Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/W55p6KbZyPnHJ1gUM6_toOPXc4s.roa
File: W55p6KbZyPnHJ1gUM6_toOPXc4s.roa (raw, json)
Hash identifier: 61RlwPVy9P6pZhiA/814rX7kh2jpW3jikWG7KM1nTtQ=
Subject key identifier: 5B:9E:69:E8:A6:D9:C8:F9:C7:27:58:14:33:AF:ED:A0:E3:D7:73:8B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1CF2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/W55p6KbZyPnHJ1gUM6_toOPXc4s.roa
Signing time: Tue 07 May 2024 03:54:19 +0000
ROA not before: Tue 07 May 2024 03:54:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7410 (0x1cf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 7 03:54:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5B9E69E8A6D9C8F9C727581433AFEDA0E3D7738B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:fc:b1:8b:99:e1:a6:f1:e3:f2:f3:05:9d:4c:
b7:52:76:bb:f7:80:d7:62:92:9b:33:1e:b9:3f:7a:
59:f1:10:41:6c:43:84:3d:77:08:b5:a1:28:69:6d:
02:30:e4:72:28:83:6a:c7:61:f8:b5:a5:93:90:35:
f4:8f:fc:a3:ef:2a:59:c6:28:c0:5b:3e:85:ac:43:
af:3d:23:bd:70:2e:23:92:2e:69:12:05:26:4a:ea:
87:d7:61:b9:04:1e:ac:26:ae:57:b6:0a:07:7d:d1:
fb:6e:8a:7c:f3:b0:9a:3a:02:a9:69:24:0b:ed:90:
d2:9b:3b:db:bd:46:65:ea:bc:5c:c2:9a:d7:c7:1e:
41:56:0b:2c:f8:ea:55:57:00:d9:b0:b9:29:e3:39:
c9:56:4d:06:c1:44:e4:e3:a7:5d:71:15:bf:32:cc:
04:a0:1c:9d:f3:fe:c9:6b:c2:0b:4f:e5:2a:62:ad:
94:d3:60:f9:a6:22:9f:0e:ee:b8:e3:f0:8a:6a:c9:
43:c3:13:da:b8:f9:0e:e3:89:14:09:90:f6:3b:99:
10:be:74:37:3f:83:20:10:f6:1b:76:c0:b2:52:66:
25:cf:55:eb:8c:7a:d2:e2:d0:62:da:85:ed:7c:cc:
36:1a:62:6e:04:66:ed:85:9d:f1:30:ad:fd:8b:ab:
d0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9E:69:E8:A6:D9:C8:F9:C7:27:58:14:33:AF:ED:A0:E3:D7:73:8B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/W55p6KbZyPnHJ1gUM6_toOPXc4s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:d8:19:a5:32:80:50:5c:e0:1c:81:30:b5:9b:17:03:bd:ac:
de:2d:39:f7:27:87:dc:d5:7a:4d:66:9c:d0:8b:46:14:17:e5:
f5:c3:cf:ed:48:a2:71:f3:ed:0d:d9:7b:35:b7:4b:de:82:73:
5d:ea:c6:72:f0:c3:7e:ad:eb:7a:3c:0a:d7:79:0a:fb:63:f6:
a5:1e:41:c7:a6:0a:06:1f:0b:c9:29:36:e0:0d:b7:a2:93:bb:
83:d6:2b:27:30:d1:dc:56:36:96:a2:fb:47:48:60:ba:a9:c0:
5f:06:2d:1a:3e:3e:03:55:db:f3:b5:3c:9a:49:07:d0:c6:88:
e2:c7:fa:ca:2c:f1:66:6c:d8:d3:a2:da:86:55:43:a6:9b:aa:
01:20:64:e2:91:d9:72:ae:a2:f6:15:ae:fd:0b:e4:e0:13:47:
a8:07:09:9e:f7:94:ca:6c:b3:67:bd:5d:79:6b:da:d9:b9:9f:
1c:9b:8a:46:28:6f:27:f9:95:16:e8:96:9b:17:c7:fa:a3:83:
a4:ab:de:be:cf:4a:96:d0:10:4c:2e:f6:d7:95:20:88:5b:cf:
71:4e:a7:30:39:80:1f:34:f4:4c:8c:01:35:86:bd:44:e2:35:
e2:28:b0:09:eb:8c:27:a4:ac:c5:0f:db:56:c6:64:de:92:b5:
90:cf:8f:7a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDcw
MzU0MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCOUU2OUU4QTZEOUM4
RjlDNzI3NTgxNDMzQUZFREEwRTNENzczOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDx/LGLmeGm8ePy8wWdTLdSdrv3gNdikpszHrk/elnxEEFsQ4Q9
dwi1oShpbQIw5HIog2rHYfi1pZOQNfSP/KPvKlnGKMBbPoWsQ689I71wLiOSLmkS
BSZK6ofXYbkEHqwmrle2Cgd90ftuinzzsJo6AqlpJAvtkNKbO9u9RmXqvFzCmtfH
HkFWCyz46lVXANmwuSnjOclWTQbBROTjp11xFb8yzASgHJ3z/slrwgtP5SpirZTT
YPmmIp8O7rjj8IpqyUPDE9q4+Q7jiRQJkPY7mRC+dDc/gyAQ9ht2wLJSZiXPVeuM
etLi0GLahe18zDYaYm4EZu2FnfEwrf2Lq9BzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUW55p6KbZyPnHJ1gUM6/toOPXc4swHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1c1NXA2S2JaeVBuSEox
Z1VNNl90b09QWGM0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEATNgZpTKAUFzgHIEwtZsXA72s3i059yeH
3NV6TWac0ItGFBfl9cPP7UiicfPtDdl7NbdL3oJzXerGcvDDfq3rejwK13kK+2P2
pR5Bx6YKBh8LySk24A23opO7g9YrJzDR3FY2lqL7R0hguqnAXwYtGj4+A1Xb87U8
mkkH0MaI4sf6yizxZmzY06LahlVDppuqASBk4pHZcq6i9hWu/Qvk4BNHqAcJnveU
ymyzZ71deWva2bmfHJuKRihvJ/mVFuiWmxfH+qODpKvevs9KltAQTC7215UgiFvP
cU6nMDmAHzT0TIwBNYa9ROI14iiwCeuMJ6SsxQ/bVsZk3pK1kM+Peg==
-----END CERTIFICATE-----
Generated at Tue May 7 05:49:08 2024 by rpki-client on console-ams.rpki-client.org