Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/whMwb4Bg_c2DhwG0G_AhN-hYxys.roa
File: whMwb4Bg_c2DhwG0G_AhN-hYxys.roa (raw, json)
Hash identifier: 2NXUW1UKfbVgZaBkwMhC8jWA/38INoqo+/s3IbGYXwM=
Subject key identifier: C2:13:30:6F:80:60:FD:CD:83:87:01:B4:1B:F0:21:37:E8:58:C7:2B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 12A8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/whMwb4Bg_c2DhwG0G_AhN-hYxys.roa
Signing time: Tue 09 Apr 2024 17:23:08 +0000
ROA not before: Tue 09 Apr 2024 17:23:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4776 (0x12a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 9 17:23:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C213306F8060FDCD838701B41BF02137E858C72B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:33:59:e8:54:81:b0:28:8e:89:b5:7d:06:44:
57:74:5c:7a:5b:27:d6:d7:c8:e2:6f:9d:2a:92:fc:
13:8d:3b:7f:c6:a7:05:a1:8e:85:18:0b:10:f7:f6:
79:09:72:b9:5f:75:01:24:49:29:12:18:0f:09:e9:
ca:05:64:09:46:cd:59:c0:a0:c4:af:a0:54:e3:58:
4a:71:1b:e3:47:4d:91:c4:4c:d4:ef:40:c3:8f:80:
d8:e9:88:98:89:f6:e3:56:a3:66:0b:57:b0:ab:95:
51:8e:dd:d9:ea:09:7e:40:db:af:f8:1c:37:ff:00:
da:0d:50:fd:7b:79:8c:bd:2b:c4:28:32:7e:da:16:
6a:08:e0:28:a1:92:79:37:0c:9a:eb:82:89:04:b8:
bd:06:40:c3:88:1e:a3:fc:02:da:ac:3f:63:55:de:
44:fd:14:7b:89:f5:d7:17:89:ea:1e:5b:70:bc:79:
f2:7d:5a:68:2c:a2:06:ee:27:8c:9d:a1:d3:f4:1b:
c3:ca:ac:c5:6b:de:a4:8b:3a:e5:9b:1e:24:8d:0a:
dd:f0:90:9a:a8:a3:b5:bf:7c:4a:f2:69:b6:28:58:
17:79:69:82:ed:3d:cf:88:8d:db:ad:2c:7d:20:1d:
5c:90:1c:be:f9:cf:79:9b:fc:94:a2:04:20:7b:98:
ff:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:13:30:6F:80:60:FD:CD:83:87:01:B4:1B:F0:21:37:E8:58:C7:2B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/whMwb4Bg_c2DhwG0G_AhN-hYxys.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:96:9d:c4:e0:73:14:a0:bd:ed:69:be:51:88:74:c5:57:66:
70:77:a0:3b:f3:a6:e0:e7:6f:a4:0a:0f:90:d2:12:b4:84:76:
79:a7:a5:60:37:41:0a:28:53:c4:6f:f0:76:e7:89:07:ec:bf:
d5:d5:22:0f:b6:3f:f7:7a:33:49:02:65:8f:fa:f1:6b:54:f9:
da:bd:1e:aa:b7:1b:69:b8:a2:43:c6:f6:52:ea:76:a2:e1:63:
24:d6:fe:28:28:03:a7:f3:6d:db:a9:9b:1b:af:35:f6:ed:5e:
b6:20:9d:d7:40:6a:f2:f7:69:a6:fa:a1:6b:f5:40:55:3c:79:
97:f3:12:61:84:de:cd:e3:f8:38:1c:2e:58:ea:74:61:c8:a9:
e9:a8:e8:bf:1c:bc:12:a0:77:21:ba:53:53:fb:e7:1a:94:eb:
4d:f1:5c:f1:33:e2:a4:2d:3a:e0:da:53:c8:e8:eb:17:93:51:
3b:ea:57:77:c3:4b:86:df:d1:ab:b6:5f:9a:6b:c4:13:80:82:
c8:b5:c4:4b:9d:88:ed:0e:ca:86:44:f8:ca:1b:34:36:8a:09:
95:ed:6a:e7:32:43:26:44:ad:ca:f8:2d:b3:b6:2e:4c:9d:27:
f5:25:80:91:1d:1b:3c:a0:00:d1:c5:8d:d5:7e:38:3b:09:5b:
e8:55:60:37
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEqgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDkx
NzIzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyMTMzMDZGODA2MEZE
Q0Q4Mzg3MDFCNDFCRjAyMTM3RTg1OEM3MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqM1noVIGwKI6JtX0GRFd0XHpbJ9bXyOJvnSqS/BONO3/GpwWh
joUYCxD39nkJcrlfdQEkSSkSGA8J6coFZAlGzVnAoMSvoFTjWEpxG+NHTZHETNTv
QMOPgNjpiJiJ9uNWo2YLV7CrlVGO3dnqCX5A26/4HDf/ANoNUP17eYy9K8QoMn7a
FmoI4Cihknk3DJrrgokEuL0GQMOIHqP8AtqsP2NV3kT9FHuJ9dcXieoeW3C8efJ9
WmgsogbuJ4ydodP0G8PKrMVr3qSLOuWbHiSNCt3wkJqoo7W/fEryabYoWBd5aYLt
Pc+IjdutLH0gHVyQHL75z3mb/JSiBCB7mP8BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwhMwb4Bg/c2DhwG0G/AhN+hYxyswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3doTXdiNEJnX2MyRGh3
RzBHX0FoTi1oWXh5cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAgZadxOBzFKC97Wm+UYh0xVdmcHegO/Om
4OdvpAoPkNIStIR2eaelYDdBCihTxG/wdueJB+y/1dUiD7Y/93ozSQJlj/rxa1T5
2r0eqrcbabiiQ8b2Uup2ouFjJNb+KCgDp/Nt26mbG6819u1etiCd10Bq8vdppvqh
a/VAVTx5l/MSYYTezeP4OBwuWOp0Ycip6ajovxy8EqB3IbpTU/vnGpTrTfFc8TPi
pC064NpTyOjrF5NRO+pXd8NLht/Rq7ZfmmvEE4CCyLXES52I7Q7KhkT4yhs0NooJ
le1q5zJDJkStyvgts7YuTJ0n9SWAkR0bPKAA0cWN1X44Owlb6FVgNw==
-----END CERTIFICATE-----
Generated at Tue Apr 9 21:27:02 2024 by rpki-client on console-fra.rpki-client.org