Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/-Gx8N3yuvisgSdmvTnqaFGH2q9g.roa
File: -Gx8N3yuvisgSdmvTnqaFGH2q9g.roa (raw, json)
Hash identifier: d6u8Yf3w6PlfCxGfKr5N+Dy+wIc5VZODsNa4K2eFedU=
Subject key identifier: F8:6C:7C:37:7C:AE:BE:2B:20:49:D9:AF:4E:7A:9A:14:61:F6:AB:D8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0DAC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-Gx8N3yuvisgSdmvTnqaFGH2q9g.roa
Signing time: Wed 27 Mar 2024 10:23:02 +0000
ROA not before: Wed 27 Mar 2024 10:23:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3500 (0xdac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 27 10:23:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F86C7C377CAEBE2B2049D9AF4E7A9A1461F6ABD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:9e:19:5d:92:e2:47:89:ba:15:1a:0b:52:
c0:48:29:b0:cc:ea:38:c2:1f:f4:9d:5f:36:dc:1a:
b3:d9:50:28:cf:63:ca:a7:7e:c9:20:e2:cd:da:9c:
7e:19:2a:bb:60:c7:3f:88:00:f3:32:1b:b4:68:98:
3d:ff:a1:b3:67:db:8c:eb:e2:c7:13:d3:a6:8c:e5:
e6:f9:92:68:37:90:d5:0b:64:12:78:bc:76:13:59:
d5:84:e9:63:c0:c7:af:85:81:22:d2:5c:ae:11:0e:
b3:9e:56:a8:79:7f:1e:26:f9:d8:6c:cc:36:6e:d0:
83:0a:40:c1:8e:d0:0f:9f:67:0b:9e:ae:f4:26:c0:
c4:4c:97:7e:a1:1d:f9:d0:29:75:51:39:d1:e5:fc:
ab:7c:27:6e:ae:0c:a6:ea:d1:2f:ba:9d:02:7a:9c:
ab:56:52:83:a2:b1:d4:67:9e:aa:30:b6:ef:c7:f0:
92:fe:2e:fa:21:ee:c9:30:37:e4:95:38:dc:71:89:
69:3d:22:51:68:68:81:95:70:7f:c3:99:16:10:3a:
e0:d2:22:db:90:5c:1f:d6:42:6d:2a:5a:ff:7b:06:
c4:f7:93:a2:93:b3:f4:3e:af:be:85:14:d4:c9:f9:
8e:63:82:7c:77:e9:13:42:96:26:f9:af:29:59:34:
cc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:6C:7C:37:7C:AE:BE:2B:20:49:D9:AF:4E:7A:9A:14:61:F6:AB:D8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-Gx8N3yuvisgSdmvTnqaFGH2q9g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:85:92:88:aa:d9:c0:bd:e6:fd:66:14:29:c4:91:ab:ee:6a:
91:5c:ae:d9:5f:76:0f:56:40:d3:64:1c:7a:d3:8c:63:a1:3a:
11:fa:31:13:ed:8b:1b:94:3d:f6:df:8a:12:05:06:14:dc:a1:
af:0a:30:da:6b:0f:5e:42:97:8f:92:7d:c8:ee:fc:4b:01:1c:
f9:bf:e9:23:f7:ce:2b:27:06:c8:49:c0:7a:ed:bc:d4:3a:12:
3a:74:00:7a:21:18:b1:80:bb:5b:40:cb:6c:50:5b:d6:c3:8f:
93:53:90:e0:f4:a1:5a:69:6c:19:f6:16:33:1e:b0:98:b6:cf:
ac:41:6c:03:81:c5:78:7b:c9:d9:71:a0:62:ae:cb:71:19:d0:
5c:ae:19:e0:3f:a6:81:b5:29:bb:e2:ea:00:fb:df:30:ec:57:
cb:73:c9:d1:d1:60:45:ad:24:39:dc:f5:69:fd:f5:91:2f:8a:
e9:e4:9b:ce:88:5a:48:c1:92:b4:cf:66:1a:b1:dd:6c:f5:a3:
6d:eb:83:e8:3e:5b:d3:4f:04:26:d2:b7:b2:04:15:d2:7a:bd:
7b:2c:52:9e:3d:d0:d9:07:29:6c:9f:9c:15:93:5f:ae:8d:9c:
38:30:28:b1:d7:15:5c:99:6c:72:d4:1b:e0:1a:56:5d:81:b7:
ff:a9:78:52
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDawwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjcx
MDIzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4NkM3QzM3N0NBRUJF
MkIyMDQ5RDlBRjRFN0E5QTE0NjFGNkFCRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC66p4ZXZLiR4m6FRoLUsBIKbDM6jjCH/SdXzbcGrPZUCjPY8qn
fskg4s3anH4ZKrtgxz+IAPMyG7RomD3/obNn24zr4scT06aM5eb5kmg3kNULZBJ4
vHYTWdWE6WPAx6+FgSLSXK4RDrOeVqh5fx4m+dhszDZu0IMKQMGO0A+fZwuervQm
wMRMl36hHfnQKXVROdHl/Kt8J26uDKbq0S+6nQJ6nKtWUoOisdRnnqowtu/H8JL+
Lvoh7skwN+SVONxxiWk9IlFoaIGVcH/DmRYQOuDSItuQXB/WQm0qWv97BsT3k6KT
s/Q+r76FFNTJ+Y5jgnx36RNClib5rylZNMxzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+Gx8N3yuvisgSdmvTnqaFGH2q9gwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLy1HeDhOM3l1dmlzZ1Nk
bXZUbnFhRkdIMnE5Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAnIWSiKrZwL3m/WYUKcSRq+5qkVyu2V92
D1ZA02QcetOMY6E6EfoxE+2LG5Q99t+KEgUGFNyhrwow2msPXkKXj5J9yO78SwEc
+b/pI/fOKycGyEnAeu281DoSOnQAeiEYsYC7W0DLbFBb1sOPk1OQ4PShWmlsGfYW
Mx6wmLbPrEFsA4HFeHvJ2XGgYq7LcRnQXK4Z4D+mgbUpu+LqAPvfMOxXy3PJ0dFg
Ra0kOdz1af31kS+K6eSbzohaSMGStM9mGrHdbPWjbeuD6D5b008EJtK3sgQV0nq9
eyxSnj3Q2QcpbJ+cFZNfro2cODAosdcVXJlsctQb4BpWXYG3/6l4Ug==
-----END CERTIFICATE-----
Generated at Wed Mar 27 16:40:20 2024 by rpki-client on console.sobornost.net