Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/BSx5wGqhbDLxKOGq-O6ZxFJKeho.roa
File: BSx5wGqhbDLxKOGq-O6ZxFJKeho.roa (raw, json)
Hash identifier: y4vQjaszAS9LvfhborzWLjeQWY4knkDV4mzRD19NIaY=
Subject key identifier: 05:2C:79:C0:6A:A1:6C:32:F1:28:E1:AA:F8:EE:99:C4:52:4A:7A:1A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BF2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BSx5wGqhbDLxKOGq-O6ZxFJKeho.roa
Signing time: Sat 04 May 2024 11:54:13 +0000
ROA not before: Sat 04 May 2024 11:54:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7154 (0x1bf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 11:54:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=052C79C06AA16C32F128E1AAF8EE99C4524A7A1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e1:d1:ba:6d:ec:8f:82:2f:9a:63:07:62:53:
73:b5:04:8b:9e:cd:58:b1:42:3d:1a:97:b5:7d:3e:
56:e8:8b:99:37:1d:fc:fa:da:f4:61:a4:a4:dc:cb:
4e:29:54:1f:d3:39:8a:2b:98:30:7b:b5:56:dd:57:
6a:79:9d:f7:f0:69:f4:8e:70:7c:12:70:8a:98:9f:
c8:5e:03:3c:39:45:c8:65:d6:fb:0d:2a:e7:8d:47:
61:c7:9f:a4:80:de:fb:9b:97:03:58:ae:a4:23:dd:
36:e7:de:e3:84:69:9a:06:c1:43:9e:cd:29:90:90:
3b:91:76:57:dd:3f:c7:c4:91:33:69:e9:ba:b4:59:
8d:32:0a:eb:d1:d7:4f:2e:7f:af:e4:2f:a2:98:9a:
50:4e:57:9d:7f:9f:57:0e:46:53:ea:0a:42:ec:7e:
65:e3:15:3f:70:71:f8:f9:34:c4:71:46:64:1a:22:
88:5d:f0:79:0c:b8:fd:01:02:9f:b9:9e:77:68:62:
00:11:84:fd:09:77:b6:b7:9a:81:5f:87:0e:3c:60:
d9:74:a0:e8:0d:50:a0:6d:55:22:b9:74:c6:d9:e0:
1b:f1:c0:f2:54:e5:36:34:73:d5:d8:69:90:1c:57:
ce:3f:40:2a:68:6f:02:c2:02:9f:a5:36:e9:b2:38:
a5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:2C:79:C0:6A:A1:6C:32:F1:28:E1:AA:F8:EE:99:C4:52:4A:7A:1A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BSx5wGqhbDLxKOGq-O6ZxFJKeho.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:15:52:a2:71:48:85:e9:12:5a:f7:c2:6c:d9:1b:13:ec:50:
5e:f3:46:df:89:ef:29:53:ba:21:68:55:ce:56:45:08:98:52:
66:3e:2e:8a:6a:94:b2:9e:92:b7:da:a6:55:4d:f8:ca:ea:4a:
89:eb:92:95:20:89:80:b2:07:00:c9:0a:78:fd:6c:c0:14:08:
71:d1:80:ab:c2:2c:f8:95:4c:7b:00:a2:3d:18:31:1a:60:f6:
7c:6b:9b:fb:87:ce:36:02:3f:73:dd:58:7d:13:a1:95:35:cf:
a8:a4:51:b7:c8:1d:d7:d6:53:9e:2a:f6:2f:7d:af:63:30:ca:
12:b6:44:43:a1:84:8f:2a:eb:8e:81:da:c8:2b:82:5a:6a:28:
5d:e2:71:d5:4d:19:89:2f:dc:45:9b:c2:84:8f:93:ca:6a:34:
68:88:9a:b2:a7:2e:f7:85:78:44:3a:e2:5d:44:a0:f8:f6:a6:
8f:90:78:e1:57:49:08:18:17:6d:7b:4d:9c:8e:0d:b6:65:e4:
f0:11:b8:98:91:15:43:a8:58:2a:3f:28:51:b8:15:9a:ae:a5:
7c:c4:ff:8d:83:51:ef:2d:00:35:40:79:09:fc:d0:ea:6c:66:
fc:e3:eb:7a:9e:94:db:25:ae:9e:e9:ad:3c:b5:ea:fa:d8:17:
97:41:82:87
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQx
MTU0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1MkM3OUMwNkFBMTZD
MzJGMTI4RTFBQUY4RUU5OUM0NTI0QTdBMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ4dG6beyPgi+aYwdiU3O1BIuezVixQj0al7V9Plboi5k3Hfz6
2vRhpKTcy04pVB/TOYormDB7tVbdV2p5nffwafSOcHwScIqYn8heAzw5Rchl1vsN
KueNR2HHn6SA3vublwNYrqQj3Tbn3uOEaZoGwUOezSmQkDuRdlfdP8fEkTNp6bq0
WY0yCuvR108uf6/kL6KYmlBOV51/n1cORlPqCkLsfmXjFT9wcfj5NMRxRmQaIohd
8HkMuP0BAp+5nndoYgARhP0Jd7a3moFfhw48YNl0oOgNUKBtVSK5dMbZ4BvxwPJU
5TY0c9XYaZAcV84/QCpobwLCAp+lNumyOKWzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBSx5wGqhbDLxKOGq+O6ZxFJKehowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0JTeDV3R3FoYkRMeEtP
R3EtTzZaeEZKS2Voby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAYhVSonFIhekSWvfCbNkbE+xQXvNG34nv
KVO6IWhVzlZFCJhSZj4uimqUsp6St9qmVU34yupKieuSlSCJgLIHAMkKeP1swBQI
cdGAq8Is+JVMewCiPRgxGmD2fGub+4fONgI/c91YfROhlTXPqKRRt8gd19ZTnir2
L32vYzDKErZEQ6GEjyrrjoHayCuCWmooXeJx1U0ZiS/cRZvChI+Tymo0aIiasqcu
94V4RDriXUSg+Pamj5B44VdJCBgXbXtNnI4NtmXk8BG4mJEVQ6hYKj8oUbgVmq6l
fMT/jYNR7y0ANUB5CfzQ6mxm/OPrep6U2yWunumtPLXq+tgXl0GChw==
-----END CERTIFICATE-----
Generated at Sat May 4 12:55:50 2024 by rpki-client on console-fra.rpki-client.org