Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/W_b2Z7XbR9QzESgG5JTyjwmL-L0.roa
File: W_b2Z7XbR9QzESgG5JTyjwmL-L0.roa (raw, json)
Hash identifier: 7ish+iLupGwvHiWCWmEWu1SHI/SVGNe5j1Dnj943Fys=
Subject key identifier: 5B:F6:F6:67:B5:DB:47:D4:33:11:28:06:E4:94:F2:8F:09:8B:F8:BD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1512
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/W_b2Z7XbR9QzESgG5JTyjwmL-L0.roa
Signing time: Tue 16 Apr 2024 03:53:21 +0000
ROA not before: Tue 16 Apr 2024 03:53:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5394 (0x1512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 16 03:53:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5BF6F667B5DB47D433112806E494F28F098BF8BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:26:53:80:81:dd:63:ea:fa:af:2b:73:20:94:
08:db:34:13:dd:4d:99:c1:f9:28:bf:b2:87:30:e9:
a4:7d:24:f5:9e:f9:dd:9f:9f:f8:2a:15:8f:b0:f3:
80:ea:dc:c5:b4:ee:c7:df:ac:9c:b2:54:8f:c0:51:
d4:18:bd:93:e1:19:17:03:cb:3a:f4:e8:49:f9:06:
df:d9:a4:a8:bf:1f:0a:00:61:87:41:22:c6:79:b3:
9c:dc:5d:35:bd:1f:e0:e6:d2:49:76:00:94:33:ad:
86:1d:c8:fb:6b:b7:93:ea:9d:38:29:22:98:b3:6e:
c4:85:d7:90:c3:81:b7:62:0c:30:25:65:ae:e0:e7:
44:41:89:ed:c9:4c:41:6d:74:cf:66:c5:f1:5a:78:
d1:eb:ec:1a:ab:34:9c:3e:8a:09:75:5f:43:e2:20:
52:9e:09:46:b4:80:47:46:67:54:97:6e:1f:a7:a2:
0d:4c:aa:f9:ec:90:99:c3:80:0a:d3:ac:fc:5f:e7:
1d:11:ac:b1:f5:82:07:a0:81:d8:c0:cd:fa:7f:14:
fa:79:60:64:85:ee:52:69:bd:be:33:e8:b5:1a:eb:
b4:e8:27:d4:17:52:fb:39:ce:03:2d:59:6b:8f:b4:
c0:31:76:5e:1f:cf:db:46:b7:57:99:f2:eb:00:da:
f1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F6:F6:67:B5:DB:47:D4:33:11:28:06:E4:94:F2:8F:09:8B:F8:BD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/W_b2Z7XbR9QzESgG5JTyjwmL-L0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d2:21:7a:2b:53:ec:71:0d:98:b8:01:2a:a1:fa:3a:53:30:58:
d6:64:1b:c5:34:cf:17:a5:1b:6b:68:a2:26:3b:bb:76:76:51:
e7:da:ff:2a:50:b4:83:cd:30:71:fc:dd:76:75:10:02:fa:1d:
d6:12:27:d2:c6:74:21:30:f4:1b:a1:40:a2:7d:6c:03:d2:4f:
52:14:10:9a:fe:03:99:29:58:58:67:ae:6e:48:f7:a7:9a:ac:
8f:d0:e2:c5:5b:07:a2:aa:e0:66:e7:9d:a5:90:54:41:c3:67:
d2:18:28:7b:02:49:27:f2:db:a3:cd:59:54:c8:dc:91:d7:2c:
3b:1b:b8:3a:f7:73:41:99:22:15:65:92:86:8f:ed:e9:ac:14:
8e:07:8a:34:81:ed:c7:39:21:05:7f:d3:16:c6:ba:6f:46:5f:
48:3b:9d:07:9b:4d:4c:7e:b3:fa:de:36:59:de:01:34:c8:bd:
a3:ca:94:77:76:21:2c:7b:a7:1f:89:8b:7f:9f:e6:e5:34:82:
cb:4a:ab:1c:90:0c:71:67:d9:35:9e:f1:dd:e9:1c:f0:ff:56:
64:f1:6e:1e:bc:1c:34:fb:af:68:53:c9:31:ba:11:c6:32:73:
c1:2b:5b:a4:9d:85:5e:8d:57:d0:df:8f:3e:b4:2d:21:1f:2d:
3c:54:3c:2b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFRIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTYw
MzUzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVCRjZGNjY3QjVEQjQ3
RDQzMzExMjgwNkU0OTRGMjhGMDk4QkY4QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2JlOAgd1j6vqvK3MglAjbNBPdTZnB+Si/socw6aR9JPWe+d2f
n/gqFY+w84Dq3MW07sffrJyyVI/AUdQYvZPhGRcDyzr06En5Bt/ZpKi/HwoAYYdB
IsZ5s5zcXTW9H+Dm0kl2AJQzrYYdyPtrt5PqnTgpIpizbsSF15DDgbdiDDAlZa7g
50RBie3JTEFtdM9mxfFaeNHr7BqrNJw+igl1X0PiIFKeCUa0gEdGZ1SXbh+nog1M
qvnskJnDgArTrPxf5x0RrLH1ggeggdjAzfp/FPp5YGSF7lJpvb4z6LUa67ToJ9QX
Uvs5zgMtWWuPtMAxdl4fz9tGt1eZ8usA2vE/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUW/b2Z7XbR9QzESgG5JTyjwmL+L0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1dfYjJaN1hiUjlRekVT
Z0c1SlR5andtTC1MMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA0iF6K1PscQ2YuAEqofo6UzBY1mQbxTTP
F6Uba2iiJju7dnZR59r/KlC0g80wcfzddnUQAvod1hIn0sZ0ITD0G6FAon1sA9JP
UhQQmv4DmSlYWGeubkj3p5qsj9DixVsHoqrgZuedpZBUQcNn0hgoewJJJ/Lbo81Z
VMjckdcsOxu4OvdzQZkiFWWSho/t6awUjgeKNIHtxzkhBX/TFsa6b0ZfSDudB5tN
TH6z+t42Wd4BNMi9o8qUd3YhLHunH4mLf5/m5TSCy0qrHJAMcWfZNZ7x3ekc8P9W
ZPFuHrwcNPuvaFPJMboRxjJzwStbpJ2FXo1X0N+PPrQtIR8tPFQ8Kw==
-----END CERTIFICATE-----
Generated at Tue Apr 16 08:59:28 2024 by rpki-client on console-ams.rpki-client.org