Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/1mbvodEJq9v3CWPkOKAz9bPk83Q.roa
File: 1mbvodEJq9v3CWPkOKAz9bPk83Q.roa (raw, json)
Hash identifier: ooW5h8E1k7kdjWfbyJjAirZ38lIpA8yItolFlN6nIww=
Subject key identifier: D6:66:EF:A1:D1:09:AB:DB:F7:09:63:E4:38:A0:33:F5:B3:E4:F3:74
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11DC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1mbvodEJq9v3CWPkOKAz9bPk83Q.roa
Signing time: Sun 07 Apr 2024 14:23:49 +0000
ROA not before: Sun 07 Apr 2024 14:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4572 (0x11dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 14:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D666EFA1D109ABDBF70963E438A033F5B3E4F374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bb:38:39:c8:03:43:e9:7f:a1:7c:e1:73:b0:
96:b4:5a:e0:1e:a2:dc:01:ac:2b:77:80:58:b5:53:
fc:7e:94:51:fb:94:09:7a:05:12:a2:88:94:6d:6b:
b3:1a:eb:5c:d8:31:b9:f9:aa:21:2f:11:2c:d2:92:
fc:d2:5f:c9:c8:2f:bc:fe:5a:71:7f:ad:85:d1:50:
6c:96:11:49:31:6d:b6:d4:95:58:26:6a:c7:b5:32:
72:cc:44:30:ca:32:c2:95:e7:d2:83:d3:c0:25:b4:
96:df:0b:3d:b3:f7:6b:92:39:11:58:e3:e0:9c:a2:
63:02:e3:76:6a:ae:6e:1a:48:70:fe:38:b5:7b:36:
f9:11:9f:1e:8d:77:37:a4:35:80:98:a5:7b:41:2c:
6f:7d:45:da:6d:ba:1c:32:b6:f1:1c:62:e3:0a:9d:
ee:a8:6f:82:48:c7:c7:32:ff:31:00:66:74:2c:b8:
07:a9:9f:8a:7d:82:d3:a5:3f:c5:8b:ab:8c:95:ab:
42:f7:fa:3b:28:bd:17:72:41:29:19:04:6c:1c:db:
69:5e:76:6b:1d:39:20:9b:09:d2:08:a2:75:ee:49:
24:43:83:2a:dd:ad:06:25:cd:55:55:97:c1:b5:43:
22:7b:0b:c2:86:4e:46:b0:db:12:5e:dc:a5:dd:c8:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:66:EF:A1:D1:09:AB:DB:F7:09:63:E4:38:A0:33:F5:B3:E4:F3:74
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1mbvodEJq9v3CWPkOKAz9bPk83Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:64:ba:0b:6b:93:9d:79:a6:64:38:41:d4:61:a2:0e:d6:e0:
8e:77:27:22:93:e6:76:8c:09:a4:53:c3:c1:0b:dd:85:6a:2f:
ec:5d:34:b6:b2:f7:3a:3b:b4:84:57:b3:ed:74:94:34:8d:3f:
79:71:47:bf:81:14:fc:04:c1:83:1f:7b:fe:c7:d3:4d:0e:5e:
74:5d:65:52:bc:16:89:31:a6:b2:a5:af:66:46:30:82:23:68:
f9:62:13:da:b7:02:88:b9:c8:b3:0d:aa:25:c7:b5:fb:b6:ed:
85:98:9d:1a:e6:b3:10:40:80:42:da:9c:53:ef:05:0f:8c:4e:
86:06:4d:ab:2b:ea:9d:95:f0:d3:50:6e:29:50:0e:1e:e7:6f:
a1:37:82:16:c3:2f:53:3a:f0:e7:a3:5a:33:80:a4:bb:48:06:
5c:67:91:21:9d:5b:7a:4d:c9:10:d5:65:24:f7:6c:6b:b7:d2:
ba:8b:76:57:45:cd:1c:e4:5a:88:84:55:19:04:2d:56:e5:69:
52:90:08:1d:a0:e4:04:7a:13:7b:d1:5f:2c:8a:c9:97:ca:ef:
c6:82:39:05:84:27:bd:69:ac:b2:fa:bc:ec:20:1f:ba:1b:d2:
34:33:f4:e7:3b:44:83:1f:6c:c1:69:04:d4:dc:02:4b:5c:da:
62:9c:e9:10
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEdwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcx
NDIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2NjZFRkExRDEwOUFC
REJGNzA5NjNFNDM4QTAzM0Y1QjNFNEYzNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2uzg5yAND6X+hfOFzsJa0WuAeotwBrCt3gFi1U/x+lFH7lAl6
BRKiiJRta7Ma61zYMbn5qiEvESzSkvzSX8nIL7z+WnF/rYXRUGyWEUkxbbbUlVgm
ase1MnLMRDDKMsKV59KD08AltJbfCz2z92uSORFY4+CcomMC43Zqrm4aSHD+OLV7
NvkRnx6NdzekNYCYpXtBLG99RdptuhwytvEcYuMKne6ob4JIx8cy/zEAZnQsuAep
n4p9gtOlP8WLq4yVq0L3+jsovRdyQSkZBGwc22ledmsdOSCbCdIIonXuSSRDgyrd
rQYlzVVVl8G1QyJ7C8KGTkaw2xJe3KXdyN0PAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1mbvodEJq9v3CWPkOKAz9bPk83QwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzFtYnZvZEVKcTl2M0NX
UGtPS0F6OWJQazgzUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAP2S6C2uTnXmmZDhB1GGiDtbgjncnIpPm
dowJpFPDwQvdhWov7F00trL3Oju0hFez7XSUNI0/eXFHv4EU/ATBgx97/sfTTQ5e
dF1lUrwWiTGmsqWvZkYwgiNo+WIT2rcCiLnIsw2qJce1+7bthZidGuazEECAQtqc
U+8FD4xOhgZNqyvqnZXw01BuKVAOHudvoTeCFsMvUzrw56NaM4Cku0gGXGeRIZ1b
ek3JENVlJPdsa7fSuot2V0XNHORaiIRVGQQtVuVpUpAIHaDkBHoTe9FfLIrJl8rv
xoI5BYQnvWmssvq87CAfuhvSNDP05ztEgx9swWkE1NwCS1zaYpzpEA==
-----END CERTIFICATE-----
Generated at Sun Apr 7 18:05:42 2024 by rpki-client on console.sobornost.net