Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ek2xc7w8CFP7MJTo_tcC5RA0xcU.roa
File: ek2xc7w8CFP7MJTo_tcC5RA0xcU.roa (raw, json)
Hash identifier: E3VSVQZJKTGlfTQpQRPMdYO7be5uXpcHJmIGZlCcb9U=
Subject key identifier: 7A:4D:B1:73:BC:3C:08:53:FB:30:94:E8:FE:D7:02:E5:10:34:C5:C5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C5C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ek2xc7w8CFP7MJTo_tcC5RA0xcU.roa
Signing time: Sun 05 May 2024 14:24:13 +0000
ROA not before: Sun 05 May 2024 14:24:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7260 (0x1c5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 14:24:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7A4DB173BC3C0853FB3094E8FED702E51034C5C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:48:82:5a:b1:1f:da:2e:6f:12:24:b1:95:
07:71:16:25:5f:4f:4d:b4:df:92:eb:a8:7e:f0:55:
0c:d1:73:94:99:f6:8c:69:47:fc:76:6b:e2:37:d8:
fb:60:c0:c8:2b:fc:af:81:e6:e6:10:bf:5f:7c:52:
27:bf:cd:ba:24:7b:29:d5:cd:ea:41:25:cd:f5:43:
16:3d:54:e3:d4:92:0e:b3:71:3b:df:1b:24:5c:a3:
37:a6:75:5c:3e:4b:e9:3b:24:31:38:3d:72:df:65:
81:9e:8d:c2:b7:4b:29:19:06:48:f8:b7:ae:f3:97:
64:5a:f8:34:5e:6a:a6:33:80:96:43:91:2a:23:eb:
a2:f5:fe:89:0e:dd:80:18:48:07:eb:5d:1a:f7:e2:
46:67:cc:6d:9c:ad:0b:0b:a6:70:5b:cf:50:03:71:
18:c5:c7:5c:3f:49:b8:7a:5e:ca:03:ab:60:2a:b2:
e9:b8:4a:a4:34:94:ad:8e:a5:d1:79:94:01:d7:ce:
b2:04:ec:b4:e9:24:1c:20:26:93:f3:35:db:98:ec:
b7:9b:02:cb:fe:33:f0:ee:27:7b:a1:86:1d:ab:98:
f5:56:38:92:a7:d2:d9:7e:93:08:95:6e:d1:44:65:
39:93:2b:ba:8c:c7:fa:a7:d6:c2:82:0f:37:ba:fc:
18:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4D:B1:73:BC:3C:08:53:FB:30:94:E8:FE:D7:02:E5:10:34:C5:C5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ek2xc7w8CFP7MJTo_tcC5RA0xcU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:36:3b:1d:cb:76:f0:36:83:ce:4c:26:73:a3:23:27:37:ec:
0b:f9:0c:5f:ca:1c:07:1c:54:a6:ef:57:43:dd:9c:b9:6d:9d:
0d:98:71:08:dd:fa:46:26:e9:cb:25:f1:65:b2:d8:e0:af:95:
60:0f:8d:3c:d7:11:ec:1b:97:66:f1:2f:cb:80:f4:cb:ca:b3:
5e:06:c0:07:3e:53:1d:40:c7:9a:24:47:b4:e0:ce:80:31:6d:
39:99:87:7e:9d:53:29:94:81:82:56:25:11:d8:b4:33:5b:c6:
ff:06:cd:ee:09:cf:0c:f0:40:64:c6:43:f9:23:67:1f:d2:d3:
3d:5d:c7:f3:64:b1:35:0f:ce:94:2e:49:bc:f0:dd:dd:e3:5a:
49:2f:fe:d6:1e:b0:3c:a2:54:c1:38:12:66:b4:0b:af:80:fe:
f3:99:53:28:29:a9:de:5d:f9:12:71:ac:99:bb:e6:32:06:84:
62:31:80:06:48:3c:20:04:2e:22:18:5e:4d:a8:5a:95:e3:32:
db:83:b9:e4:d9:55:6c:b0:06:c6:1e:a9:b8:34:4c:e7:de:77:
46:b7:36:1a:95:70:73:79:34:23:90:f5:d0:3a:e7:a2:24:f1:
d2:01:13:e8:3a:14:6a:ab:36:62:3e:69:30:14:1b:e7:83:12:
23:67:d6:8b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHFwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUx
NDI0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBNERCMTczQkMzQzA4
NTNGQjMwOTRFOEZFRDcwMkU1MTAzNEM1QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFjkiCWrEf2i5vEiSxlQdxFiVfT02035LrqH7wVQzRc5SZ9oxp
R/x2a+I32PtgwMgr/K+B5uYQv198Uie/zbokeynVzepBJc31QxY9VOPUkg6zcTvf
GyRcozemdVw+S+k7JDE4PXLfZYGejcK3SykZBkj4t67zl2Ra+DReaqYzgJZDkSoj
66L1/okO3YAYSAfrXRr34kZnzG2crQsLpnBbz1ADcRjFx1w/Sbh6XsoDq2Aqsum4
SqQ0lK2OpdF5lAHXzrIE7LTpJBwgJpPzNduY7LebAsv+M/DuJ3uhhh2rmPVWOJKn
0tl+kwiVbtFEZTmTK7qMx/qn1sKCDze6/BhpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUek2xc7w8CFP7MJTo/tcC5RA0xcUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2VrMnhjN3c4Q0ZQN01K
VG9fdGNDNVJBMHhjVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAHjY7Hct28DaDzkwmc6MjJzfsC/kMX8oc
BxxUpu9XQ92cuW2dDZhxCN36RibpyyXxZbLY4K+VYA+NPNcR7BuXZvEvy4D0y8qz
XgbABz5THUDHmiRHtODOgDFtOZmHfp1TKZSBglYlEdi0M1vG/wbN7gnPDPBAZMZD
+SNnH9LTPV3H82SxNQ/OlC5JvPDd3eNaSS/+1h6wPKJUwTgSZrQLr4D+85lTKCmp
3l35EnGsmbvmMgaEYjGABkg8IAQuIhheTahaleMy24O55NlVbLAGxh6puDRM5953
Rrc2GpVwc3k0I5D10DrnoiTx0gET6DoUaqs2Yj5pMBQb54MSI2fWiw==
-----END CERTIFICATE-----
Generated at Sun May 5 16:41:26 2024 by rpki-client on console-fra.rpki-client.org