Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/v0BXw-Gg7H6rG9DbxWzfnvchkQc.roa
File: v0BXw-Gg7H6rG9DbxWzfnvchkQc.roa (raw, json)
Hash identifier: TlmAIUZ6TASG07o76gtokxMyeL9Gsxzw7XK3PDdDfoA=
Subject key identifier: BF:40:57:C3:E1:A0:EC:7E:AB:1B:D0:DB:C5:6C:DF:9E:F7:21:91:07
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E3E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v0BXw-Gg7H6rG9DbxWzfnvchkQc.roa
Signing time: Thu 28 Mar 2024 22:52:28 +0000
ROA not before: Thu 28 Mar 2024 22:52:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3646 (0xe3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 28 22:52:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BF4057C3E1A0EC7EAB1BD0DBC56CDF9EF7219107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:4e:75:60:33:b9:c8:5d:13:df:82:5f:5f:6d:
68:c3:7a:4a:fb:b2:4b:73:ca:fa:38:8a:58:a7:e0:
28:fa:e0:7c:9f:ab:ea:98:f6:4e:76:98:b6:49:0c:
18:57:66:16:1e:a3:88:9a:46:bd:68:da:53:36:37:
26:62:94:5a:90:cf:65:e9:b9:26:ea:11:41:08:8d:
ff:3f:26:94:8f:2a:1f:44:50:1e:e6:3c:cf:25:26:
28:79:f9:9f:87:a4:13:95:59:e6:46:db:f3:89:7d:
2e:3a:7c:91:a2:1e:c3:36:21:2f:c2:c3:b1:99:f5:
d9:e3:34:6a:c8:e8:f8:a6:bf:7c:41:8f:4b:ed:e1:
54:f5:08:16:dd:23:ae:69:1b:8d:ce:4e:e9:84:41:
83:17:39:2e:cb:1b:d6:53:78:a0:41:15:69:c4:9e:
5d:ea:de:a1:a3:ff:f5:31:77:a9:ce:d3:9f:b1:3f:
f5:f0:2d:23:22:a7:99:36:d0:e8:47:23:38:f7:84:
c3:5f:92:96:3b:af:b2:78:2c:07:a7:13:01:b0:6e:
50:15:ce:94:98:d4:4b:67:f7:77:66:e7:98:68:db:
27:3b:e8:d1:18:1c:c1:74:67:40:ad:bc:bc:36:63:
cc:f4:33:41:67:17:23:f7:e7:1b:a0:fa:5b:a9:28:
58:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:40:57:C3:E1:A0:EC:7E:AB:1B:D0:DB:C5:6C:DF:9E:F7:21:91:07
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v0BXw-Gg7H6rG9DbxWzfnvchkQc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:23:c8:45:66:5d:c3:49:e0:04:b9:f8:73:e7:32:c1:3e:f6:
91:1f:48:3f:c6:f7:d1:77:65:18:08:f1:e1:50:bc:53:75:37:
79:32:70:2c:0b:78:c3:84:e5:38:fe:71:50:e0:94:18:4a:be:
d4:aa:73:7c:8e:78:96:f0:83:db:e7:dc:06:36:a5:7b:57:55:
d5:e0:69:64:92:83:08:1a:2a:8c:9a:80:c4:ae:0d:86:7e:89:
14:05:3c:a3:a7:9f:48:79:58:ec:b4:ac:53:3c:d6:28:bc:a9:
ad:d6:a5:ce:3e:97:1d:59:48:16:5c:51:79:db:cc:f2:af:74:
d9:34:a6:ed:ea:3d:96:18:7e:f6:e5:90:92:96:cc:a3:ca:db:
51:61:dc:16:cd:45:e8:66:6b:df:6a:6c:fd:6f:fe:07:04:78:
89:c7:8d:f2:68:b8:db:ed:92:f1:6e:9c:03:aa:40:27:f0:ac:
16:82:aa:ea:a1:bc:f4:0b:6d:4a:98:7f:a4:e3:f9:d6:cb:b9:
38:a8:61:d6:ee:bd:76:11:76:3f:78:67:73:92:3c:96:c1:7a:
df:9b:7c:ed:e9:b7:63:63:a6:9c:8a:25:e7:56:bb:93:21:6b:
8e:5e:8c:29:c6:cc:31:3d:ab:f1:26:ce:ec:51:cd:51:12:8f:
0b:f1:73:8b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjgy
MjUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGNDA1N0MzRTFBMEVD
N0VBQjFCRDBEQkM1NkNERjlFRjcyMTkxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmTnVgM7nIXRPfgl9fbWjDekr7sktzyvo4ilin4Cj64Hyfq+qY
9k52mLZJDBhXZhYeo4iaRr1o2lM2NyZilFqQz2XpuSbqEUEIjf8/JpSPKh9EUB7m
PM8lJih5+Z+HpBOVWeZG2/OJfS46fJGiHsM2IS/Cw7GZ9dnjNGrI6Pimv3xBj0vt
4VT1CBbdI65pG43OTumEQYMXOS7LG9ZTeKBBFWnEnl3q3qGj//Uxd6nO05+xP/Xw
LSMip5k20OhHIzj3hMNfkpY7r7J4LAenEwGwblAVzpSY1Etn93dm55ho2yc76NEY
HMF0Z0CtvLw2Y8z0M0FnFyP35xug+lupKFjpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUv0BXw+Gg7H6rG9DbxWzfnvchkQcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3YwQlh3LUdnN0g2ckc5
RGJ4V3pmbnZjaGtRYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAqiPIRWZdw0ngBLn4c+cywT72kR9IP8b3
0XdlGAjx4VC8U3U3eTJwLAt4w4TlOP5xUOCUGEq+1KpzfI54lvCD2+fcBjale1dV
1eBpZJKDCBoqjJqAxK4Nhn6JFAU8o6efSHlY7LSsUzzWKLyprdalzj6XHVlIFlxR
edvM8q902TSm7eo9lhh+9uWQkpbMo8rbUWHcFs1F6GZr32ps/W/+BwR4iceN8mi4
2+2S8W6cA6pAJ/CsFoKq6qG89AttSph/pOP51su5OKhh1u69dhF2P3hnc5I8lsF6
35t87em3Y2OmnIol51a7kyFrjl6MKcbMMT2r8SbO7FHNURKPC/Fziw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 01:53:38 2024 by rpki-client on console-fra.rpki-client.org