51:16:db:b8:82:9e:65:39:d2:bd:13:
b1:fa:10:ec:e2:41:b7:7c:9f:5a:17:af:91:03:87:5e:19:d7:
ec:63:51:a3:b4:0a:c4:7c:36:4e:81:02:1a:6a:d2:bf:91:96:
7b:14:e5:91
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjgx
MzIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA3NjU4NUU3RkFCMUI1
MTlBNzMzMjQyMjNEMzY1NzM2QzdEQTA2REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC23Emfii+/9P5X9IyYV9x0f4iCDE9nqBkvJcp0Q0+YoB/pnTHd
Pc5d2KDuraesSHLYEXT8N1b5/SWd/e0+NyqiDhKP4hN5IDGRYUYw5fH5fJonALby
5ozjRIhRnSQJm3CDlMrV5q2N/P4ysHFAAlWTEtbygkqiWjPRS0O37NuB30Bn/tTu
VJRlByFO2cA73P7IT6TRmX5zPMyQZeX6R/oF2OXFBYk4RYujQIg1t/sd8q2H1Y0h
OKnyCs35NrYINgOzpNfQYpPR/Lk5+UjDR+xz6m4UIs4kveUv+qrhkYyLxMVi91bl
B61vTUFmyJvSyvpi6eVT/HB8hSyvzsREgVChAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUB2WF5/qxtRmnMyQiPTZXNsfaBtswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0IyV0Y1X3F4dFJtbk15
UWlQVFpYTnNmYUJ0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAkvqaydJU0cT6q3UbDQ/axWnFrv74BZ2i
7ot2trmJhco/PRCgKj/vNKg5MwVh8GlqSSce/NtALYnU8KDizlvLF8eV2quxXpek
kU8iQlvF0dTVA1EMVPcANLtQdGjglU86XFSLttJUOWzTcg+wxFWccBPxuLzeh720
oysinRM9Y/M9xcnY+j+tdIktEwfZDre7jiWE4+1u1xryaD1UUZ+b0qkzJCMh9l8n
i9D5E3mDVSpGMBg3l6LVXcv9O6AUuOpwbnrs43Ga0K02zsVi7VEW27iCnmU50r0T
sfoQ7OJBt3yfWhevkQOHXhnX7GNRo7QKxHw2ToECGmrSv5GWexTlkQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:00:53 2024 by rpki-client on console-fra.rpki-client.org