Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/fh7b6w3PNJd2JRHncyvQQHz8YmA.roa
File: fh7b6w3PNJd2JRHncyvQQHz8YmA.roa (raw, json)
Hash identifier: F/K1sS9t1YP2d+Y7gZejpHsrQhHdUVUfWJBvIVf3gJM=
Subject key identifier: 7E:1E:DB:EB:0D:CF:34:97:76:25:11:E7:73:2B:D0:40:7C:FC:62:60
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 102C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/fh7b6w3PNJd2JRHncyvQQHz8YmA.roa
Signing time: Wed 03 Apr 2024 02:22:41 +0000
ROA not before: Wed 03 Apr 2024 02:22:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4140 (0x102c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 3 02:22:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7E1EDBEB0DCF3497762511E7732BD0407CFC6260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:21:7c:ae:bf:1e:48:e7:7e:ed:c3:6f:04:fc:
e8:1e:ac:3f:4b:6b:34:84:ad:5b:6d:7f:03:32:3a:
85:4a:9b:c5:18:3f:b7:a0:90:5e:f2:3c:cd:81:89:
af:8a:0b:61:27:d4:0b:d1:d3:87:87:00:46:6f:d1:
93:e3:f7:1c:63:5f:f8:34:23:c0:40:95:75:b9:1c:
cc:25:90:42:43:14:5a:8a:a6:4c:2b:23:52:bb:0c:
57:f7:fe:48:d4:12:56:c4:f7:64:14:30:d4:2b:e4:
fb:b2:40:97:e7:5b:cd:fc:a6:65:83:71:39:c2:7f:
8a:d2:a6:e9:78:84:32:ff:4a:4f:b8:38:ee:84:82:
92:96:9a:92:83:59:e4:f6:a4:80:e6:e1:ed:8d:5b:
92:27:1e:83:b4:e9:d7:79:ae:e7:62:d7:6a:16:de:
c8:9f:51:aa:01:ff:9c:31:3e:47:44:98:03:19:66:
32:f3:2a:69:c8:89:64:55:38:cf:40:59:d1:a5:30:
52:5d:16:79:4f:8a:e8:61:45:bf:49:f7:d6:69:af:
17:65:cc:1c:9f:6e:94:41:56:1d:bf:f5:8b:c1:ee:
d2:de:50:b1:a2:ce:20:5b:f7:54:8a:ae:62:88:94:
04:73:02:df:1b:47:1e:49:47:44:99:fd:a2:fa:d6:
9c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1E:DB:EB:0D:CF:34:97:76:25:11:E7:73:2B:D0:40:7C:FC:62:60
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/fh7b6w3PNJd2JRHncyvQQHz8YmA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:f6:d8:aa:ea:b2:e1:2d:f3:5f:e3:74:2d:57:ef:12:e2:96:
05:8f:48:53:2c:c9:b9:50:06:b5:9b:5c:86:5c:87:85:89:b8:
6b:b4:78:0e:64:d3:51:ee:2a:0a:74:64:ad:67:4a:5a:8a:0c:
2b:98:cc:88:c7:ba:11:cc:cb:5a:a6:be:62:8b:17:08:3c:32:
ba:92:22:5e:51:94:9a:05:ea:c1:76:b0:88:31:a4:c6:bb:35:
d0:1d:07:23:3e:bf:e2:ca:95:b2:d5:df:ba:84:0e:45:5e:91:
ef:1f:07:0e:3a:61:29:bb:5a:d3:5e:3e:e7:89:27:d4:66:a5:
3b:c4:c0:cd:5b:e1:55:47:93:1e:06:2f:1e:37:32:14:bc:c5:
a4:f6:62:54:35:5a:ea:b5:52:8f:81:88:7e:aa:a2:61:cc:99:
47:a6:da:05:53:c7:c1:e8:15:64:65:9b:be:f2:03:9a:c3:99:
c7:1f:dd:e5:5f:95:7f:36:69:0b:7e:ed:9a:d6:21:7f:15:6c:
85:2d:f2:50:f9:8d:47:01:09:0a:46:c7:9f:01:cf:7a:7d:c6:
42:02:72:b2:fe:9b:cc:ad:62:a5:ef:fe:85:32:26:1b:49:8f:
0e:c8:0c:84:cf:83:e7:c9:0a:30:46:99:40:74:2b:5c:70:c1:
e1:56:29:8c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICECwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDMw
MjIyNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdFMUVEQkVCMERDRjM0
OTc3NjI1MTFFNzczMkJEMDQwN0NGQzYyNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3IXyuvx5I537tw28E/OgerD9LazSErVttfwMyOoVKm8UYP7eg
kF7yPM2Bia+KC2En1AvR04eHAEZv0ZPj9xxjX/g0I8BAlXW5HMwlkEJDFFqKpkwr
I1K7DFf3/kjUElbE92QUMNQr5PuyQJfnW838pmWDcTnCf4rSpul4hDL/Sk+4OO6E
gpKWmpKDWeT2pIDm4e2NW5InHoO06dd5rudi12oW3sifUaoB/5wxPkdEmAMZZjLz
KmnIiWRVOM9AWdGlMFJdFnlPiuhhRb9J99ZprxdlzByfbpRBVh2/9YvB7tLeULGi
ziBb91SKrmKIlARzAt8bRx5JR0SZ/aL61pw1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfh7b6w3PNJd2JRHncyvQQHz8YmAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2ZoN2I2dzNQTkpkMkpS
SG5jeXZRUUh6OFltQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAIfbYquqy4S3zX+N0LVfvEuKWBY9IUyzJ
uVAGtZtchlyHhYm4a7R4DmTTUe4qCnRkrWdKWooMK5jMiMe6EczLWqa+YosXCDwy
upIiXlGUmgXqwXawiDGkxrs10B0HIz6/4sqVstXfuoQORV6R7x8HDjphKbta014+
54kn1GalO8TAzVvhVUeTHgYvHjcyFLzFpPZiVDVa6rVSj4GIfqqiYcyZR6baBVPH
wegVZGWbvvIDmsOZxx/d5V+VfzZpC37tmtYhfxVshS3yUPmNRwEJCkbHnwHPen3G
QgJysv6bzK1ipe/+hTImG0mPDsgMhM+D58kKMEaZQHQrXHDB4VYpjA==
-----END CERTIFICATE-----
Generated at Wed Apr 3 04:31:55 2024 by rpki-client on console-fra.rpki-client.org