Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/P2g0b5lWyfrcjsCTzFqqLlLMM1k.roa
File: P2g0b5lWyfrcjsCTzFqqLlLMM1k.roa (raw, json)
Hash identifier: DYM/z+SeyNY8Tf4ULe/mw/Rdycc4Zp3K46k1/GolRpo=
Subject key identifier: 3F:68:34:6F:99:56:C9:FA:DC:8E:C0:93:CC:5A:AA:2E:52:CC:33:59
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1CF0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/P2g0b5lWyfrcjsCTzFqqLlLMM1k.roa
Signing time: Tue 07 May 2024 03:24:57 +0000
ROA not before: Tue 07 May 2024 03:24:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7408 (0x1cf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 7 03:24:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3F68346F9956C9FADC8EC093CC5AAA2E52CC3359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:27:9d:1c:81:bc:80:2a:ca:2e:fa:e2:2b:4a:
5a:47:94:b2:9a:f8:50:1d:68:be:cb:35:19:62:56:
65:b4:96:7b:dd:59:e3:7a:ef:9f:da:7d:e7:e6:39:
6e:51:57:89:8d:e4:91:08:4a:be:44:66:63:21:f8:
76:61:f9:ba:5d:8c:c0:8d:7e:1d:19:5a:ff:8d:ed:
dc:9f:96:81:c5:ca:0e:39:e5:19:a8:f6:9f:98:2b:
99:6c:d0:7d:8c:2c:df:fc:e5:14:18:72:3c:28:d2:
cf:c4:71:3d:9a:06:58:20:8a:c4:73:64:6a:50:3e:
b2:8c:11:9c:08:5d:3b:15:60:0f:91:68:f2:62:aa:
c3:50:df:a2:33:2a:d5:22:40:76:ee:64:3e:d4:4d:
59:d1:b8:2b:20:af:dc:9d:ca:0a:6e:dd:5c:3d:b6:
50:57:bb:22:dc:cf:10:eb:dd:87:6d:29:5a:31:d6:
15:58:9b:fe:75:29:0e:4c:73:55:c0:24:ee:3b:44:
c3:7c:a0:51:bd:04:66:78:50:c5:9f:64:77:68:82:
b3:9b:b1:86:90:bd:8f:83:ea:30:00:76:cb:43:72:
15:a6:4d:4b:76:09:59:2f:2e:a6:0f:c8:86:52:7b:
fa:7e:08:9b:6b:b3:f4:d4:9e:26:fa:fd:ba:02:70:
10:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:68:34:6F:99:56:C9:FA:DC:8E:C0:93:CC:5A:AA:2E:52:CC:33:59
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/P2g0b5lWyfrcjsCTzFqqLlLMM1k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:8d:a9:59:e4:88:f9:9f:86:f4:3c:1c:77:e7:a4:1b:70:3b:
95:7e:77:19:f5:e7:5e:12:9b:8a:fb:bb:66:5f:13:6d:37:75:
97:16:f9:38:ed:77:40:af:7b:bd:c5:27:ae:df:25:f6:0c:fa:
6b:58:54:45:d9:e2:ae:c8:e8:16:ac:89:aa:b2:71:8e:38:61:
6b:b0:3d:fc:f5:e1:72:b2:fc:2e:5a:ed:c1:92:29:ce:40:d4:
74:da:d5:1d:ef:00:b2:b8:0b:62:3d:53:4d:76:cf:78:8f:13:
b2:1d:8e:66:9c:0f:41:3e:6e:c3:fd:28:e8:94:77:85:26:13:
36:a6:04:70:47:66:5a:01:06:f9:20:de:aa:d5:04:c6:a3:75:
ad:93:6c:61:60:02:9f:f2:93:7b:48:ce:77:10:ea:06:75:ff:
99:c0:96:34:cd:4f:27:17:6c:04:3d:b2:e0:22:46:24:53:35:
07:4e:99:c8:87:2e:cb:7c:ca:23:17:5f:ad:cb:76:2a:d7:ac:
d6:5d:fc:39:83:1a:bb:0e:0e:e0:ee:49:2c:68:6f:e8:d5:d7:
e4:39:70:dc:92:c2:39:da:46:94:54:b0:ec:89:bc:ac:50:16:
fc:ce:67:5c:7a:c9:07:54:c1:6b:75:d9:f9:78:53:be:91:e0:
66:25:a6:1d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDcw
MzI0NTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNGNjgzNDZGOTk1NkM5
RkFEQzhFQzA5M0NDNUFBQTJFNTJDQzMzNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXJ50cgbyAKsou+uIrSlpHlLKa+FAdaL7LNRliVmW0lnvdWeN6
75/afefmOW5RV4mN5JEISr5EZmMh+HZh+bpdjMCNfh0ZWv+N7dyfloHFyg455Rmo
9p+YK5ls0H2MLN/85RQYcjwo0s/EcT2aBlggisRzZGpQPrKMEZwIXTsVYA+RaPJi
qsNQ36IzKtUiQHbuZD7UTVnRuCsgr9ydygpu3Vw9tlBXuyLczxDr3YdtKVox1hVY
m/51KQ5Mc1XAJO47RMN8oFG9BGZ4UMWfZHdogrObsYaQvY+D6jAAdstDchWmTUt2
CVkvLqYPyIZSe/p+CJtrs/TUnib6/boCcBAJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUP2g0b5lWyfrcjsCTzFqqLlLMM1kwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1AyZzBiNWxXeWZyY2pz
Q1R6RnFxTGxMTU0xay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAF42pWeSI+Z+G9Dwcd+ekG3A7lX53GfXn
XhKbivu7Zl8TbTd1lxb5OO13QK97vcUnrt8l9gz6a1hURdnirsjoFqyJqrJxjjhh
a7A9/PXhcrL8LlrtwZIpzkDUdNrVHe8AsrgLYj1TTXbPeI8Tsh2OZpwPQT5uw/0o
6JR3hSYTNqYEcEdmWgEG+SDeqtUExqN1rZNsYWACn/KTe0jOdxDqBnX/mcCWNM1P
JxdsBD2y4CJGJFM1B06ZyIcuy3zKIxdfrct2Ktes1l38OYMauw4O4O5JLGhv6NXX
5Dlw3JLCOdpGlFSw7Im8rFAW/M5nXHrJB1TBa3XZ+XhTvpHgZiWmHQ==
-----END CERTIFICATE-----
Generated at Tue May 7 05:01:42 2024 by rpki-client on console-fra.rpki-client.org