Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/-7xKYMrfndPXMQGiOJjpyuMdNpI.roa
File: -7xKYMrfndPXMQGiOJjpyuMdNpI.roa (raw, json)
Hash identifier: /ogzaP2ZC/rDWIj6v5IGZt63joE8WI3K6qV5jQFSbTo=
Subject key identifier: FB:BC:4A:60:CA:DF:9D:D3:D7:31:01:A2:38:98:E9:CA:E3:1D:36:92
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1178
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-7xKYMrfndPXMQGiOJjpyuMdNpI.roa
Signing time: Sat 06 Apr 2024 13:22:50 +0000
ROA not before: Sat 06 Apr 2024 13:22:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4472 (0x1178)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 13:22:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FBBC4A60CADF9DD3D73101A23898E9CAE31D3692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:10:59:10:59:36:1a:a8:2f:42:02:f8:78:69:
88:35:a5:48:d2:a1:99:f9:88:83:4c:53:62:2a:6d:
8a:1a:dc:ef:d0:7a:5c:07:e9:2d:80:42:d4:2b:1e:
12:6b:2a:3d:b0:df:14:24:04:5c:16:6f:9a:56:ae:
5c:04:6c:9e:0f:9a:2a:47:2e:05:35:8d:c0:82:17:
ca:a9:d2:26:c9:eb:b4:ab:37:e2:ff:c3:23:c2:cf:
c4:22:27:d5:a0:46:4c:57:9a:5a:ee:43:b6:48:8a:
e3:b3:11:09:f5:bf:74:98:b2:87:f4:f6:81:82:45:
bb:c4:eb:4c:9b:9c:d0:51:6b:0c:48:69:f5:c1:0a:
7b:31:8c:45:a9:4d:71:25:3a:c6:57:75:82:f9:75:
a0:df:c1:0d:55:eb:23:46:4d:00:1f:ca:57:2e:47:
0b:76:8f:b5:a2:7b:03:91:76:57:97:72:7a:eb:7b:
1b:a3:d1:8a:fd:3f:60:b1:65:6a:50:9e:1e:bc:3c:
e8:fa:e9:27:ed:71:5b:83:1c:8e:73:92:dd:b0:93:
e7:31:ec:cd:63:be:30:99:b9:77:ba:2c:d2:f5:33:
a0:99:dc:90:b8:b4:27:58:4f:2a:80:57:34:a0:79:
75:91:19:6f:6c:b5:1e:c3:99:59:a6:29:09:4f:dd:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BC:4A:60:CA:DF:9D:D3:D7:31:01:A2:38:98:E9:CA:E3:1D:36:92
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-7xKYMrfndPXMQGiOJjpyuMdNpI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:5f:30:63:f0:79:f6:66:10:7e:12:92:94:de:93:b5:6d:5a:
1c:aa:4d:44:60:32:fc:7f:c0:6a:af:62:c4:2a:11:f1:78:f9:
fe:1e:7a:f8:f7:e3:c6:6c:97:ea:fb:f3:51:33:90:aa:0d:76:
20:78:65:4d:27:32:f5:49:d1:da:0d:9d:86:e8:0d:b5:ee:38:
59:bd:a5:ab:e9:ab:98:7b:8b:3c:24:7c:6f:c5:23:bf:8f:73:
9b:b9:87:ea:fc:6f:01:44:a2:dd:88:7a:a5:7c:8d:b1:46:16:
69:9f:f7:13:6a:f2:ac:68:8a:ff:4c:e7:93:dc:1d:3f:23:02:
a3:c3:ec:c1:6e:14:ed:26:c1:f5:a5:7c:8f:11:78:e2:f3:83:
e7:e7:4f:74:75:be:44:a6:ae:fc:4c:85:b3:c0:5b:fd:c5:aa:
7c:83:88:91:c9:7e:a2:fa:2d:16:6f:57:d1:50:40:c6:cf:14:
b6:93:ed:81:cd:c1:a6:99:88:2f:1b:f6:13:f2:84:1d:32:14:
45:82:1a:8d:82:e9:e8:4e:16:41:90:c1:5f:ac:ba:52:3c:db:
a5:15:0b:03:a8:f4:88:d1:e5:c0:15:93:d9:c1:63:f2:97:5b:
2d:48:59:48:f6:5d:7e:61:9b:4c:43:36:d9:b1:d9:ef:42:6a:
c8:7f:06:db
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYx
MzIyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCQkM0QTYwQ0FERjlE
RDNENzMxMDFBMjM4OThFOUNBRTMxRDM2OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFEFkQWTYaqC9CAvh4aYg1pUjSoZn5iINMU2IqbYoa3O/QelwH
6S2AQtQrHhJrKj2w3xQkBFwWb5pWrlwEbJ4PmipHLgU1jcCCF8qp0ibJ67SrN+L/
wyPCz8QiJ9WgRkxXmlruQ7ZIiuOzEQn1v3SYsof09oGCRbvE60ybnNBRawxIafXB
CnsxjEWpTXElOsZXdYL5daDfwQ1V6yNGTQAfylcuRwt2j7WiewORdleXcnrrexuj
0Yr9P2CxZWpQnh68POj66SftcVuDHI5zkt2wk+cx7M1jvjCZuXe6LNL1M6CZ3JC4
tCdYTyqAVzSgeXWRGW9stR7DmVmmKQlP3VilAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+7xKYMrfndPXMQGiOJjpyuMdNpIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLy03eEtZTXJmbmRQWE1R
R2lPSmpweXVNZE5wSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAnl8wY/B59mYQfhKSlN6TtW1aHKpNRGAy
/H/Aaq9ixCoR8Xj5/h56+PfjxmyX6vvzUTOQqg12IHhlTScy9UnR2g2dhugNte44
Wb2lq+mrmHuLPCR8b8Ujv49zm7mH6vxvAUSi3Yh6pXyNsUYWaZ/3E2ryrGiK/0zn
k9wdPyMCo8PswW4U7SbB9aV8jxF44vOD5+dPdHW+RKau/EyFs8Bb/cWqfIOIkcl+
ovotFm9X0VBAxs8UtpPtgc3BppmILxv2E/KEHTIURYIajYLp6E4WQZDBX6y6Ujzb
pRULA6j0iNHlwBWT2cFj8pdbLUhZSPZdfmGbTEM22bHZ70JqyH8G2w==
-----END CERTIFICATE-----
Generated at Sat Apr 6 20:08:04 2024 by rpki-client on console.sobornost.net