Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/wTr3K3qnfyJE5-jeGxU7vQZeZbY.roa
File: wTr3K3qnfyJE5-jeGxU7vQZeZbY.roa (raw, json)
Hash identifier: qxkRl+/klKbHVaGMp7Jl/0IzkDGB4mODkDnQ7Desqtw=
Subject key identifier: C1:3A:F7:2B:7A:A7:7F:22:44:E7:E8:DE:1B:15:3B:BD:06:5E:65:B6
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1272
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wTr3K3qnfyJE5-jeGxU7vQZeZbY.roa
Signing time: Tue 09 Apr 2024 03:53:06 +0000
ROA not before: Tue 09 Apr 2024 03:53:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4722 (0x1272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 9 03:53:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C13AF72B7AA77F2244E7E8DE1B153BBD065E65B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3f:9c:a3:6d:52:c6:16:2c:cb:cb:96:ec:39:
57:6c:7d:ec:30:80:1d:37:60:c0:d9:ad:9b:df:12:
c5:49:57:dc:f8:9f:ee:2b:7b:7e:bf:20:e5:74:c9:
5a:ba:e6:37:43:0e:e5:f4:98:d4:9a:35:75:c8:02:
74:ad:fa:5e:06:17:c4:75:43:fe:4f:e0:cc:9f:ac:
3b:ad:c6:6f:ed:e0:78:3c:ad:a9:df:79:ca:98:99:
d1:03:0f:ee:3d:52:4e:96:b8:da:cd:b4:22:7a:fa:
85:17:91:1c:40:0c:85:61:8c:b6:43:44:bd:04:13:
57:d3:92:d6:02:a7:87:c1:5d:0c:75:80:20:7b:2d:
26:7c:4e:5c:0f:09:32:64:e7:ab:8a:c8:48:11:bb:
fb:d3:ed:04:67:10:d8:25:89:bd:32:78:b2:e2:b9:
a8:54:45:15:40:70:4f:16:30:60:88:3e:e9:a4:62:
3a:ea:55:fb:bb:34:f3:9b:3c:2d:c3:26:51:62:e1:
5b:2a:54:00:a5:79:a8:ed:54:e0:db:dd:46:22:59:
23:9f:f9:08:1b:de:1e:2a:ef:c5:db:63:f3:14:00:
62:db:2e:53:cb:e5:bf:ac:ca:52:f9:74:22:19:93:
11:ff:67:53:4a:59:5c:58:c0:22:86:56:07:11:24:
cc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3A:F7:2B:7A:A7:7F:22:44:E7:E8:DE:1B:15:3B:BD:06:5E:65:B6
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wTr3K3qnfyJE5-jeGxU7vQZeZbY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:fe:01:62:08:3b:26:ff:eb:5b:72:66:a2:f0:58:4c:e8:fe:
bc:12:67:ed:f6:a5:e2:b8:04:44:19:ba:e9:63:16:7d:5e:a9:
ed:e4:37:6f:00:8b:85:cd:be:6b:6f:5a:a1:e5:ac:21:9c:d8:
22:41:6a:0a:11:89:81:30:71:04:c6:75:21:cb:6d:fd:64:cf:
60:e5:30:79:6c:5b:de:4e:8e:1b:e0:18:49:27:b9:f6:03:71:
79:24:20:97:f2:91:e8:2a:56:8b:04:76:b1:a9:f7:bd:12:66:
9c:48:c2:18:5f:5b:1a:f8:56:89:8d:dc:6a:dd:82:90:49:85:
ad:a5:c1:f2:c8:f5:6a:09:b4:60:8f:87:b6:48:79:e6:7d:7e:
fc:1a:17:d7:d3:e8:32:73:72:17:04:8f:87:1b:bc:f9:03:0c:
41:1b:3f:1a:6e:e4:fb:10:0c:8f:04:45:4f:25:be:be:df:e8:
ff:23:de:f6:77:25:0b:2e:56:13:ae:10:84:c3:c9:4f:68:70:
df:6a:88:ad:cf:c5:bc:16:79:fb:76:74:f3:2b:e3:71:db:42:
d0:1c:15:f3:0d:d4:49:56:10:39:97:70:69:49:8d:2f:03:7f:
49:a5:af:e2:5c:86:2f:c9:c7:64:3f:82:9e:37:2d:06:aa:4e:
2e:2e:26:39
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDkw
MzUzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMxM0FGNzJCN0FBNzdG
MjI0NEU3RThERTFCMTUzQkJEMDY1RTY1QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2P5yjbVLGFizLy5bsOVdsfewwgB03YMDZrZvfEsVJV9z4n+4r
e36/IOV0yVq65jdDDuX0mNSaNXXIAnSt+l4GF8R1Q/5P4MyfrDutxm/t4Hg8ranf
ecqYmdEDD+49Uk6WuNrNtCJ6+oUXkRxADIVhjLZDRL0EE1fTktYCp4fBXQx1gCB7
LSZ8TlwPCTJk56uKyEgRu/vT7QRnENglib0yeLLiuahURRVAcE8WMGCIPumkYjrq
Vfu7NPObPC3DJlFi4VsqVACleajtVODb3UYiWSOf+Qgb3h4q78XbY/MUAGLbLlPL
5b+sylL5dCIZkxH/Z1NKWVxYwCKGVgcRJMyFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwTr3K3qnfyJE5+jeGxU7vQZeZbYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3dUcjNLM3FuZnlKRTUt
amVHeFU3dlFaZVpiWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAMP4BYgg7Jv/rW3JmovBYTOj+vBJn7fal
4rgERBm66WMWfV6p7eQ3bwCLhc2+a29aoeWsIZzYIkFqChGJgTBxBMZ1Ictt/WTP
YOUweWxb3k6OG+AYSSe59gNxeSQgl/KR6CpWiwR2san3vRJmnEjCGF9bGvhWiY3c
at2CkEmFraXB8sj1agm0YI+Htkh55n1+/BoX19PoMnNyFwSPhxu8+QMMQRs/Gm7k
+xAMjwRFTyW+vt/o/yPe9nclCy5WE64QhMPJT2hw32qIrc/FvBZ5+3Z08yvjcdtC
0BwV8w3USVYQOZdwaUmNLwN/SaWv4lyGL8nHZD+CnjctBqpOLi4mOQ==
-----END CERTIFICATE-----
Generated at Tue Apr 9 09:08:56 2024 by rpki-client on console-fra.rpki-client.org