Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/BPdvBP3YsrrngvXnJV7g-Uru0OI.roa
File: BPdvBP3YsrrngvXnJV7g-Uru0OI.roa (raw, json)
Hash identifier: eVUz2pCbkcVYmKtpEuUStn9XeTuGK45U4gs5XuATRV0=
Subject key identifier: 04:F7:6F:04:FD:D8:B2:BA:E7:82:F5:E7:25:5E:E0:F9:4A:EE:D0:E2
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0DC0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BPdvBP3YsrrngvXnJV7g-Uru0OI.roa
Signing time: Wed 27 Mar 2024 15:22:27 +0000
ROA not before: Wed 27 Mar 2024 15:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3520 (0xdc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 27 15:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=04F76F04FDD8B2BAE782F5E7255EE0F94AEED0E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:13:5d:7c:06:d9:95:16:61:c6:71:c9:91:
8e:f8:16:e9:ef:7d:a2:bc:bb:b3:74:8a:09:e3:4d:
64:16:53:94:da:18:02:56:dd:6b:37:fd:0d:53:cf:
03:38:9f:f9:5e:ae:d3:b1:d8:01:74:73:cc:83:22:
42:95:86:13:f5:c4:1a:ba:c0:06:c6:e0:cf:56:6d:
4e:ac:5c:58:f4:44:75:72:b7:ae:27:a7:1b:e9:a5:
ed:84:27:e6:f7:c6:48:ff:cd:cb:83:0a:65:d7:c2:
77:d6:35:2d:d7:f7:fa:5f:71:c3:9c:a0:0a:d6:97:
8f:85:ea:9e:15:b0:16:9b:4e:90:19:d5:60:6c:3c:
60:0b:ae:8d:be:ad:7d:3f:3a:43:10:fe:90:a3:ec:
20:cf:43:ad:a0:bc:70:a3:9f:dd:fc:da:88:e5:ea:
34:c2:d1:17:7d:81:48:53:fa:6d:d0:aa:ee:87:5d:
2e:d5:17:c7:88:ff:d3:c2:7b:ae:84:f7:a5:98:96:
c9:ad:76:00:d7:72:08:db:a2:53:c8:c2:01:90:07:
0c:48:27:00:ef:71:90:f0:9c:87:24:00:ce:6a:f6:
ea:77:cd:21:29:2f:38:60:0d:86:16:fa:c2:79:0b:
ec:d5:2d:3e:c4:97:4b:65:d9:6b:b2:57:76:ab:f9:
21:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F7:6F:04:FD:D8:B2:BA:E7:82:F5:E7:25:5E:E0:F9:4A:EE:D0:E2
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BPdvBP3YsrrngvXnJV7g-Uru0OI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:d3:8a:36:e2:d6:88:cf:ff:8b:f4:b6:f3:a2:34:ea:f1:ee:
37:72:38:ac:09:3c:9e:63:1d:5a:8e:5e:fa:ac:64:a6:bf:74:
df:53:74:c4:39:b2:81:ce:e0:50:5f:e0:76:89:5c:8b:f1:72:
d0:1b:85:c9:f3:07:04:d1:04:d8:53:b7:8a:75:ad:ed:06:19:
f4:86:45:29:74:aa:4a:75:d0:08:5a:01:ce:fa:b7:33:6e:22:
a8:10:dd:36:db:53:b9:41:76:64:01:6b:41:76:f9:54:b2:62:
e3:75:79:24:e1:c6:25:74:f7:a4:b5:8e:1f:f2:4e:ee:60:a7:
0a:cf:6c:a5:1f:d3:56:d3:bd:35:d1:c0:0b:28:b3:2f:aa:42:
10:25:cd:4f:c9:dd:05:e7:69:62:ca:da:49:73:8d:21:e8:f5:
45:3f:68:3d:cd:80:6e:0e:23:08:04:92:9a:4b:61:6d:35:d4:
60:2e:cd:da:95:51:22:80:53:5c:13:68:0a:31:2e:71:f7:6a:
2c:43:bb:ce:1e:1f:4b:96:ec:ca:c7:e8:9b:c3:10:0e:ca:29:
a1:ca:ab:4c:f0:bd:39:6e:80:b5:6f:ed:52:6c:6d:77:26:a3:
a5:53:92:73:1c:43:16:fd:a9:f1:ea:fd:93:46:94:de:d7:35:
2b:97:b1:aa
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjcx
NTIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0Rjc2RjA0RkREOEIy
QkFFNzgyRjVFNzI1NUVFMEY5NEFFRUQwRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHRxNdfAbZlRZhxnHJkY74FunvfaK8u7N0ignjTWQWU5TaGAJW
3Ws3/Q1TzwM4n/lertOx2AF0c8yDIkKVhhP1xBq6wAbG4M9WbU6sXFj0RHVyt64n
pxvppe2EJ+b3xkj/zcuDCmXXwnfWNS3X9/pfccOcoArWl4+F6p4VsBabTpAZ1WBs
PGALro2+rX0/OkMQ/pCj7CDPQ62gvHCjn9382ojl6jTC0Rd9gUhT+m3Qqu6HXS7V
F8eI/9PCe66E96WYlsmtdgDXcgjbolPIwgGQBwxIJwDvcZDwnIckAM5q9up3zSEp
LzhgDYYW+sJ5C+zVLT7El0tl2WuyV3ar+SF1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBPdvBP3YsrrngvXnJV7g+Uru0OIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0JQZHZCUDNZc3Jybmd2
WG5KVjdnLVVydTBPSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAFdOKNuLWiM//i/S286I06vHuN3I4rAk8
nmMdWo5e+qxkpr9031N0xDmygc7gUF/gdolci/Fy0BuFyfMHBNEE2FO3inWt7QYZ
9IZFKXSqSnXQCFoBzvq3M24iqBDdNttTuUF2ZAFrQXb5VLJi43V5JOHGJXT3pLWO
H/JO7mCnCs9spR/TVtO9NdHACyizL6pCECXNT8ndBedpYsraSXONIej1RT9oPc2A
bg4jCASSmkthbTXUYC7N2pVRIoBTXBNoCjEucfdqLEO7zh4fS5bsysfom8MQDsop
ocqrTPC9OW6AtW/tUmxtdyajpVOScxxDFv2p8er9k0aU3tc1K5exqg==
-----END CERTIFICATE-----
Generated at Wed Mar 27 20:51:07 2024 by rpki-client on console-fra.rpki-client.org