Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/bELxUg84ST_dgWEWXEv9RwOSt3A.roa
File: bELxUg84ST_dgWEWXEv9RwOSt3A.roa (raw, json)
Hash identifier: p2HfErXXysfaSqs7KM0kbLI+rFWlq6gCm8M1vdPXkmY=
Subject key identifier: 6C:42:F1:52:0F:38:49:3F:DD:81:61:16:5C:4B:FD:47:03:92:B7:70
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 105E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/bELxUg84ST_dgWEWXEv9RwOSt3A.roa
Signing time: Wed 03 Apr 2024 14:52:42 +0000
ROA not before: Wed 03 Apr 2024 14:52:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4190 (0x105e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 3 14:52:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6C42F1520F38493FDD8161165C4BFD470392B770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:82:6e:6a:78:a2:61:b0:4f:b7:59:28:d9:30:
e2:41:9a:d1:29:0f:e4:b4:17:e8:4f:3c:bf:f3:c7:
6e:47:3d:92:0c:15:7f:75:51:19:b5:47:54:de:7c:
df:84:b0:14:02:60:1f:42:0c:ff:73:a4:76:fc:a8:
b7:26:7e:ab:ee:76:f1:7f:e2:a6:18:c0:52:41:11:
26:e8:aa:4f:53:72:c5:aa:e5:b8:9d:cf:58:c0:89:
12:dd:fc:44:ca:3c:3a:6a:74:05:7f:3f:a3:73:e7:
e6:0f:50:d6:c7:d2:0a:17:fa:e4:47:e5:f8:0c:1e:
fe:34:c1:24:7a:19:9a:a3:e0:ab:9c:2e:f1:b2:90:
c8:e0:5d:6e:9e:eb:8e:b4:9c:14:ba:bb:65:a9:5d:
7b:6c:19:80:28:9b:6c:b4:61:21:a0:80:5d:05:f0:
2e:51:ce:fa:14:00:d8:d0:16:4a:3d:e4:3b:14:cb:
a5:80:91:61:7a:31:81:9c:57:0e:7a:1a:c4:d7:6e:
c0:50:8b:0e:b2:ea:5c:36:49:08:b5:4f:ad:f7:88:
95:fe:41:3d:91:6a:e0:b3:32:04:30:86:f3:bb:d2:
c6:ee:e1:5c:09:f1:6f:ee:06:b9:69:3f:78:25:33:
1c:67:41:b6:df:b7:68:9d:e2:a3:48:23:7c:04:48:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:42:F1:52:0F:38:49:3F:DD:81:61:16:5C:4B:FD:47:03:92:B7:70
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/bELxUg84ST_dgWEWXEv9RwOSt3A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:68:a7:b7:0e:63:5a:17:5a:c9:3d:5b:3b:0c:ec:0c:0e:82:
41:2d:29:a9:c8:c8:f9:9a:bf:5a:1c:ba:c0:29:17:5d:0a:16:
30:f3:14:c2:0d:6b:98:1c:46:56:9c:85:e6:58:d0:0f:0e:db:
6d:01:c9:05:31:64:c0:b6:21:f5:f3:2e:69:07:f4:5f:78:fe:
47:9e:48:5d:51:9e:94:39:7e:02:aa:e5:07:f0:06:52:6f:33:
01:66:99:0d:d3:aa:de:82:f4:79:4a:65:86:d0:1a:12:3f:a8:
7a:5f:db:cf:65:3c:a5:66:fa:2b:64:7c:78:d1:9c:31:97:33:
44:80:f1:db:ac:38:9c:46:f9:ab:66:0c:6f:9a:05:ad:76:79:
0c:24:8a:21:9d:aa:e3:c8:b9:00:d2:cb:77:ec:98:0a:cc:1c:
81:d0:7a:7e:ba:95:b9:bb:10:63:cd:0a:d8:70:10:c6:81:58:
24:0b:c1:e8:2f:df:b4:5e:98:e1:3a:1d:35:5a:e2:ac:9d:b0:
ef:2f:cf:f0:cf:a9:20:f3:37:77:9a:f4:3e:37:9c:5b:bd:84:
60:8a:93:a5:68:37:40:21:d8:31:98:76:2f:78:3b:45:ea:ba:
8b:c0:54:81:3f:ce:67:7d:42:d3:e8:97:38:13:d8:fc:72:1c:
44:ce:17:a4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDMx
NDUyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDNDJGMTUyMEYzODQ5
M0ZERDgxNjExNjVDNEJGRDQ3MDM5MkI3NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7gm5qeKJhsE+3WSjZMOJBmtEpD+S0F+hPPL/zx25HPZIMFX91
URm1R1TefN+EsBQCYB9CDP9zpHb8qLcmfqvudvF/4qYYwFJBESboqk9TcsWq5bid
z1jAiRLd/ETKPDpqdAV/P6Nz5+YPUNbH0goX+uRH5fgMHv40wSR6GZqj4KucLvGy
kMjgXW6e6460nBS6u2WpXXtsGYAom2y0YSGggF0F8C5RzvoUANjQFko95DsUy6WA
kWF6MYGcVw56GsTXbsBQiw6y6lw2SQi1T633iJX+QT2RauCzMgQwhvO70sbu4VwJ
8W/uBrlpP3glMxxnQbbft2id4qNII3wESCv7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUbELxUg84ST/dgWEWXEv9RwOSt3AwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2JFTHhVZzg0U1RfZGdX
RVdYRXY5UndPU3QzQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAzGintw5jWhdayT1bOwzsDA6CQS0pqcjI
+Zq/Why6wCkXXQoWMPMUwg1rmBxGVpyF5ljQDw7bbQHJBTFkwLYh9fMuaQf0X3j+
R55IXVGelDl+AqrlB/AGUm8zAWaZDdOq3oL0eUplhtAaEj+oel/bz2U8pWb6K2R8
eNGcMZczRIDx26w4nEb5q2YMb5oFrXZ5DCSKIZ2q48i5ANLLd+yYCswcgdB6frqV
ubsQY80K2HAQxoFYJAvB6C/ftF6Y4TodNVrirJ2w7y/P8M+pIPM3d5r0PjecW72E
YIqTpWg3QCHYMZh2L3g7Req6i8BUgT/OZ31C0+iXOBPY/HIcRM4XpA==
-----END CERTIFICATE-----
Generated at Wed Apr 3 20:21:43 2024 by rpki-client on console-fra.rpki-client.org