Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/cfZ7WM6dqYHkaJaLpKsvsiH-rhM.roa
File: cfZ7WM6dqYHkaJaLpKsvsiH-rhM.roa (raw, json)
Hash identifier: wHKb0Zb/ssfXGO2Rz7l4diNXdzl/+JBKVnGVdRfxQV8=
Subject key identifier: 71:F6:7B:58:CE:9D:A9:81:E4:68:96:8B:A4:AB:2F:B2:21:FE:AE:13
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C20
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/cfZ7WM6dqYHkaJaLpKsvsiH-rhM.roa
Signing time: Sat 04 May 2024 23:24:15 +0000
ROA not before: Sat 04 May 2024 23:24:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7200 (0x1c20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 23:24:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=71F67B58CE9DA981E468968BA4AB2FB221FEAE13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0f:a2:62:9f:db:cd:2e:67:3a:e5:c9:c0:b5:
d4:e1:6f:e5:78:a9:0a:45:0d:eb:61:c2:b6:06:3d:
ad:f4:e5:fe:71:3b:8a:9a:10:72:42:a1:39:80:3f:
68:7b:89:0e:20:75:0f:12:c9:21:21:9e:97:5d:39:
26:b3:86:cc:2d:65:4f:b6:6f:b6:24:99:6a:1b:84:
eb:97:53:ab:6d:f4:4d:99:66:bd:6a:24:9f:5c:65:
cf:05:5d:29:dc:1f:c2:3e:97:c7:ce:5b:c8:b7:34:
46:7c:ae:3b:85:d6:0e:91:96:ab:a0:68:8d:0e:a9:
13:35:a4:09:94:bf:7b:d4:cb:ea:2c:20:b6:d0:8f:
5c:e2:4f:86:2d:ba:44:ff:13:5f:66:d2:1b:84:6d:
3e:e2:17:cf:b5:da:20:33:eb:6f:ee:3a:05:7a:82:
ba:11:62:fe:6d:a5:75:79:66:ac:14:7b:20:8c:64:
de:3f:09:36:48:ac:06:57:0c:b8:e0:8a:78:85:68:
02:54:23:ab:4a:9d:57:a2:6c:12:53:6b:00:b1:4c:
a6:37:06:60:5d:e0:4e:69:71:73:c1:ed:d8:47:ed:
c5:6c:bf:72:23:7f:23:e5:c9:cf:35:b9:19:46:a1:
60:8d:02:c4:e2:3d:7f:25:90:0a:66:5c:67:66:83:
13:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F6:7B:58:CE:9D:A9:81:E4:68:96:8B:A4:AB:2F:B2:21:FE:AE:13
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/cfZ7WM6dqYHkaJaLpKsvsiH-rhM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:b8:49:83:b7:75:4c:2f:0d:96:e5:c1:fe:6f:41:f8:2b:d8:
e8:6a:75:ab:93:ae:c8:48:44:0c:ba:1d:76:65:54:b5:70:c0:
e2:67:ef:7e:65:d4:c8:35:c7:08:b8:15:1e:b3:9a:d3:88:c8:
47:5b:7e:24:e3:3b:be:50:20:d7:57:59:fb:98:1e:d9:5f:6a:
f3:dd:e5:18:e1:b0:ec:2d:61:d8:22:3c:4d:91:60:bf:ce:1c:
7a:8b:37:11:14:3b:c2:00:ad:ed:ec:66:7b:99:6e:f7:13:78:
9f:5f:46:b7:f4:2d:ab:21:43:21:52:38:8c:3d:af:5a:b7:9e:
c7:86:47:4b:72:60:e3:cb:3d:16:b4:ab:27:3e:21:7d:89:84:
08:b6:a4:52:91:cf:f1:fc:72:35:68:c1:d3:fa:85:a4:e1:79:
db:76:44:79:dd:39:f3:ef:8f:61:2b:1e:e0:bb:67:d6:4f:74:
a7:08:e5:11:74:b4:d2:92:c1:8e:6f:78:6a:52:66:7e:60:f3:
03:94:cd:80:b1:dd:01:34:e8:17:aa:a3:64:66:11:fa:c0:2f:
3a:51:68:a8:e5:77:15:a3:e0:bd:0c:34:ff:18:10:82:84:d9:
77:bf:bb:4c:84:98:ea:6b:73:1b:66:4f:e2:24:8f:9b:34:0f:
66:ce:d4:00
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHCAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQy
MzI0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxRjY3QjU4Q0U5REE5
ODFFNDY4OTY4QkE0QUIyRkIyMjFGRUFFMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaD6Jin9vNLmc65cnAtdThb+V4qQpFDethwrYGPa305f5xO4qa
EHJCoTmAP2h7iQ4gdQ8SySEhnpddOSazhswtZU+2b7YkmWobhOuXU6tt9E2ZZr1q
JJ9cZc8FXSncH8I+l8fOW8i3NEZ8rjuF1g6RlqugaI0OqRM1pAmUv3vUy+osILbQ
j1ziT4YtukT/E19m0huEbT7iF8+12iAz62/uOgV6groRYv5tpXV5ZqwUeyCMZN4/
CTZIrAZXDLjginiFaAJUI6tKnVeibBJTawCxTKY3BmBd4E5pcXPB7dhH7cVsv3Ij
fyPlyc81uRlGoWCNAsTiPX8lkApmXGdmgxPPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUcfZ7WM6dqYHkaJaLpKsvsiH+rhMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2NmWjdXTTZkcVlIa2FK
YUxwS3N2c2lILXJoTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAfrhJg7d1TC8NluXB/m9B+CvY6Gp1q5Ou
yEhEDLoddmVUtXDA4mfvfmXUyDXHCLgVHrOa04jIR1t+JOM7vlAg11dZ+5ge2V9q
893lGOGw7C1h2CI8TZFgv84ceos3ERQ7wgCt7exme5lu9xN4n19Gt/QtqyFDIVI4
jD2vWreex4ZHS3Jg48s9FrSrJz4hfYmECLakUpHP8fxyNWjB0/qFpOF523ZEed05
8++PYSse4Ltn1k90pwjlEXS00pLBjm94alJmfmDzA5TNgLHdATToF6qjZGYR+sAv
OlFoqOV3FaPgvQw0/xgQgoTZd7+7TISY6mtzG2ZP4iSPmzQPZs7UAA==
-----END CERTIFICATE-----
Generated at Sun May 5 01:34:16 2024 by rpki-client on console-ams.rpki-client.org