Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/30CuDksmMbG5FBk-s5tSVgTs_Bs.roa
File: 30CuDksmMbG5FBk-s5tSVgTs_Bs.roa (raw, json)
Hash identifier: 1UO13WIcgnSTX8OCOrr4VnOFx/kgR4rMq9JDiVigU38=
Subject key identifier: DF:40:AE:0E:4B:26:31:B1:B9:14:19:3E:B3:9B:52:56:04:EC:FC:1B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 183C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/30CuDksmMbG5FBk-s5tSVgTs_Bs.roa
Signing time: Wed 24 Apr 2024 14:23:38 +0000
ROA not before: Wed 24 Apr 2024 14:23:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6204 (0x183c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 14:23:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DF40AE0E4B2631B1B914193EB39B525604ECFC1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a7:3f:8a:e3:cd:63:31:67:20:9c:98:56:c0:
cf:a9:a3:af:28:3f:7d:0c:ac:25:b0:65:fe:0c:69:
b7:5f:6a:49:0c:2d:9c:26:b0:b6:e6:ec:d0:7a:cf:
55:ba:b1:9f:b2:7e:e1:e1:2e:d8:96:44:1c:a3:c1:
5f:54:45:f8:c4:12:32:e5:84:de:ad:5b:5d:68:41:
97:e9:d5:64:d6:44:39:29:05:70:ae:7d:43:b7:57:
0c:d3:24:73:17:36:d4:15:3c:44:a8:8c:a7:94:51:
28:53:56:f8:96:9b:df:b2:52:2a:cc:c2:b6:b1:9d:
71:d5:b4:ad:22:ac:4c:94:3b:8a:db:dc:ba:d9:65:
e9:c7:9d:65:aa:fb:7a:35:e1:39:f3:ca:d9:c7:c8:
f0:08:f3:eb:dd:74:02:ba:a9:18:39:dd:1b:8a:49:
46:f3:bb:a3:d1:58:10:bd:35:81:93:2e:f0:3b:66:
00:2d:eb:26:38:d4:40:74:d9:e9:40:aa:db:a2:76:
ce:1c:61:28:b8:43:19:26:99:55:9a:87:8b:b9:4a:
ed:3b:2a:c1:fd:18:8e:00:b1:cb:26:db:fc:76:d2:
df:a1:f2:17:a9:f0:f4:0c:50:9e:42:33:d3:9d:0e:
5c:35:69:9a:80:c4:6b:8b:95:c9:2a:29:47:36:06:
cf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:40:AE:0E:4B:26:31:B1:B9:14:19:3E:B3:9B:52:56:04:EC:FC:1B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/30CuDksmMbG5FBk-s5tSVgTs_Bs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:4f:63:67:94:61:be:f2:42:c6:3c:1d:ad:a7:90:de:aa:c3:
97:0b:59:79:ab:b2:1d:06:40:17:2c:85:01:3a:d3:a5:86:ec:
1c:10:3b:48:f5:3d:29:2e:bd:2b:0e:16:3e:54:24:af:9c:8b:
22:1e:2b:4a:4c:23:df:2f:4c:47:80:cb:b6:0c:ec:55:e6:41:
5f:a3:15:a8:35:29:e3:ea:4b:79:69:de:c6:3c:0a:7b:02:ac:
d3:3a:3a:24:1d:9c:74:00:d9:18:81:22:33:57:26:4e:9c:3e:
ba:97:3e:b8:cc:c0:d1:f4:e5:1d:55:c0:53:db:66:1a:14:a3:
58:09:71:02:b3:9b:f5:d3:aa:52:23:7e:aa:54:dd:32:67:ad:
da:79:f8:7a:d1:56:ed:fa:5c:6e:90:a8:be:43:64:67:89:81:
88:df:e9:ee:c9:69:d2:54:60:f4:f3:29:c8:7d:4c:9f:35:97:
36:40:68:e7:c1:99:f0:a9:7e:84:0d:c6:9c:14:64:d3:ba:0b:
5a:95:67:f8:b3:99:d6:cc:e9:17:55:63:9e:01:90:9f:3e:9a:
bd:a5:39:8d:bf:3e:ec:06:99:50:05:85:81:18:ae:4a:ca:ac:
48:49:e8:89:a8:05:0d:ea:be:6c:e1:dd:51:2e:91:12:19:a4:
f0:70:eb:e6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGDwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQx
NDIzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGNDBBRTBFNEIyNjMx
QjFCOTE0MTkzRUIzOUI1MjU2MDRFQ0ZDMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDipz+K481jMWcgnJhWwM+po68oP30MrCWwZf4MabdfakkMLZwm
sLbm7NB6z1W6sZ+yfuHhLtiWRByjwV9URfjEEjLlhN6tW11oQZfp1WTWRDkpBXCu
fUO3VwzTJHMXNtQVPESojKeUUShTVviWm9+yUirMwraxnXHVtK0irEyUO4rb3LrZ
ZenHnWWq+3o14TnzytnHyPAI8+vddAK6qRg53RuKSUbzu6PRWBC9NYGTLvA7ZgAt
6yY41EB02elAqtuids4cYSi4QxkmmVWah4u5Su07KsH9GI4Ascsm2/x20t+h8hep
8PQMUJ5CM9OdDlw1aZqAxGuLlckqKUc2Bs8BAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU30CuDksmMbG5FBk+s5tSVgTs/BswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzMwQ3VEa3NtTWJHNUZC
ay1zNXRTVmdUc19Ccy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAl09jZ5RhvvJCxjwdraeQ3qrDlwtZeauy
HQZAFyyFATrTpYbsHBA7SPU9KS69Kw4WPlQkr5yLIh4rSkwj3y9MR4DLtgzsVeZB
X6MVqDUp4+pLeWnexjwKewKs0zo6JB2cdADZGIEiM1cmTpw+upc+uMzA0fTlHVXA
U9tmGhSjWAlxArOb9dOqUiN+qlTdMmet2nn4etFW7fpcbpCovkNkZ4mBiN/p7slp
0lRg9PMpyH1MnzWXNkBo58GZ8Kl+hA3GnBRk07oLWpVn+LOZ1szpF1VjngGQnz6a
vaU5jb8+7AaZUAWFgRiuSsqsSEnoiagFDeq+bOHdUS6REhmk8HDr5g==
-----END CERTIFICATE-----
Generated at Wed Apr 24 21:49:58 2024 by rpki-client on console.sobornost.net