Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/fnw1qaNfZzXt4tNPEwTw--JDGwc.roa
File: fnw1qaNfZzXt4tNPEwTw--JDGwc.roa (raw, json)
Hash identifier: GwwHO4TpO0HTzlde1iddqHjM8Nam1B0Jy+gHMWKeo+I=
Subject key identifier: 7E:7C:35:A9:A3:5F:67:35:ED:E2:D3:4F:13:04:F0:FB:E2:43:1B:07
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1AC0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/fnw1qaNfZzXt4tNPEwTw--JDGwc.roa
Signing time: Wed 01 May 2024 07:24:14 +0000
ROA not before: Wed 01 May 2024 07:24:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6848 (0x1ac0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 07:24:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7E7C35A9A35F6735EDE2D34F1304F0FBE2431B07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6a:88:89:c4:e0:3b:d2:d6:dd:57:cb:ac:12:
45:95:14:61:61:ba:25:85:8e:8e:2c:c7:5b:36:fb:
8d:37:2c:3e:2d:54:5f:a2:a7:d4:5d:35:56:4a:30:
20:c6:c7:ac:f8:9f:e8:13:41:5e:2d:e4:97:f4:d1:
21:16:9b:72:f4:a0:e8:29:12:96:b7:c6:65:be:5f:
1c:de:f2:b4:bc:1f:e3:d6:4f:f0:a0:5d:3c:50:69:
3a:63:4b:8f:42:60:80:df:b2:26:c0:c9:66:96:0b:
8e:41:c3:2b:56:33:80:a2:41:f6:d8:01:cd:b6:37:
dd:af:38:64:e7:6c:8b:32:3c:fb:5f:6d:89:7f:2d:
ab:d4:fe:26:fa:30:f6:3e:80:f5:9b:00:d2:6c:d2:
8a:03:db:81:c4:a3:c0:07:9b:0c:e1:96:86:28:2b:
cf:f7:e3:3e:7b:b8:6d:e1:93:55:4b:1e:4b:43:f0:
e2:08:df:86:34:0e:2e:88:f1:8e:33:34:0e:73:dd:
3f:e2:58:f4:b1:9e:6c:fd:9a:0e:c2:7f:44:34:bc:
af:de:98:4d:cb:75:d6:a3:cb:12:12:e5:18:98:07:
50:b0:01:89:6e:d9:2c:fb:f0:4e:99:50:2f:35:11:
c2:e7:52:2b:4b:49:87:5d:ce:ed:26:c3:fa:88:f1:
66:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7C:35:A9:A3:5F:67:35:ED:E2:D3:4F:13:04:F0:FB:E2:43:1B:07
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/fnw1qaNfZzXt4tNPEwTw--JDGwc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:dc:c6:fc:f1:48:0b:0a:ab:9e:0a:4c:7e:f6:02:74:09:e3:
60:ce:b4:47:20:08:ff:b7:fc:2f:98:35:c0:0b:ed:cc:a7:93:
f0:51:11:c3:c6:48:bf:cd:46:20:03:3e:d2:be:30:70:22:55:
28:6d:94:4a:91:0c:d3:75:e0:ad:b1:61:5c:69:e0:46:e2:00:
5e:0c:c9:82:fa:28:e3:e1:7f:fe:4a:04:e3:78:d4:46:77:5e:
86:07:2a:23:d8:65:67:d3:ee:f9:e6:a1:37:07:38:91:2a:9c:
8a:99:88:94:d8:bc:86:e2:62:a1:33:95:96:f0:09:40:25:fb:
77:02:ec:88:d7:24:b7:f1:a6:5f:19:0a:9e:50:b0:34:db:b5:
77:bd:74:c5:cf:05:87:c6:8e:97:48:8c:a0:e8:9a:f3:92:8c:
50:e3:d9:f2:dd:aa:23:0c:a5:1f:e9:5f:1c:96:a9:9e:e7:b9:
6e:72:6e:8a:da:b9:d6:ab:3e:65:ca:67:6f:8a:a8:f5:0c:a4:
5c:51:a5:81:ef:ce:64:c5:dd:10:a6:81:dd:5d:3c:fb:69:e7:
a2:0d:74:97:50:a0:21:63:01:0c:a4:c1:f5:35:71:6b:1b:07:
33:4f:35:b9:90:61:df:f6:14:b8:79:13:4a:dd:db:80:41:4c:
bc:94:a8:ba
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGsAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEw
NzI0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdFN0MzNUE5QTM1RjY3
MzVFREUyRDM0RjEzMDRGMEZCRTI0MzFCMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1aoiJxOA70tbdV8usEkWVFGFhuiWFjo4sx1s2+403LD4tVF+i
p9RdNVZKMCDGx6z4n+gTQV4t5Jf00SEWm3L0oOgpEpa3xmW+Xxze8rS8H+PWT/Cg
XTxQaTpjS49CYIDfsibAyWaWC45BwytWM4CiQfbYAc22N92vOGTnbIsyPPtfbYl/
LavU/ib6MPY+gPWbANJs0ooD24HEo8AHmwzhloYoK8/34z57uG3hk1VLHktD8OII
34Y0Di6I8Y4zNA5z3T/iWPSxnmz9mg7Cf0Q0vK/emE3LddajyxIS5RiYB1CwAYlu
2Sz78E6ZUC81EcLnUitLSYddzu0mw/qI8WabAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUfnw1qaNfZzXt4tNPEwTw++JDGwcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2ZudzFxYU5mWnpYdDR0
TlBFd1R3LS1KREd3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAT9zG/PFICwqrngpMfvYCdAnjYM60RyAI
/7f8L5g1wAvtzKeT8FERw8ZIv81GIAM+0r4wcCJVKG2USpEM03XgrbFhXGngRuIA
XgzJgvoo4+F//koE43jURndehgcqI9hlZ9Pu+eahNwc4kSqcipmIlNi8huJioTOV
lvAJQCX7dwLsiNckt/GmXxkKnlCwNNu1d710xc8Fh8aOl0iMoOia85KMUOPZ8t2q
IwylH+lfHJapnue5bnJuitq51qs+Zcpnb4qo9QykXFGlge/OZMXdEKaB3V08+2nn
og10l1CgIWMBDKTB9TVxaxsHM081uZBh3/YUuHkTSt3bgEFMvJSoug==
-----END CERTIFICATE-----
Generated at Wed May 1 12:49:31 2024 by rpki-client on console-fra.rpki-client.org