Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/50OHTAqRuhXEZjCjLzX6aT-MA1Y.roa
File: 50OHTAqRuhXEZjCjLzX6aT-MA1Y.roa (raw, json)
Hash identifier: otKJctK8575NuowgYp+ry0onm4Pnis03PAsD8Z/jh5Q=
Subject key identifier: E7:43:87:4C:0A:91:BA:15:C4:66:30:A3:2F:35:FA:69:3F:8C:03:56
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 156C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/50OHTAqRuhXEZjCjLzX6aT-MA1Y.roa
Signing time: Wed 17 Apr 2024 02:24:13 +0000
ROA not before: Wed 17 Apr 2024 02:24:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5484 (0x156c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 02:24:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E743874C0A91BA15C46630A32F35FA693F8C0356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a4:75:79:4a:84:90:b3:7c:ef:cd:05:5f:6a:
e0:13:42:2d:29:91:0c:5e:52:83:fe:7e:34:fe:4e:
71:a3:f5:51:9a:15:6e:bd:c7:7d:4c:72:3f:17:27:
ec:48:60:d9:33:bc:da:12:c3:2c:76:0b:48:12:0d:
2d:29:88:d8:9e:6c:ed:4c:0e:62:60:bc:a0:11:c6:
f2:b2:11:fe:03:0c:62:57:bf:46:55:1e:f6:16:57:
9b:ae:c2:c0:32:2b:59:ed:b5:72:7d:6c:cd:ca:42:
38:3d:22:4b:0d:47:02:55:d1:15:76:7c:07:38:cb:
05:12:95:e5:d4:49:0a:40:53:1a:f8:68:4a:f5:e8:
d2:e1:10:2e:ad:69:c1:8c:c1:73:1c:c6:18:75:83:
bc:7f:07:70:f7:ac:b0:75:96:16:15:52:84:09:bc:
f2:b2:dd:72:01:9b:d0:0a:8f:75:c6:ae:95:47:01:
f6:c2:56:d3:51:b1:c0:14:af:17:a7:08:a5:14:26:
2a:f3:18:59:a8:ca:c4:f2:01:fd:6a:bb:33:ae:58:
7b:bf:2a:57:8a:6d:55:d4:fa:80:3b:2f:34:6b:bb:
ab:ca:7f:05:45:9b:79:8c:e6:e1:91:ed:11:3f:ff:
16:93:a7:61:bd:c4:1c:29:53:69:06:e7:71:f9:0a:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:43:87:4C:0A:91:BA:15:C4:66:30:A3:2F:35:FA:69:3F:8C:03:56
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/50OHTAqRuhXEZjCjLzX6aT-MA1Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:79:b6:82:6d:1f:78:56:f3:b3:b9:9c:d0:6d:81:7a:27:ea:
da:24:ff:8c:98:a2:0b:69:8f:a1:30:c2:cb:98:68:f5:4e:f4:
55:db:eb:5b:27:0e:81:31:ba:5a:23:76:81:cb:e7:73:f0:8e:
16:88:c0:27:ac:77:de:08:05:ba:29:ba:36:31:ca:30:c8:8e:
3a:d7:4e:6d:2b:37:88:30:f5:00:58:3d:a6:34:13:24:5f:36:
81:c7:1f:ac:6d:17:c4:e0:cc:05:be:ec:6e:14:62:2a:c8:fc:
9f:e2:b4:9b:cc:d3:6e:f8:21:1a:c9:6e:14:3b:d0:e3:d4:3f:
bd:91:ea:5b:f4:31:17:2a:d0:6d:78:64:e1:58:a5:6b:24:5e:
9d:7f:68:20:e8:fc:22:e3:2c:0b:ad:08:fb:12:6e:84:0e:02:
e2:5f:d8:f3:4c:1a:73:4c:7f:ae:af:39:0b:28:9b:48:52:43:
df:6a:3b:b7:fb:c4:e1:e8:ab:3b:e3:1d:b5:5f:da:65:90:34:
e5:aa:10:bf:bc:fa:f6:02:23:b6:66:df:2f:3f:d8:40:75:5d:
e5:56:7b:bf:1c:bb:e1:b7:f6:64:ab:57:b1:d2:b3:6b:db:5f:
cc:3d:0b:23:43:5d:6f:5a:ab:a6:b7:c8:2c:33:61:f1:58:df:
43:4d:a3:d9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcw
MjI0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3NDM4NzRDMEE5MUJB
MTVDNDY2MzBBMzJGMzVGQTY5M0Y4QzAzNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFpHV5SoSQs3zvzQVfauATQi0pkQxeUoP+fjT+TnGj9VGaFW69
x31Mcj8XJ+xIYNkzvNoSwyx2C0gSDS0piNiebO1MDmJgvKARxvKyEf4DDGJXv0ZV
HvYWV5uuwsAyK1nttXJ9bM3KQjg9IksNRwJV0RV2fAc4ywUSleXUSQpAUxr4aEr1
6NLhEC6tacGMwXMcxhh1g7x/B3D3rLB1lhYVUoQJvPKy3XIBm9AKj3XGrpVHAfbC
VtNRscAUrxenCKUUJirzGFmoysTyAf1quzOuWHu/KleKbVXU+oA7LzRru6vKfwVF
m3mM5uGR7RE//xaTp2G9xBwpU2kG53H5CldZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU50OHTAqRuhXEZjCjLzX6aT+MA1YwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzUwT0hUQXFSdWhYRVpq
Q2pMelg2YVQtTUExWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAa3m2gm0feFbzs7mc0G2Beifq2iT/jJii
C2mPoTDCy5ho9U70VdvrWycOgTG6WiN2gcvnc/COFojAJ6x33ggFuim6NjHKMMiO
OtdObSs3iDD1AFg9pjQTJF82gccfrG0XxODMBb7sbhRiKsj8n+K0m8zTbvghGslu
FDvQ49Q/vZHqW/QxFyrQbXhk4VilayRenX9oIOj8IuMsC60I+xJuhA4C4l/Y80wa
c0x/rq85CyibSFJD32o7t/vE4eirO+MdtV/aZZA05aoQv7z69gIjtmbfLz/YQHVd
5VZ7vxy74bf2ZKtXsdKza9tfzD0LI0Ndb1qrprfILDNh8VjfQ02j2Q==
Generated at Wed Apr 17 08:40:33 2024 by rpki-client on console.sobornost.net