Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ZWRHwfnb7jqR4t-9KVmNotBaGb0.roa
File: ZWRHwfnb7jqR4t-9KVmNotBaGb0.roa (raw, json)
Hash identifier: goG+4wA5kMpRinO0It8LZwLbmop23/byEkboTqhz0Ls=
Subject key identifier: 65:64:47:C1:F9:DB:EE:3A:91:E2:DF:BD:29:59:8D:A2:D0:5A:19:BD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 112E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ZWRHwfnb7jqR4t-9KVmNotBaGb0.roa
Signing time: Fri 05 Apr 2024 18:53:42 +0000
ROA not before: Fri 05 Apr 2024 18:53:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4398 (0x112e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 5 18:53:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=656447C1F9DBEE3A91E2DFBD29598DA2D05A19BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:db:1f:ff:59:33:7e:36:73:e2:56:eb:d9:5c:
a1:d4:38:66:55:fd:e3:22:7e:8c:8f:e2:a7:e5:92:
29:d6:a0:75:eb:05:50:08:db:91:5c:e8:51:36:d9:
44:32:1d:a1:09:ce:21:7f:10:1d:c9:55:9a:bc:55:
e1:fe:8c:07:28:af:a6:a9:38:3d:bc:f6:94:29:03:
6d:65:c3:49:ee:44:1c:20:fe:a9:69:ae:cf:bb:e7:
14:bd:e7:b4:77:05:43:33:12:a5:a0:6c:dd:69:ae:
65:a7:9f:bf:ac:42:10:c5:04:9a:87:05:b0:82:45:
a9:d3:25:89:bb:5a:18:d4:1c:41:9a:50:20:a0:67:
2e:d1:14:a2:0f:d7:77:f8:81:08:b8:a9:09:ef:af:
9b:70:36:96:61:87:f4:2b:b5:b7:51:e1:88:83:c8:
e0:9a:df:00:d8:a6:34:09:22:58:2a:71:98:72:2a:
d4:d3:27:b4:97:16:8a:7c:4e:5e:5e:eb:1f:34:31:
ed:57:49:69:ca:66:88:60:d6:6f:2e:a5:e0:a3:ce:
6a:90:ea:bf:41:ec:54:03:9d:62:c7:3a:84:21:18:
a7:d3:75:65:8e:58:4c:5c:d0:6d:da:fe:58:31:b1:
c2:0b:d0:59:60:91:92:23:f0:1a:b2:cb:8c:27:64:
cb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:64:47:C1:F9:DB:EE:3A:91:E2:DF:BD:29:59:8D:A2:D0:5A:19:BD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ZWRHwfnb7jqR4t-9KVmNotBaGb0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:08:5c:2f:fe:b6:0d:5b:ba:18:9a:c8:ba:fa:08:33:b5:63:
5d:4e:51:dc:d8:cc:9f:83:c1:b7:68:b5:6e:46:b1:d2:8f:2f:
64:cd:3f:dc:11:fc:c5:19:23:6d:e0:20:18:d2:e9:65:59:39:
82:d1:8b:e7:68:c1:df:29:92:be:c4:fe:6b:c8:b6:c0:9f:0c:
9c:77:1e:4f:9f:26:00:d8:73:0a:52:26:12:97:55:5f:1a:38:
11:fb:8e:51:fe:43:97:42:40:a8:17:d4:a0:28:a9:f2:21:45:
e8:56:46:a2:79:a5:a9:fd:45:66:50:c8:e6:41:42:b4:4c:80:
22:ac:b8:aa:61:0f:26:a5:bb:27:aa:19:51:13:e8:f1:bf:b9:
e0:9f:e6:26:71:fb:6a:7b:9a:97:d9:dd:1d:db:2d:e0:b4:4e:
f7:c3:28:29:5f:a5:4c:a4:5d:97:55:ed:d1:d7:8b:0b:dc:d3:
97:00:b8:25:dc:31:92:16:c6:d2:3a:92:cc:14:15:7a:34:ca:
01:bb:6a:3f:e5:50:3e:ad:3e:a0:9d:81:8d:cf:96:16:17:b3:
58:a5:7c:82:ef:63:26:ed:27:ac:13:c5:2c:6b:6c:d6:01:15:
eb:ac:4c:27:e1:03:b7:e6:8b:ff:98:c0:3e:c7:ed:a6:92:b7:
d9:bc:b2:c8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICES4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDUx
ODUzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY1NjQ0N0MxRjlEQkVF
M0E5MUUyREZCRDI5NTk4REEyRDA1QTE5QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn2x//WTN+NnPiVuvZXKHUOGZV/eMifoyP4qflkinWoHXrBVAI
25Fc6FE22UQyHaEJziF/EB3JVZq8VeH+jAcor6apOD289pQpA21lw0nuRBwg/qlp
rs+75xS957R3BUMzEqWgbN1prmWnn7+sQhDFBJqHBbCCRanTJYm7WhjUHEGaUCCg
Zy7RFKIP13f4gQi4qQnvr5twNpZhh/QrtbdR4YiDyOCa3wDYpjQJIlgqcZhyKtTT
J7SXFop8Tl5e6x80Me1XSWnKZohg1m8upeCjzmqQ6r9B7FQDnWLHOoQhGKfTdWWO
WExc0G3a/lgxscIL0FlgkZIj8Bqyy4wnZMttAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZWRHwfnb7jqR4t+9KVmNotBaGb0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1pXUkh3Zm5iN2pxUjR0
LTlLVm1Ob3RCYUdiMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAHAhcL/62DVu6GJrIuvoIM7VjXU5R3NjM
n4PBt2i1bkax0o8vZM0/3BH8xRkjbeAgGNLpZVk5gtGL52jB3ymSvsT+a8i2wJ8M
nHceT58mANhzClImEpdVXxo4EfuOUf5Dl0JAqBfUoCip8iFF6FZGonmlqf1FZlDI
5kFCtEyAIqy4qmEPJqW7J6oZURPo8b+54J/mJnH7anual9ndHdst4LRO98MoKV+l
TKRdl1Xt0deLC9zTlwC4JdwxkhbG0jqSzBQVejTKAbtqP+VQPq0+oJ2Bjc+WFhez
WKV8gu9jJu0nrBPFLGts1gEV66xMJ+EDt+aL/5jAPsftppK32byyyA==
-----END CERTIFICATE-----
Generated at Sat Apr 6 00:02:27 2024 by rpki-client on console-fra.rpki-client.org