Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/txawCqU2bkBseS6O5vxGmOdg0rk.roa
File: txawCqU2bkBseS6O5vxGmOdg0rk.roa (raw, json)
Hash identifier: FBPRYfl2Jq53mfKzclELYijYyO/EDzYNXLzdLcme/PQ=
Subject key identifier: B7:16:B0:0A:A5:36:6E:40:6C:79:2E:8E:E6:FC:46:98:E7:60:D2:B9
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1568
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/txawCqU2bkBseS6O5vxGmOdg0rk.roa
Signing time: Wed 17 Apr 2024 01:23:39 +0000
ROA not before: Wed 17 Apr 2024 01:23:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5480 (0x1568)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 01:23:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B716B00AA5366E406C792E8EE6FC4698E760D2B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:1b:25:89:12:18:48:2f:fb:89:60:2c:ba:
39:e2:76:a0:b8:6d:91:cf:a4:63:f3:df:dd:3f:c9:
59:bb:b6:bf:67:68:a3:53:9b:02:f1:e5:8c:ea:ff:
9d:dd:dd:b1:b1:64:a7:b6:a2:81:c7:9c:4d:ca:eb:
8b:f0:28:c0:a9:ae:91:b4:e0:5f:f4:81:b8:81:36:
68:5f:48:8e:8b:07:37:41:47:d1:2b:df:c0:40:8b:
f2:10:7d:ea:2d:8f:92:64:bc:a8:ed:ac:44:ae:11:
29:0b:26:e1:fa:92:45:9a:fd:16:65:3c:30:a9:0a:
f9:7a:ce:1e:8f:5b:71:1d:2c:38:1a:c0:c7:9d:c4:
ad:8f:6a:bc:b4:12:e2:3f:c8:ce:a5:3f:79:37:d1:
b3:b2:1c:a4:11:5a:9b:05:16:0b:d3:f1:2d:0c:80:
b0:7d:40:6b:9f:a0:88:f8:1d:80:9e:f7:b7:3e:1c:
7a:c6:be:ce:16:dd:05:a2:a4:45:89:7b:d7:8e:48:
ac:6c:ea:80:d6:92:a0:06:97:63:c7:77:c0:87:03:
03:31:79:c8:55:c9:b5:a0:3f:6b:04:86:87:b9:76:
7b:14:c2:2d:59:38:7e:43:32:60:7d:24:71:6c:92:
4d:d7:23:ad:10:2e:4c:9f:77:ca:91:0d:be:8a:b7:
80:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:16:B0:0A:A5:36:6E:40:6C:79:2E:8E:E6:FC:46:98:E7:60:D2:B9
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/txawCqU2bkBseS6O5vxGmOdg0rk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:b7:c5:61:4b:b5:7f:f3:1e:a9:8e:90:e2:1b:45:6e:a9:a3:
f1:40:c6:ca:7e:42:e0:f2:01:4e:31:b6:46:ac:31:05:90:3e:
f0:68:c3:52:3e:a9:1a:2f:b9:71:a8:55:81:cc:dc:fd:96:1e:
c6:1f:ce:ef:45:3a:50:8d:94:d1:73:7a:cd:5b:7b:12:dd:df:
c9:d3:74:17:b2:61:aa:ce:e2:d9:26:96:bc:59:80:e2:d8:79:
93:c2:ad:27:c6:14:17:3a:ac:98:92:a7:83:fb:65:b0:53:59:
65:17:ff:29:f3:7a:4a:c5:14:0d:bf:9f:72:73:6e:62:89:35:
16:af:c1:55:60:c6:df:6d:a1:c4:89:9d:59:3e:1b:05:a1:a5:
0e:ba:ff:1f:da:bb:7d:8f:77:56:04:75:fe:78:73:55:48:94:
7d:2b:14:36:2d:55:3e:64:8d:3f:08:8f:fd:0b:70:cf:fd:a4:
06:51:af:22:19:dd:4f:49:94:de:1e:68:38:c3:f0:a5:10:01:
99:55:19:27:08:89:99:82:53:22:ec:7f:dc:60:c4:bf:a5:dc:
51:8f:a3:2b:c0:66:f1:77:33:a1:df:60:e5:ea:4a:87:18:ec:
ff:dd:89:f1:ac:e9:a7:af:40:79:a2:04:b8:fa:77:d3:36:25:
1f:75:b8:d3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcw
MTIzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3MTZCMDBBQTUzNjZF
NDA2Qzc5MkU4RUU2RkM0Njk4RTc2MEQyQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4FBsliRIYSC/7iWAsujnidqC4bZHPpGPz390/yVm7tr9naKNT
mwLx5Yzq/53d3bGxZKe2ooHHnE3K64vwKMCprpG04F/0gbiBNmhfSI6LBzdBR9Er
38BAi/IQfeotj5JkvKjtrESuESkLJuH6kkWa/RZlPDCpCvl6zh6PW3EdLDgawMed
xK2Pary0EuI/yM6lP3k30bOyHKQRWpsFFgvT8S0MgLB9QGufoIj4HYCe97c+HHrG
vs4W3QWipEWJe9eOSKxs6oDWkqAGl2PHd8CHAwMxechVybWgP2sEhoe5dnsUwi1Z
OH5DMmB9JHFskk3XI60QLkyfd8qRDb6Kt4DzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtxawCqU2bkBseS6O5vxGmOdg0rkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3R4YXdDcVUyYmtCc2VT
Nk81dnhHbU9kZzByay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEApLfFYUu1f/MeqY6Q4htFbqmj8UDGyn5C
4PIBTjG2RqwxBZA+8GjDUj6pGi+5cahVgczc/ZYexh/O70U6UI2U0XN6zVt7Et3f
ydN0F7Jhqs7i2SaWvFmA4th5k8KtJ8YUFzqsmJKng/tlsFNZZRf/KfN6SsUUDb+f
cnNuYok1Fq/BVWDG322hxImdWT4bBaGlDrr/H9q7fY93VgR1/nhzVUiUfSsUNi1V
PmSNPwiP/Qtwz/2kBlGvIhndT0mU3h5oOMPwpRABmVUZJwiJmYJTIux/3GDEv6Xc
UY+jK8Bm8Xczod9g5epKhxjs/92J8azpp69AeaIEuPp30zYlH3W40w==
-----END CERTIFICATE-----
Generated at Wed Apr 17 02:40:01 2024 by rpki-client on console-fra.rpki-client.org