Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2qorph7cb4-NCqlieP2b5owvSqg.roa
File: 2qorph7cb4-NCqlieP2b5owvSqg.roa (raw, json)
Hash identifier: h+GbEf8RcAWiFajNdwl074eIlZF24QQjMiKLEbtkQR4=
Subject key identifier: DA:AA:2B:A6:1E:DC:6F:8F:8D:0A:A9:62:78:FD:9B:E6:8C:2F:4A:A8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16AC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2qorph7cb4-NCqlieP2b5owvSqg.roa
Signing time: Sat 20 Apr 2024 10:23:30 +0000
ROA not before: Sat 20 Apr 2024 10:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5804 (0x16ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 10:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAAA2BA61EDC6F8F8D0AA96278FD9BE68C2F4AA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1d:93:63:0e:da:ed:2d:ec:86:52:a9:09:3f:
05:73:32:8f:f3:74:fa:d8:86:29:73:fe:10:f0:42:
bd:30:84:43:9b:17:d0:ca:f8:a8:46:8f:d0:b6:1f:
0b:b5:6e:f2:fb:f3:84:93:68:7d:77:d7:12:40:ae:
aa:81:d2:23:1a:ae:93:2f:3f:fa:e4:9e:69:3d:b8:
7f:f3:15:da:33:44:6b:72:a9:9c:2c:82:24:8c:08:
ce:fb:eb:48:49:8f:bd:75:8c:02:fa:f3:76:25:ba:
4c:50:a7:25:ec:fe:e0:45:2d:2c:01:9b:52:fc:ad:
99:44:a2:5d:d8:ba:9e:15:96:cc:6c:64:73:b0:a1:
18:a5:dd:cc:db:b6:fb:43:c5:1a:04:71:24:64:33:
19:4e:81:dd:d8:cc:45:67:64:f3:0b:7f:0b:66:b6:
78:06:72:ae:46:c7:a1:80:5d:c4:b4:48:5e:0d:8d:
79:f3:27:f3:80:aa:c1:59:9a:84:30:b0:2a:7d:ef:
1d:f9:87:5b:4c:e1:1f:68:74:5d:2d:a0:17:f9:e9:
54:1b:23:52:42:bf:6b:33:33:92:25:b0:f3:c6:c9:
d4:0e:ae:26:d4:ad:6c:81:e7:05:22:a7:e0:70:b0:
4b:1e:e6:af:1f:a6:17:0c:56:ce:d1:90:c4:48:15:
92:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AA:2B:A6:1E:DC:6F:8F:8D:0A:A9:62:78:FD:9B:E6:8C:2F:4A:A8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2qorph7cb4-NCqlieP2b5owvSqg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:83:c6:33:19:e0:72:53:f8:85:3a:1f:63:10:b4:8b:0e:89:
0b:15:3a:88:15:24:b9:7d:cc:16:45:03:78:d9:c6:1d:7f:17:
35:2f:79:66:ce:58:66:33:b1:9b:0c:34:f2:1d:ad:5c:2c:0a:
12:0b:e8:db:ed:4f:bd:eb:88:69:f7:71:1a:db:4b:44:9b:b1:
93:7d:bd:52:d2:a9:09:41:5a:90:04:39:b0:1f:16:c1:cb:8a:
1e:3f:ff:17:65:74:bf:12:43:18:2b:87:79:55:33:ac:a7:5c:
52:30:c6:1c:02:3e:7e:ff:70:de:e8:9b:90:0e:8c:12:35:58:
30:42:e9:ea:03:83:8b:5f:a7:b3:eb:c9:e9:c6:6b:31:e1:52:
f2:c5:b2:8c:89:64:e5:67:61:6c:cb:44:ab:93:cd:da:a7:98:
83:41:30:8b:95:1a:93:c6:09:f4:e4:b3:90:00:68:98:5e:48:
1e:68:91:ad:43:59:e0:9e:f4:62:ff:d7:f5:5d:76:f3:f7:0c:
35:03:f3:24:0b:33:8f:a6:f6:b3:36:a3:0b:ae:9a:df:17:f4:
51:ed:50:38:14:a6:1d:0f:85:50:c9:ef:39:70:52:19:33:88:
71:4c:9a:98:77:22:a0:ef:0b:b1:01:d4:20:3b:0c:a7:42:d3:
3c:d8:b3:c1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAx
MDIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQUEyQkE2MUVEQzZG
OEY4RDBBQTk2Mjc4RkQ5QkU2OEMyRjRBQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhHZNjDtrtLeyGUqkJPwVzMo/zdPrYhilz/hDwQr0whEObF9DK
+KhGj9C2Hwu1bvL784STaH131xJArqqB0iMarpMvP/rknmk9uH/zFdozRGtyqZws
giSMCM7760hJj711jAL683YlukxQpyXs/uBFLSwBm1L8rZlEol3Yup4VlsxsZHOw
oRil3czbtvtDxRoEcSRkMxlOgd3YzEVnZPMLfwtmtngGcq5Gx6GAXcS0SF4NjXnz
J/OAqsFZmoQwsCp97x35h1tM4R9odF0toBf56VQbI1JCv2szM5IlsPPGydQOribU
rWyB5wUip+BwsEse5q8fphcMVs7RkMRIFZIbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2qorph7cb4+NCqlieP2b5owvSqgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJxb3JwaDdjYjQtTkNx
bGllUDJiNW93dlNxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAjoPGMxngclP4hTofYxC0iw6JCxU6iBUk
uX3MFkUDeNnGHX8XNS95Zs5YZjOxmww08h2tXCwKEgvo2+1PveuIafdxGttLRJux
k329UtKpCUFakAQ5sB8WwcuKHj//F2V0vxJDGCuHeVUzrKdcUjDGHAI+fv9w3uib
kA6MEjVYMELp6gODi1+ns+vJ6cZrMeFS8sWyjIlk5WdhbMtEq5PN2qeYg0Ewi5Ua
k8YJ9OSzkABomF5IHmiRrUNZ4J70Yv/X9V128/cMNQPzJAszj6b2szajC66a3xf0
Ue1QOBSmHQ+FUMnvOXBSGTOIcUyamHcioO8LsQHUIDsMp0LTPNizwQ==
-----END CERTIFICATE-----
Generated at Sat Apr 20 15:20:44 2024 by rpki-client on console.sobornost.net