Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/RWxDFX-YMhzNxUs1_eLGrlw7zyE.roa
File: RWxDFX-YMhzNxUs1_eLGrlw7zyE.roa (raw, json)
Hash identifier: nBZDAfq3yic+M5d0EqsWZMScPiZxQfTlz60vues+7Cg=
Subject key identifier: 45:6C:43:15:7F:98:32:1C:CD:C5:4B:35:FD:E2:C6:AE:5C:3B:CF:21
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0DA0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/RWxDFX-YMhzNxUs1_eLGrlw7zyE.roa
Signing time: Wed 27 Mar 2024 07:28:12 +0000
ROA not before: Wed 27 Mar 2024 07:28:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3488 (0xda0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 27 07:28:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=456C43157F98321CCDC54B35FDE2C6AE5C3BCF21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:90:40:2c:db:30:10:1b:75:ae:26:cf:ef:1a:
cb:80:8b:24:23:67:a9:f5:d3:b7:f5:98:ae:cb:d3:
d3:56:6d:29:f2:3a:8c:98:6e:ff:c0:f5:2b:6f:8f:
7c:43:a3:73:44:c6:4f:b7:42:09:c9:1a:7a:5a:e7:
df:67:88:34:37:9d:80:80:61:49:f3:e9:7a:dd:fb:
06:da:4f:68:6f:e9:d4:23:c3:a0:dc:65:50:3e:54:
64:45:69:15:3c:b5:81:ab:17:67:19:32:de:6d:7a:
fb:e9:e2:69:99:2c:7f:0e:11:00:2c:42:2b:63:76:
ac:88:31:ca:8c:73:f9:1b:04:b6:83:63:3b:ce:9c:
f3:78:48:ef:ff:c5:6c:2f:1d:bb:92:89:06:c0:dd:
27:01:14:03:48:0e:02:ec:b9:5c:27:0d:44:dc:fb:
21:40:9e:32:e1:98:d8:52:ba:6e:b2:63:c5:7a:bc:
91:c8:7c:4d:36:af:be:09:78:e2:14:bb:56:cb:38:
b7:30:66:aa:cd:19:1e:ac:8a:fd:d1:83:0a:4b:72:
6b:13:d0:1e:92:1b:5a:f1:2c:3b:5f:fa:6b:ab:49:
e3:07:9e:16:f1:b5:57:70:1a:8b:9f:0b:04:de:b4:
a2:2b:9e:fd:4b:ae:2a:3c:67:b3:02:8d:a8:2d:45:
50:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6C:43:15:7F:98:32:1C:CD:C5:4B:35:FD:E2:C6:AE:5C:3B:CF:21
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/RWxDFX-YMhzNxUs1_eLGrlw7zyE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:0b:1c:9c:32:74:7f:33:f9:dc:81:f4:14:82:49:5d:ab:e9:
50:4c:7b:fd:39:95:ba:a4:eb:47:34:06:4d:92:c9:82:47:a6:
82:d9:e8:7b:be:e6:38:38:77:f4:86:3d:6b:17:f4:e1:35:c8:
36:a7:14:5f:1e:31:94:8f:e2:28:f3:3b:13:54:5b:24:f0:6b:
88:a4:44:97:5e:25:77:69:1b:58:88:78:b5:a4:ed:0d:8d:40:
36:d9:15:a0:b8:75:82:53:01:97:47:40:3c:58:3b:be:2b:91:
d7:2e:0a:78:cf:2c:9a:ab:96:08:e1:8c:00:da:7c:b4:e8:ab:
98:cb:d4:3f:86:8d:31:0c:e0:8c:35:0a:34:d9:90:19:37:28:
57:71:db:90:c8:c3:00:91:92:6c:99:f7:e1:fa:8b:a3:d3:a5:
ea:ed:c8:18:fa:50:07:9c:16:41:f6:a2:c9:ba:35:95:62:e2:
51:1e:fd:27:2c:9f:9a:1f:e6:a6:7f:d9:6d:20:c2:be:c1:92:
f0:42:d0:a2:54:4e:c5:db:0f:01:43:78:69:ca:37:77:ef:89:
29:f8:9a:6b:2c:ff:b7:60:98:63:a9:bf:51:dc:f3:db:2e:d5:
ef:0c:a3:fa:60:31:95:2f:d8:8d:26:b8:55:6a:a8:89:60:65:
91:68:fa:38
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjcw
NzI4MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1NkM0MzE1N0Y5ODMy
MUNDREM1NEIzNUZERTJDNkFFNUMzQkNGMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtkEAs2zAQG3WuJs/vGsuAiyQjZ6n107f1mK7L09NWbSnyOoyY
bv/A9Stvj3xDo3NExk+3QgnJGnpa599niDQ3nYCAYUnz6Xrd+wbaT2hv6dQjw6Dc
ZVA+VGRFaRU8tYGrF2cZMt5tevvp4mmZLH8OEQAsQitjdqyIMcqMc/kbBLaDYzvO
nPN4SO//xWwvHbuSiQbA3ScBFANIDgLsuVwnDUTc+yFAnjLhmNhSum6yY8V6vJHI
fE02r74JeOIUu1bLOLcwZqrNGR6siv3RgwpLcmsT0B6SG1rxLDtf+murSeMHnhbx
tVdwGoufCwTetKIrnv1Lrio8Z7MCjagtRVDxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURWxDFX+YMhzNxUs1/eLGrlw7zyEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1JXeERGWC1ZTWh6TnhV
czFfZUxHcmx3N3p5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAjAscnDJ0fzP53IH0FIJJXavpUEx7/TmV
uqTrRzQGTZLJgkemgtnoe77mODh39IY9axf04TXINqcUXx4xlI/iKPM7E1RbJPBr
iKREl14ld2kbWIh4taTtDY1ANtkVoLh1glMBl0dAPFg7viuR1y4KeM8smquWCOGM
ANp8tOirmMvUP4aNMQzgjDUKNNmQGTcoV3HbkMjDAJGSbJn34fqLo9Ol6u3IGPpQ
B5wWQfaiybo1lWLiUR79Jyyfmh/mpn/ZbSDCvsGS8ELQolROxdsPAUN4aco3d++J
Kfiaayz/t2CYY6m/Udzz2y7V7wyj+mAxlS/YjSa4VWqoiWBlkWj6OA==
-----END CERTIFICATE-----
Generated at Wed Mar 27 12:42:45 2024 by rpki-client on console-fra.rpki-client.org