Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/wFkm4yE2dWfJytLoDZC52HDrnKs.roa
File: wFkm4yE2dWfJytLoDZC52HDrnKs.roa (raw, json)
Hash identifier: MNT6bJ25x4qTZ0sFUjkmMzbsaEjbIVBFONPaZv+vvSk=
Subject key identifier: C0:59:26:E3:21:36:75:67:C9:CA:D2:E8:0D:90:B9:D8:70:EB:9C:AB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F02
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wFkm4yE2dWfJytLoDZC52HDrnKs.roa
Signing time: Sat 30 Mar 2024 23:52:31 +0000
ROA not before: Sat 30 Mar 2024 23:52:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3842 (0xf02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 23:52:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C05926E321367567C9CAD2E80D90B9D870EB9CAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e5:56:af:72:55:44:f3:e0:3c:e8:ff:fc:90:
ea:26:92:bd:84:c2:86:50:c3:35:9c:2c:d2:ef:35:
b4:dc:53:e0:ea:a0:14:66:fc:46:6c:11:97:f4:69:
41:4b:79:1b:54:5e:b2:d9:c0:4b:e4:fe:8f:6d:05:
98:29:66:50:fe:18:33:61:95:a3:d9:55:0e:96:e6:
91:d6:a8:52:6b:98:4b:7f:dd:0d:16:c4:1c:e8:bf:
d6:3e:66:b7:88:d5:9d:1f:35:03:11:33:b4:61:43:
bf:c3:52:95:96:79:4a:19:9c:43:0d:86:cd:51:fd:
8b:31:1c:43:7e:45:f4:6e:e1:57:87:22:6d:a1:0f:
67:3c:36:95:01:02:a0:c1:0b:e8:50:8d:bb:ce:8e:
61:94:05:dc:ea:08:e2:e5:ad:0a:04:29:99:c4:ad:
91:b2:2c:d0:5c:1d:99:a6:46:e0:59:33:e5:78:24:
4d:28:3b:b3:74:7a:ad:97:09:bc:c7:57:ab:9b:b5:
50:da:0c:37:be:e7:74:84:a1:92:24:22:7c:fa:3e:
55:cc:e4:d6:e3:85:cd:8c:23:28:bd:f4:f8:16:4f:
98:5f:2e:a1:ee:d1:c9:c1:6c:e0:4f:dc:2a:35:84:
ca:0b:81:87:a1:b5:79:ef:7c:f3:ba:62:14:ff:f0:
90:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:59:26:E3:21:36:75:67:C9:CA:D2:E8:0D:90:B9:D8:70:EB:9C:AB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wFkm4yE2dWfJytLoDZC52HDrnKs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cd:e0:35:4d:82:cc:b1:b2:69:76:7a:38:1b:f1:a1:68:d2:ab:
fb:f1:b3:2c:2f:ff:a9:df:a0:f7:75:2f:19:97:4d:fb:90:75:
c0:29:8a:dd:d7:3d:06:72:74:51:7a:79:c3:5b:6d:55:af:7e:
a8:c7:68:ef:85:4f:94:b2:89:e5:0e:df:02:d3:a8:6f:e5:52:
5f:4e:4f:be:cf:2e:a1:21:ff:a9:61:a4:1c:1e:d9:fe:ce:d1:
42:85:3f:9e:68:fb:b1:61:33:7d:47:a9:55:35:cf:8d:11:2e:
7d:98:78:d3:53:3c:d1:82:ad:0b:eb:31:61:92:19:b4:b0:cd:
6a:e6:b8:4a:cb:c2:56:2d:52:08:36:a1:c3:57:9d:b6:e8:61:
36:45:85:6c:c0:cc:cd:0d:c1:8b:c5:9e:35:b0:02:1e:20:21:
fc:d9:38:1f:38:42:3d:c4:f0:48:e5:a4:f4:76:af:01:2e:75:
68:d4:07:cd:ad:d7:b0:56:91:b9:75:c9:22:09:55:27:a6:f0:
4a:39:ab:77:fc:3c:b1:03:46:5d:6b:71:78:fb:c5:61:3b:de:
04:c2:e1:b0:cc:d6:94:44:95:d3:d8:97:54:b0:28:de:f9:75:
97:ad:1f:9b:3e:ea:9b:fc:ce:be:c7:a9:1c:fc:cb:29:aa:fa:
25:76:48:d6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAy
MzUyMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwNTkyNkUzMjEzNjc1
NjdDOUNBRDJFODBEOTBCOUQ4NzBFQjlDQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj5VavclVE8+A86P/8kOomkr2EwoZQwzWcLNLvNbTcU+DqoBRm
/EZsEZf0aUFLeRtUXrLZwEvk/o9tBZgpZlD+GDNhlaPZVQ6W5pHWqFJrmEt/3Q0W
xBzov9Y+ZreI1Z0fNQMRM7RhQ7/DUpWWeUoZnEMNhs1R/YsxHEN+RfRu4VeHIm2h
D2c8NpUBAqDBC+hQjbvOjmGUBdzqCOLlrQoEKZnErZGyLNBcHZmmRuBZM+V4JE0o
O7N0eq2XCbzHV6ubtVDaDDe+53SEoZIkInz6PlXM5Nbjhc2MIyi99PgWT5hfLqHu
0cnBbOBP3Co1hMoLgYehtXnvfPO6YhT/8JDBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwFkm4yE2dWfJytLoDZC52HDrnKswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3dGa200eUUyZFdmSnl0
TG9EWkM1MkhEcm5Lcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAzeA1TYLMsbJpdno4G/GhaNKr+/GzLC//
qd+g93UvGZdN+5B1wCmK3dc9BnJ0UXp5w1ttVa9+qMdo74VPlLKJ5Q7fAtOob+VS
X05Pvs8uoSH/qWGkHB7Z/s7RQoU/nmj7sWEzfUepVTXPjREufZh401M80YKtC+sx
YZIZtLDNaua4SsvCVi1SCDahw1edtuhhNkWFbMDMzQ3Bi8WeNbACHiAh/Nk4HzhC
PcTwSOWk9HavAS51aNQHza3XsFaRuXXJIglVJ6bwSjmrd/w8sQNGXWtxePvFYTve
BMLhsMzWlESV09iXVLAo3vl1l60fmz7qm/zOvsepHPzLKar6JXZI1g==
-----END CERTIFICATE-----
Generated at Sun Mar 31 01:04:07 2024 by rpki-client on console-fra.rpki-client.org