Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/wxLfreDHe399z3r8QapY_xqAloo.roa
File: wxLfreDHe399z3r8QapY_xqAloo.roa (raw, json)
Hash identifier: bRZPYH8mp9pecrim2vZtWqQOhF2Kb43F3mO5lkMIa6M=
Subject key identifier: C3:12:DF:AD:E0:C7:7B:7F:7D:CF:7A:FC:41:AA:58:FF:1A:80:96:8A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A4E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wxLfreDHe399z3r8QapY_xqAloo.roa
Signing time: Tue 30 Apr 2024 02:53:56 +0000
ROA not before: Tue 30 Apr 2024 02:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6734 (0x1a4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 02:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C312DFADE0C77B7F7DCF7AFC41AA58FF1A80968A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0e:5a:9b:29:31:11:2e:0d:46:39:b9:a1:9e:
8c:fe:f7:f0:30:bd:b8:af:a2:25:f2:39:24:6e:46:
d1:ed:55:16:cc:86:e0:96:d4:a5:29:c4:42:4d:1c:
71:a1:12:5d:79:7e:dd:de:d6:49:5f:0f:80:7e:e7:
e6:f1:45:93:45:bd:42:e1:5c:29:d5:60:a8:1b:2d:
7c:ef:9c:14:21:56:d1:f2:ab:69:f4:3b:c0:4a:8c:
1d:4e:01:f2:a2:ad:9f:7d:66:8b:80:a1:27:59:24:
6b:54:d1:2c:92:a5:8c:ee:5f:cb:1e:dd:ab:94:98:
28:da:4c:d4:aa:84:b2:6d:5c:86:5e:c3:3d:e0:28:
26:77:9b:5e:4b:2a:f5:8f:9b:f1:b3:94:bf:c5:f3:
66:b7:ca:42:c0:f3:1e:2c:9b:65:2e:51:a7:7c:fb:
d1:b6:8f:de:b4:e2:0b:82:2d:c3:e3:59:45:a0:6b:
3d:33:8a:16:66:40:f6:15:cc:07:c6:71:e1:3b:35:
11:7d:c0:26:e1:5b:9d:08:ac:f5:c6:7f:db:64:8a:
10:3e:a3:11:d3:cc:bb:88:e3:61:1b:6c:34:b3:24:
6e:03:df:95:7c:59:2f:87:46:c3:1a:18:2c:4f:11:
91:01:15:6c:23:b1:e5:aa:f5:3b:77:b1:59:59:36:
e2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:12:DF:AD:E0:C7:7B:7F:7D:CF:7A:FC:41:AA:58:FF:1A:80:96:8A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wxLfreDHe399z3r8QapY_xqAloo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:3f:6e:61:ef:0c:af:9e:71:a2:ca:14:73:48:ee:56:9d:3c:
d6:3d:da:48:49:83:d8:0c:9a:13:29:11:6d:8e:df:81:fd:97:
ef:bb:7c:8d:a4:29:43:34:4a:46:d8:dc:bd:67:a5:2c:23:3a:
64:9a:c7:9f:b0:8d:fd:34:a2:64:05:60:dd:21:17:70:91:4d:
00:a6:6b:d2:d1:7c:b4:9f:c4:f7:17:2f:e4:69:fb:ec:85:a7:
38:91:ab:45:54:fa:c6:13:d8:54:0f:01:a3:db:e2:72:ff:a9:
2d:47:76:bf:97:bd:63:98:31:65:70:35:82:f1:83:ea:5d:ae:
10:e2:47:f8:d4:61:87:ca:5f:b8:07:0c:11:8c:e8:25:16:19:
49:45:30:0c:1d:bc:28:b3:ce:25:c2:b4:52:ca:42:3e:92:c1:
4f:5c:14:e1:b1:5a:d6:df:15:cf:8e:e3:a8:f2:43:2a:d7:cf:
e1:0c:9d:14:bd:e8:03:58:cf:14:1a:7d:c1:d3:12:35:cb:9b:
be:04:99:cc:c8:d2:2e:96:f9:e8:4f:c0:3d:da:e3:46:b1:c5:
b2:c0:fe:6a:24:94:a8:31:2a:19:7d:65:c5:b9:b4:07:17:68:
2e:92:58:97:81:f1:3b:95:a4:25:7f:fe:14:85:06:99:ad:c8:
40:46:1e:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAw
MjUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMzMTJERkFERTBDNzdC
N0Y3RENGN0FGQzQxQUE1OEZGMUE4MDk2OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+DlqbKTERLg1GObmhnoz+9/AwvbivoiXyOSRuRtHtVRbMhuCW
1KUpxEJNHHGhEl15ft3e1klfD4B+5+bxRZNFvULhXCnVYKgbLXzvnBQhVtHyq2n0
O8BKjB1OAfKirZ99ZouAoSdZJGtU0SySpYzuX8se3auUmCjaTNSqhLJtXIZewz3g
KCZ3m15LKvWPm/GzlL/F82a3ykLA8x4sm2UuUad8+9G2j9604guCLcPjWUWgaz0z
ihZmQPYVzAfGceE7NRF9wCbhW50IrPXGf9tkihA+oxHTzLuI42EbbDSzJG4D35V8
WS+HRsMaGCxPEZEBFWwjseWq9Tt3sVlZNuLnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwxLfreDHe399z3r8QapY/xqAloowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3d4TGZyZURIZTM5OXoz
cjhRYXBZX3hxQWxvby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAlD9uYe8Mr55xosoUc0juVp081j3aSEmD
2AyaEykRbY7fgf2X77t8jaQpQzRKRtjcvWelLCM6ZJrHn7CN/TSiZAVg3SEXcJFN
AKZr0tF8tJ/E9xcv5Gn77IWnOJGrRVT6xhPYVA8Bo9vicv+pLUd2v5e9Y5gxZXA1
gvGD6l2uEOJH+NRhh8pfuAcMEYzoJRYZSUUwDB28KLPOJcK0UspCPpLBT1wU4bFa
1t8Vz47jqPJDKtfP4QydFL3oA1jPFBp9wdMSNcubvgSZzMjSLpb56E/APdrjRrHF
ssD+aiSUqDEqGX1lxbm0BxdoLpJYl4HxO5WkJX/+FIUGma3IQEYe7A==
-----END CERTIFICATE-----
Generated at Tue Apr 30 04:20:26 2024 by rpki-client on console-fra.rpki-client.org