Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/wYkMswpVSAW2s2uZJztwnDPImTE.roa
File: wYkMswpVSAW2s2uZJztwnDPImTE.roa (raw, json)
Hash identifier: 99rzpm5GUgOVTR/nWLKhvL+PlyS71mOmxInrWb5ffbk=
Subject key identifier: C1:89:0C:B3:0A:55:48:05:B6:B3:6B:99:27:3B:70:9C:33:C8:99:31
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D46
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wYkMswpVSAW2s2uZJztwnDPImTE.roa
Signing time: Wed 08 May 2024 00:54:21 +0000
ROA not before: Wed 08 May 2024 00:54:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7494 (0x1d46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 8 00:54:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C1890CB30A554805B6B36B99273B709C33C89931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:55:dc:46:24:49:be:4c:15:d0:46:e8:f5:b6:
ec:40:f4:88:23:e8:ee:34:be:0a:bb:2c:ec:87:3d:
1a:f1:c7:73:bd:55:f6:fb:42:2c:23:19:54:82:e4:
d1:10:77:ae:37:a0:51:22:f3:31:b9:ed:1b:53:cf:
e0:05:77:04:93:ce:06:43:28:7a:ed:62:90:1a:2d:
28:d0:67:9f:fb:88:5a:70:06:f0:01:be:20:89:76:
34:51:3b:11:2a:12:5f:b7:93:96:6a:ec:95:08:ea:
b7:e9:4d:a5:9b:b0:51:aa:17:16:dc:8b:cd:e2:93:
e2:23:22:33:58:b8:e6:ba:4e:83:da:a3:2e:62:c9:
a8:3b:85:07:6e:6f:b4:41:3a:2e:29:6f:2e:0e:90:
07:5f:fc:cf:a8:bf:48:54:0e:ee:43:ae:52:a5:5a:
07:8c:5c:e0:27:0b:f7:aa:74:ad:06:76:37:27:05:
47:d4:0d:2d:31:54:61:86:44:01:25:5d:97:f1:cf:
8d:70:bc:40:42:c7:c4:34:4d:40:b6:55:e5:43:f9:
10:fe:1c:2e:9b:db:76:05:ed:f0:94:9b:e6:72:b3:
ea:ef:49:52:fb:56:9e:66:45:2a:91:70:be:97:2d:
42:7c:59:39:64:da:99:ce:9e:e1:27:24:ed:44:7d:
85:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:89:0C:B3:0A:55:48:05:B6:B3:6B:99:27:3B:70:9C:33:C8:99:31
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wYkMswpVSAW2s2uZJztwnDPImTE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:b1:ef:15:fb:c9:bf:74:fa:9a:e1:53:27:ce:2e:47:ad:7e:
4d:ac:fe:0f:53:27:94:dd:7b:b4:7a:58:98:0d:23:c8:71:b5:
82:c1:9c:47:27:7a:e9:4d:37:f1:76:87:a3:01:ea:b8:2b:b9:
f3:32:5a:80:4d:e9:a2:0c:de:26:f9:cb:38:1b:cd:55:b9:a2:
0a:e2:e1:97:70:50:3e:62:48:0f:bd:21:08:0d:87:87:63:6c:
53:d6:fe:f1:a1:ba:f6:21:52:6e:ee:4b:a9:39:06:65:67:4c:
99:1f:6d:d2:eb:a2:c3:f6:ed:5b:97:84:ad:b0:88:e0:30:c2:
3d:59:8f:13:34:a7:c2:b0:9c:a3:d4:bf:e5:f8:a8:ee:50:ee:
e7:b2:f2:dd:e5:7d:84:38:e6:94:07:77:f7:4b:32:c5:2d:e6:
2f:12:17:eb:05:92:3e:07:a8:55:35:08:8c:f3:43:20:76:6d:
19:14:e1:5a:af:e4:d9:01:8f:2f:01:d4:e1:e6:fb:a1:b0:79:
54:8f:f1:8f:78:51:1d:11:1e:bf:dd:0e:fa:fb:09:30:d4:70:
c2:a3:14:dc:e2:95:b5:4d:59:79:57:2f:51:3e:56:df:8b:59:
c4:9a:0a:d1:70:34:d8:75:21:08:5e:5a:5b:72:a1:71:bf:1b:
0a:b8:22:f7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHUYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDgw
MDU0MjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMxODkwQ0IzMEE1NTQ4
MDVCNkIzNkI5OTI3M0I3MDlDMzNDODk5MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjVdxGJEm+TBXQRuj1tuxA9Igj6O40vgq7LOyHPRrxx3O9Vfb7
QiwjGVSC5NEQd643oFEi8zG57RtTz+AFdwSTzgZDKHrtYpAaLSjQZ5/7iFpwBvAB
viCJdjRROxEqEl+3k5Zq7JUI6rfpTaWbsFGqFxbci83ik+IjIjNYuOa6ToPaoy5i
yag7hQdub7RBOi4pby4OkAdf/M+ov0hUDu5DrlKlWgeMXOAnC/eqdK0GdjcnBUfU
DS0xVGGGRAElXZfxz41wvEBCx8Q0TUC2VeVD+RD+HC6b23YF7fCUm+Zys+rvSVL7
Vp5mRSqRcL6XLUJ8WTlk2pnOnuEnJO1EfYUDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwYkMswpVSAW2s2uZJztwnDPImTEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3dZa01zd3BWU0FXMnMy
dVpKenR3bkRQSW1URS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAX7HvFfvJv3T6muFTJ84uR61+Taz+D1Mn
lN17tHpYmA0jyHG1gsGcRyd66U038XaHowHquCu58zJagE3pogzeJvnLOBvNVbmi
CuLhl3BQPmJID70hCA2Hh2NsU9b+8aG69iFSbu5LqTkGZWdMmR9t0uuiw/btW5eE
rbCI4DDCPVmPEzSnwrCco9S/5fio7lDu57Ly3eV9hDjmlAd390syxS3mLxIX6wWS
PgeoVTUIjPNDIHZtGRThWq/k2QGPLwHU4eb7obB5VI/xj3hRHREev90O+vsJMNRw
wqMU3OKVtU1ZeVcvUT5W34tZxJoK0XA02HUhCF5aW3Khcb8bCrgi9w==
-----END CERTIFICATE-----
Generated at Wed May 8 05:13:25 2024 by rpki-client on console-fra.rpki-client.org