Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/9TFIp5os5SHuku_ZygoIpq8S504.roa
File: 9TFIp5os5SHuku_ZygoIpq8S504.roa (raw, json)
Hash identifier: UxUwwmaoa3DzPb++JNXcaSYij1qcrxDjK0uGWgTVQT4=
Subject key identifier: F5:31:48:A7:9A:2C:E5:21:EE:92:EF:D9:CA:0A:08:A6:AF:12:E7:4E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 135C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9TFIp5os5SHuku_ZygoIpq8S504.roa
Signing time: Thu 11 Apr 2024 14:24:07 +0000
ROA not before: Thu 11 Apr 2024 14:24:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4956 (0x135c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 11 14:24:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F53148A79A2CE521EE92EFD9CA0A08A6AF12E74E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0d:2e:4b:10:82:a6:e9:bd:05:78:0d:f2:e2:
3a:91:ec:4c:99:40:8e:c4:6c:28:10:82:33:ff:ce:
57:5e:a2:9e:9f:51:05:02:96:4a:22:23:c2:74:97:
8c:18:12:e6:ff:3b:e8:0c:b3:e5:b8:2c:58:d3:53:
c4:fc:5b:ca:75:ba:e6:b8:cf:f9:3e:bb:67:27:2a:
a9:47:15:90:e0:67:22:06:d3:62:e6:45:e4:90:22:
53:1e:72:5c:45:83:4e:f4:62:ba:49:b3:9c:59:35:
d7:32:54:c9:f3:3b:8b:38:4f:c6:a1:4a:16:2d:71:
78:60:d7:c0:4e:ca:e0:c2:9b:a6:b2:50:e1:a5:5e:
c9:0f:62:6e:c9:66:52:4c:8e:60:94:bb:ee:ae:0a:
75:64:41:67:40:83:db:b9:29:f4:f5:f8:69:ef:84:
77:83:57:e2:a7:76:a4:95:c4:65:a8:ff:2e:21:99:
b0:35:22:ba:cd:20:ff:7e:d7:0d:1b:c1:d0:5b:16:
39:65:ef:fd:ae:2e:f9:96:54:cd:b5:ab:8a:17:8b:
a7:75:d7:f0:f7:b2:a3:78:6f:d7:3f:99:11:19:6b:
98:d8:3d:69:b6:9c:02:a4:22:11:f2:99:6c:e9:91:
6b:61:bc:19:d6:aa:99:c8:e0:2b:62:1f:df:a8:e1:
cd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:31:48:A7:9A:2C:E5:21:EE:92:EF:D9:CA:0A:08:A6:AF:12:E7:4E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9TFIp5os5SHuku_ZygoIpq8S504.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:ad:d1:1a:b3:a0:05:e0:36:03:33:bd:c9:43:d9:b7:06:bd:
3f:af:26:87:6b:59:9a:ef:72:9d:f7:43:9e:86:a0:96:e5:b1:
68:38:70:65:50:6f:51:cb:c4:ce:6e:d5:c2:ac:b8:61:36:7a:
ee:1a:f8:0c:9c:0a:5f:e9:e0:0b:3b:95:20:d2:68:31:a0:37:
87:9f:44:04:d9:d2:01:73:3a:76:95:ea:61:c8:8f:a5:23:3a:
b0:36:17:ce:72:9c:8b:ca:02:bf:01:ff:fd:ff:56:eb:6a:a0:
df:cc:30:fd:eb:bc:30:e9:bd:fb:b4:9e:43:f6:d7:a7:1b:6a:
1f:a0:1b:4c:49:eb:91:f5:8b:8a:3e:51:67:35:47:11:fb:ef:
28:46:73:d9:3b:a0:1a:7c:03:58:73:8f:5e:c4:19:ec:b0:49:
75:86:1a:43:6b:d7:ee:b9:c3:67:65:5f:af:58:68:3d:f3:c1:
ec:3e:9e:f8:84:9f:10:19:e2:40:fd:98:4c:26:c9:bc:f1:3e:
8d:65:ba:f4:16:42:77:96:56:a7:ba:e3:56:20:0d:03:03:2f:
a6:b8:18:95:b7:02:c5:43:4e:86:74:05:bc:ff:41:9b:1c:b0:
6d:f0:ff:dd:6d:ba:9b:62:5a:dc:9b:a1:7c:aa:4f:e2:b3:c8:
08:01:6b:19
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTEx
NDI0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY1MzE0OEE3OUEyQ0U1
MjFFRTkyRUZEOUNBMEEwOEE2QUYxMkU3NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYDS5LEIKm6b0FeA3y4jqR7EyZQI7EbCgQgjP/zldeop6fUQUC
lkoiI8J0l4wYEub/O+gMs+W4LFjTU8T8W8p1uua4z/k+u2cnKqlHFZDgZyIG02Lm
ReSQIlMeclxFg070YrpJs5xZNdcyVMnzO4s4T8ahShYtcXhg18BOyuDCm6ayUOGl
XskPYm7JZlJMjmCUu+6uCnVkQWdAg9u5KfT1+GnvhHeDV+KndqSVxGWo/y4hmbA1
IrrNIP9+1w0bwdBbFjll7/2uLvmWVM21q4oXi6d11/D3sqN4b9c/mREZa5jYPWm2
nAKkIhHymWzpkWthvBnWqpnI4CtiH9+o4c0LAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9TFIp5os5SHuku/ZygoIpq8S504wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzlURklwNW9zNVNIdWt1
X1p5Z29JcHE4UzUwNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAY63RGrOgBeA2AzO9yUPZtwa9P68mh2tZ
mu9ynfdDnoagluWxaDhwZVBvUcvEzm7Vwqy4YTZ67hr4DJwKX+ngCzuVINJoMaA3
h59EBNnSAXM6dpXqYciPpSM6sDYXznKci8oCvwH//f9W62qg38ww/eu8MOm9+7Se
Q/bXpxtqH6AbTEnrkfWLij5RZzVHEfvvKEZz2TugGnwDWHOPXsQZ7LBJdYYaQ2vX
7rnDZ2Vfr1hoPfPB7D6e+ISfEBniQP2YTCbJvPE+jWW69BZCd5ZWp7rjViANAwMv
prgYlbcCxUNOhnQFvP9BmxywbfD/3W26m2Ja3JuhfKpP4rPICAFrGQ==
-----END CERTIFICATE-----
Generated at Thu Apr 11 20:58:45 2024 by rpki-client on console.sobornost.net