Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/fPECETRUPrynwfXdRxlqIaQNsZk.roa
File: fPECETRUPrynwfXdRxlqIaQNsZk.roa (raw, json)
Hash identifier: Zwtpvbf0PRzGj7SFJTGV9WAxXx6GQ6nNrCJDdGJMN0Q=
Subject key identifier: 7C:F1:02:11:34:54:3E:BC:A7:C1:F5:DD:47:19:6A:21:A4:0D:B1:99
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F7E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/fPECETRUPrynwfXdRxlqIaQNsZk.roa
Signing time: Mon 01 Apr 2024 06:52:38 +0000
ROA not before: Mon 01 Apr 2024 06:52:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3966 (0xf7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 06:52:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7CF1021134543EBCA7C1F5DD47196A21A40DB199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b1:7c:72:9c:c9:58:a3:51:6f:28:fa:7c:b6:
28:76:fe:a6:21:43:b5:08:3d:43:08:3d:6f:1e:16:
69:f2:9b:20:c2:53:fc:35:fa:d7:4d:3a:60:34:ab:
d3:40:c4:62:b5:49:78:38:20:ee:c7:12:0e:48:a2:
cd:27:4a:80:20:01:4d:f3:c0:76:15:a6:69:f6:75:
0a:fe:4e:7d:b2:d3:91:e9:44:ba:4a:24:2e:2d:e4:
30:42:40:ae:fe:b4:14:94:db:a2:17:ef:52:4f:58:
11:43:e7:32:3d:dc:77:43:fd:ce:eb:d3:55:e7:fc:
29:5c:93:7e:27:70:14:9f:3b:9f:fa:c2:e1:fb:75:
9a:19:cc:bc:3b:ae:25:8b:1b:21:9a:55:e3:48:ca:
1c:5e:a0:32:48:37:68:7b:43:be:6e:6a:d6:11:58:
17:4a:e3:76:df:b7:40:89:de:73:90:c4:e8:92:ed:
c4:a2:23:98:c0:94:10:47:ae:de:f0:23:86:11:52:
93:3d:84:8f:1c:48:ad:1d:c4:56:28:ed:07:04:a7:
cf:1a:50:8e:89:9e:bc:0d:e6:d2:c3:69:2e:6e:52:
52:7c:e0:6a:38:5e:8c:29:24:60:11:a3:d9:28:e3:
00:27:fb:8a:50:91:bb:00:69:7e:91:e2:92:9b:77:
37:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F1:02:11:34:54:3E:BC:A7:C1:F5:DD:47:19:6A:21:A4:0D:B1:99
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/fPECETRUPrynwfXdRxlqIaQNsZk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:9d:49:1e:06:48:57:dd:3f:df:1c:d2:b4:5f:87:47:e3:29:
4f:73:8d:a0:27:32:43:d4:99:a7:b4:d1:06:74:0a:e2:93:7c:
de:d4:6f:dd:cf:26:a2:14:df:a6:b3:e6:5e:5c:b2:6c:6d:7f:
0b:88:75:e9:7c:63:ac:08:85:8c:7e:b2:b8:ff:ff:45:e8:d7:
9a:90:dd:80:f6:25:eb:7c:cf:45:eb:0c:5b:f2:e9:b9:14:32:
ad:82:51:8e:e6:8c:68:c5:63:f6:4a:d4:6f:59:98:6d:ad:47:
a1:53:19:b9:ab:9e:7e:69:6f:b5:82:a2:3c:f9:d6:f2:68:46:
9a:ef:b9:94:0b:4e:2d:aa:ec:43:d6:e5:62:2e:1c:ad:0d:1f:
3e:47:bd:92:42:da:9a:b7:7b:8b:54:55:f5:69:e5:24:55:93:
3f:0a:f4:4b:73:76:05:2d:46:f8:42:a2:3f:48:80:ef:d4:23:
63:c5:36:fd:1c:35:e8:f9:25:7b:24:6e:ae:14:df:46:dc:b1:
6d:6d:b2:0c:4a:8e:18:d3:22:df:da:59:c4:b7:5d:9e:23:27:
8e:74:0c:ac:09:48:47:c5:cb:f0:5a:f4:a3:48:bc:ea:28:95:
7b:a8:f6:f9:08:4e:73:fe:3b:95:6b:64:6b:63:9b:5e:17:7c:
03:f9:19:b8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEw
NjUyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdDRjEwMjExMzQ1NDNF
QkNBN0MxRjVERDQ3MTk2QTIxQTQwREIxOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmsXxynMlYo1FvKPp8tih2/qYhQ7UIPUMIPW8eFmnymyDCU/w1
+tdNOmA0q9NAxGK1SXg4IO7HEg5Ios0nSoAgAU3zwHYVpmn2dQr+Tn2y05HpRLpK
JC4t5DBCQK7+tBSU26IX71JPWBFD5zI93HdD/c7r01Xn/Clck34ncBSfO5/6wuH7
dZoZzLw7riWLGyGaVeNIyhxeoDJIN2h7Q75uatYRWBdK43bft0CJ3nOQxOiS7cSi
I5jAlBBHrt7wI4YRUpM9hI8cSK0dxFYo7QcEp88aUI6JnrwN5tLDaS5uUlJ84Go4
XowpJGARo9ko4wAn+4pQkbsAaX6R4pKbdzf/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfPECETRUPrynwfXdRxlqIaQNsZkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2ZQRUNFVFJVUHJ5bndm
WGRSeGxxSWFRTnNaay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAjZ1JHgZIV90/3xzStF+HR+MpT3ONoCcy
Q9SZp7TRBnQK4pN83tRv3c8mohTfprPmXlyybG1/C4h16XxjrAiFjH6yuP//RejX
mpDdgPYl63zPResMW/LpuRQyrYJRjuaMaMVj9krUb1mYba1HoVMZuauefmlvtYKi
PPnW8mhGmu+5lAtOLarsQ9blYi4crQ0fPke9kkLamrd7i1RV9WnlJFWTPwr0S3N2
BS1G+EKiP0iA79QjY8U2/Rw16PkleyRurhTfRtyxbW2yDEqOGNMi39pZxLddniMn
jnQMrAlIR8XL8Fr0o0i86iiVe6j2+QhOc/47lWtka2ObXhd8A/kZuA==
-----END CERTIFICATE-----
Generated at Mon Apr 1 08:23:26 2024 by rpki-client on console-fra.rpki-client.org