Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/BAR33KQW_W5Omp37EDU16RDObqg.roa
File: BAR33KQW_W5Omp37EDU16RDObqg.roa (raw, json)
Hash identifier: kg247HKWN7v88xevQpI6JEvxIDjUxhF8IA+woU5zVSM=
Subject key identifier: 04:04:77:DC:A4:16:FD:6E:4E:9A:9D:FB:10:35:35:E9:10:CE:6E:A8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11E0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BAR33KQW_W5Omp37EDU16RDObqg.roa
Signing time: Sun 07 Apr 2024 15:22:55 +0000
ROA not before: Sun 07 Apr 2024 15:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4576 (0x11e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 15:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=040477DCA416FD6E4E9A9DFB103535E910CE6EA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:57:d3:91:cc:e0:f8:9c:ab:32:b7:85:dd:30:
96:1c:5d:5c:9e:25:f9:4b:91:26:a8:57:7d:13:35:
8f:09:b7:e8:a7:f3:07:f5:30:01:e0:45:e8:df:a7:
af:98:8b:d9:e3:6d:78:a3:7d:67:3f:9b:be:8e:ea:
ae:c0:34:d1:ec:ec:42:24:9e:55:20:ba:ee:63:14:
a4:ad:9f:31:f2:fc:41:ee:89:c3:2b:b0:43:2f:ab:
82:c3:c2:30:4b:8a:3b:b4:ae:a7:0c:c8:77:c3:7d:
45:31:12:de:62:0a:10:e5:03:2d:84:a6:1c:3f:fe:
97:eb:72:ae:28:60:33:7f:9b:8c:89:0b:61:87:a1:
fe:e3:cc:88:7d:e0:91:15:6f:96:a8:3c:78:8d:5f:
3f:29:d0:3b:7e:0f:cd:e6:24:0b:f6:5e:87:39:bf:
ff:a0:63:58:ed:27:3e:95:40:3c:7d:9c:e7:29:0c:
6c:46:a1:18:e4:98:e4:e1:d3:21:71:b5:50:fb:7d:
0c:69:61:a1:f3:db:6e:b7:bb:15:c2:e1:e1:af:37:
31:e3:2d:cd:34:71:1e:45:67:f3:c1:1e:d7:c8:94:
81:c5:ed:7a:89:a5:46:c7:3c:96:4e:2e:c5:4f:c1:
fb:9e:ae:10:37:49:64:06:de:cc:15:7b:b8:8a:00:
3a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:04:77:DC:A4:16:FD:6E:4E:9A:9D:FB:10:35:35:E9:10:CE:6E:A8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BAR33KQW_W5Omp37EDU16RDObqg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:c2:9f:94:23:04:cf:0e:36:ec:20:73:d8:b9:e4:8d:20:83:
c1:5c:bb:d6:07:fa:d6:f9:c3:e9:fd:7f:65:64:f5:94:77:e8:
be:cd:ab:27:84:d5:67:78:9e:55:a4:5e:37:10:91:e3:bf:5e:
30:6b:87:75:6a:67:b8:17:eb:29:9f:1b:fe:09:28:39:ab:90:
92:10:7c:6d:4b:f1:35:b1:67:c5:59:19:61:70:79:96:a8:bb:
e2:b7:e8:65:a1:92:42:f0:ad:c1:3f:82:00:0d:c8:fb:85:53:
bf:a6:49:c0:4e:83:c8:25:0f:0c:13:ba:b6:22:67:a4:19:3b:
4e:e6:cb:ac:a9:e2:11:54:e4:85:a6:a7:1e:ea:fc:9d:f5:cc:
70:a2:a5:15:7e:8c:e1:28:1d:c4:b9:f8:8b:52:f2:7d:8c:7e:
a1:e7:90:9d:b3:ec:b4:ad:dc:18:4b:77:23:0e:a5:ea:73:f6:
4c:05:46:19:e1:8e:25:29:00:fd:0c:fa:9a:83:31:26:a9:ac:
da:07:0a:29:79:13:91:29:ca:2a:d6:02:e0:7c:73:d4:b6:b0:
81:27:3c:4a:a4:f2:07:21:00:3b:a9:a2:5e:18:c5:04:04:cb:
a6:b9:64:c4:f3:f9:23:fc:79:6a:ad:8c:bb:58:20:9d:9f:27:
11:56:8d:2e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEeAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcx
NTIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0MDQ3N0RDQTQxNkZE
NkU0RTlBOURGQjEwMzUzNUU5MTBDRTZFQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8V9ORzOD4nKsyt4XdMJYcXVyeJflLkSaoV30TNY8Jt+in8wf1
MAHgRejfp6+Yi9njbXijfWc/m76O6q7ANNHs7EIknlUguu5jFKStnzHy/EHuicMr
sEMvq4LDwjBLiju0rqcMyHfDfUUxEt5iChDlAy2Ephw//pfrcq4oYDN/m4yJC2GH
of7jzIh94JEVb5aoPHiNXz8p0Dt+D83mJAv2Xoc5v/+gY1jtJz6VQDx9nOcpDGxG
oRjkmOTh0yFxtVD7fQxpYaHz2263uxXC4eGvNzHjLc00cR5FZ/PBHtfIlIHF7XqJ
pUbHPJZOLsVPwfuerhA3SWQG3swVe7iKADq5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBAR33KQW/W5Omp37EDU16RDObqgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0JBUjMzS1FXX1c1T21w
MzdFRFUxNlJET2JxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAMMKflCMEzw427CBz2LnkjSCDwVy71gf6
1vnD6f1/ZWT1lHfovs2rJ4TVZ3ieVaReNxCR479eMGuHdWpnuBfrKZ8b/gkoOauQ
khB8bUvxNbFnxVkZYXB5lqi74rfoZaGSQvCtwT+CAA3I+4VTv6ZJwE6DyCUPDBO6
tiJnpBk7TubLrKniEVTkhaanHur8nfXMcKKlFX6M4SgdxLn4i1LyfYx+oeeQnbPs
tK3cGEt3Iw6l6nP2TAVGGeGOJSkA/Qz6moMxJqms2gcKKXkTkSnKKtYC4Hxz1Law
gSc8SqTyByEAO6miXhjFBATLprlkxPP5I/x5aq2Mu1ggnZ8nEVaNLg==
-----END CERTIFICATE-----
Generated at Sun Apr 7 16:48:23 2024 by rpki-client on console-ams.rpki-client.org