Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/v1zgRCKpqMbVbHtwcedGkmpRqLQ.roa
File: v1zgRCKpqMbVbHtwcedGkmpRqLQ.roa (raw, json)
Hash identifier: 5Tl9hYvgC/59Tdo1vLfiSJ3jeVWasw831wYO3xi7NvQ=
Subject key identifier: BF:5C:E0:44:22:A9:A8:C6:D5:6C:7B:70:71:E7:46:92:6A:51:A8:B4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1AB8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v1zgRCKpqMbVbHtwcedGkmpRqLQ.roa
Signing time: Wed 01 May 2024 05:24:04 +0000
ROA not before: Wed 01 May 2024 05:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6840 (0x1ab8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 05:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BF5CE04422A9A8C6D56C7B7071E746926A51A8B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5b:cb:2e:32:bd:52:88:98:95:4d:7a:d6:48:
86:c1:7f:12:87:fd:8c:8c:c1:27:88:22:39:14:8e:
fd:22:a7:ef:66:4b:21:30:2e:3a:25:64:b9:9b:32:
be:1d:21:3b:81:31:d6:05:db:0b:22:95:39:d8:a0:
02:29:5b:81:73:b2:23:06:70:db:9f:43:52:a4:6a:
6b:29:05:3f:e5:24:f1:2e:14:01:0e:25:3f:c8:f1:
d6:be:3e:e8:cd:a3:3d:40:67:b5:fb:20:1e:42:f2:
26:c5:f0:19:40:83:a6:27:69:db:cf:6d:bc:18:f3:
b7:ac:18:b8:3d:82:8d:80:88:2b:97:81:fb:56:02:
da:e0:e4:23:7b:8f:57:9f:5e:91:81:7e:41:ad:c9:
72:ae:dc:26:69:18:1c:5e:5b:8d:0e:2e:96:e0:a3:
04:14:15:8a:0c:d8:de:5a:a1:6b:bb:a5:c8:ed:f8:
05:bd:03:75:4c:23:bd:3b:56:1c:3f:b7:7f:66:f6:
68:35:2e:e2:61:a6:c4:f8:44:7c:61:eb:90:dc:f9:
a4:13:f9:15:00:8f:e8:25:d8:3e:fc:eb:cc:76:d3:
e6:f2:5a:3d:f4:93:50:86:7e:d1:2e:bf:ec:bd:0e:
d0:1b:c3:b7:ae:e1:91:6f:07:10:1c:5a:5f:da:b6:
79:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5C:E0:44:22:A9:A8:C6:D5:6C:7B:70:71:E7:46:92:6A:51:A8:B4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/v1zgRCKpqMbVbHtwcedGkmpRqLQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:b1:1b:60:c7:d0:73:73:2c:58:c1:b3:49:63:7e:6c:69:e4:
72:85:51:f9:83:ef:c1:9a:d4:77:9d:c0:a9:03:16:dd:7a:cb:
33:29:83:67:53:03:82:ee:0b:8d:3a:57:50:01:10:06:fe:9f:
16:1d:b8:36:7e:83:da:b5:dc:61:41:ca:97:6f:7f:6b:3d:7a:
57:55:28:1d:b8:de:a3:9f:7c:09:71:58:a1:92:63:c3:88:5e:
84:b3:ff:7c:5a:1d:9a:fe:9a:44:84:f5:67:d4:f7:e9:e5:7d:
83:94:71:38:25:b8:10:e3:55:9e:c6:12:9c:c8:f0:2e:1a:7a:
a0:a7:f3:08:47:c3:28:d2:ae:dc:c0:0a:a1:9f:41:ca:e8:37:
33:22:87:12:3d:b0:d5:37:d4:1b:53:f3:cc:67:e0:14:af:c9:
b1:ca:61:55:93:1d:38:df:98:a3:7a:4b:4e:d3:38:7c:97:7a:
43:48:6b:7f:5e:df:47:55:3b:98:f2:0a:f6:c1:48:c1:8c:c8:
33:83:ef:78:7b:8d:66:14:da:ec:9d:d5:b6:1e:b0:84:ae:b7:
b8:ec:9e:e2:cb:e6:65:ad:1d:0a:fe:7e:24:01:de:31:90:a2:
7e:40:92:8b:be:af:fd:0d:d0:37:73:47:55:8b:45:c9:91:3f:
fb:8b:47:be
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGrgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEw
NTI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGNUNFMDQ0MjJBOUE4
QzZENTZDN0I3MDcxRTc0NjkyNkE1MUE4QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRW8suMr1SiJiVTXrWSIbBfxKH/YyMwSeIIjkUjv0ip+9mSyEw
LjolZLmbMr4dITuBMdYF2wsilTnYoAIpW4FzsiMGcNufQ1KkamspBT/lJPEuFAEO
JT/I8da+PujNoz1AZ7X7IB5C8ibF8BlAg6YnadvPbbwY87esGLg9go2AiCuXgftW
Atrg5CN7j1efXpGBfkGtyXKu3CZpGBxeW40OLpbgowQUFYoM2N5aoWu7pcjt+AW9
A3VMI707Vhw/t39m9mg1LuJhpsT4RHxh65Dc+aQT+RUAj+gl2D7868x20+byWj30
k1CGftEuv+y9DtAbw7eu4ZFvBxAcWl/atnn7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUv1zgRCKpqMbVbHtwcedGkmpRqLQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3YxemdSQ0twcU1iVmJI
dHdjZWRHa21wUnFMUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEACLEbYMfQc3MsWMGzSWN+bGnkcoVR+YPv
wZrUd53AqQMW3XrLMymDZ1MDgu4LjTpXUAEQBv6fFh24Nn6D2rXcYUHKl29/az16
V1UoHbjeo598CXFYoZJjw4hehLP/fFodmv6aRIT1Z9T36eV9g5RxOCW4EONVnsYS
nMjwLhp6oKfzCEfDKNKu3MAKoZ9Byug3MyKHEj2w1TfUG1PzzGfgFK/JscphVZMd
ON+Yo3pLTtM4fJd6Q0hrf17fR1U7mPIK9sFIwYzIM4PveHuNZhTa7J3Vth6whK63
uOye4svmZa0dCv5+JAHeMZCifkCSi76v/Q3QN3NHVYtFyZE/+4tHvg==
-----END CERTIFICATE-----
Generated at Wed May 1 07:17:35 2024 by rpki-client on console-fra.rpki-client.org