Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/W0wqfBh7rwL8MOePyy90XwK0Q20.roa
File: W0wqfBh7rwL8MOePyy90XwK0Q20.roa (raw, json)
Hash identifier: jsddpzyGrei7ZWqFpT3sBXKa3hGzVONvmG6x2grGhFs=
Subject key identifier: 5B:4C:2A:7C:18:7B:AF:02:FC:30:E7:8F:CB:2F:74:5F:02:B4:43:6D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1084
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/W0wqfBh7rwL8MOePyy90XwK0Q20.roa
Signing time: Thu 04 Apr 2024 00:22:45 +0000
ROA not before: Thu 04 Apr 2024 00:22:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4228 (0x1084)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 00:22:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5B4C2A7C187BAF02FC30E78FCB2F745F02B4436D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:90:3e:ba:c7:35:95:3c:cd:3c:83:dd:e0:72:
47:70:a4:55:d4:50:4d:b5:ad:ce:b5:69:4d:4f:fe:
16:7f:2a:25:6b:91:26:d5:21:2b:b6:ed:38:6c:f4:
43:11:9f:ca:46:13:e3:77:11:56:6f:db:ba:69:28:
ec:b4:2a:5d:b6:b9:71:34:03:85:4e:56:ec:de:93:
f7:c1:2f:54:12:c1:33:b0:c4:a4:b5:83:96:64:18:
7d:0b:e1:07:a2:99:5b:2f:3f:94:38:ca:15:14:df:
a8:e0:5e:79:2c:4e:a1:ff:bd:14:19:33:03:45:08:
fc:8e:ff:b6:a6:75:54:8e:34:07:ea:f4:d8:26:38:
69:16:8e:f1:22:20:5d:73:1d:aa:d0:a1:bb:0a:15:
e1:ea:fe:41:ec:65:24:ed:6f:ed:b8:a2:cb:59:2a:
dc:2d:81:67:6c:a7:5d:a9:62:18:e0:89:ca:83:96:
ea:35:0e:ef:77:46:15:af:f4:cc:d3:31:13:f0:db:
60:47:7b:ef:1b:c5:e8:8e:49:41:ac:72:ef:23:ed:
66:aa:48:87:e3:c2:42:55:a6:53:64:18:e8:90:a0:
46:07:72:d4:a9:8a:ea:e4:3b:d9:ca:03:06:c5:4d:
dc:c5:e5:a0:c2:75:15:26:b9:1c:6d:73:70:40:62:
b4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4C:2A:7C:18:7B:AF:02:FC:30:E7:8F:CB:2F:74:5F:02:B4:43:6D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/W0wqfBh7rwL8MOePyy90XwK0Q20.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:d8:23:86:9e:06:21:af:ff:e2:be:5b:80:05:0f:18:6b:37:
3f:78:24:06:8d:b8:7b:ed:de:99:8e:d8:19:30:66:20:bc:c8:
d4:1d:3d:37:25:cd:08:3b:91:b8:c4:12:74:6d:f0:b3:50:93:
4a:45:64:8e:69:21:46:2e:03:69:36:56:82:7a:aa:6b:7d:f3:
85:47:56:8f:5f:06:5b:95:40:9f:45:2c:3b:be:d5:23:b7:40:
d6:80:e2:4d:80:95:e3:80:59:63:ba:22:f1:90:16:c3:60:a6:
18:40:a3:b7:f5:c7:ba:c4:cf:44:45:5a:9e:48:ef:31:c1:1f:
5a:88:d7:66:c3:77:8e:1b:e0:40:e1:ae:71:a6:ae:f7:93:47:
c4:6c:a3:6c:67:25:28:20:9b:68:6c:e3:e6:e5:17:74:bf:45:
ca:19:ed:fe:93:1c:22:17:ec:d6:31:c8:8a:f4:36:32:8b:98:
ef:a4:fb:ab:55:97:c6:ec:e5:3d:a3:5f:1d:3f:fe:b9:76:8a:
bf:d2:d3:c8:ce:51:b5:b0:5a:86:d6:69:d4:21:33:f7:af:c3:
c9:45:62:af:3d:e8:5e:23:7a:b7:fa:ef:3e:da:91:df:57:b8:
24:05:aa:f2:8e:21:b4:4f:3d:f3:99:34:93:c0:81:cb:d2:2a:
24:f8:1a:24
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQw
MDIyNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCNEMyQTdDMTg3QkFG
MDJGQzMwRTc4RkNCMkY3NDVGMDJCNDQzNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPkD66xzWVPM08g93gckdwpFXUUE21rc61aU1P/hZ/KiVrkSbV
ISu27Ths9EMRn8pGE+N3EVZv27ppKOy0Kl22uXE0A4VOVuzek/fBL1QSwTOwxKS1
g5ZkGH0L4QeimVsvP5Q4yhUU36jgXnksTqH/vRQZMwNFCPyO/7amdVSONAfq9Ngm
OGkWjvEiIF1zHarQobsKFeHq/kHsZSTtb+24ostZKtwtgWdsp12pYhjgicqDluo1
Du93RhWv9MzTMRPw22BHe+8bxeiOSUGscu8j7WaqSIfjwkJVplNkGOiQoEYHctSp
iurkO9nKAwbFTdzF5aDCdRUmuRxtc3BAYrQpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUW0wqfBh7rwL8MOePyy90XwK0Q20wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1cwd3FmQmg3cndMOE1P
ZVB5eTkwWHdLMFEyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAX9gjhp4GIa//4r5bgAUPGGs3P3gkBo24
e+3emY7YGTBmILzI1B09NyXNCDuRuMQSdG3ws1CTSkVkjmkhRi4DaTZWgnqqa33z
hUdWj18GW5VAn0UsO77VI7dA1oDiTYCV44BZY7oi8ZAWw2CmGECjt/XHusTPREVa
nkjvMcEfWojXZsN3jhvgQOGucaau95NHxGyjbGclKCCbaGzj5uUXdL9Fyhnt/pMc
Ihfs1jHIivQ2MouY76T7q1WXxuzlPaNfHT/+uXaKv9LTyM5RtbBahtZp1CEz96/D
yUVirz3oXiN6t/rvPtqR31e4JAWq8o4htE8985k0k8CBy9IqJPgaJA==
-----END CERTIFICATE-----
Generated at Thu Apr 4 02:11:46 2024 by rpki-client on console-ams.rpki-client.org