Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/9_hURAf6STShWUd-0k3f1z-hLjE.roa
File: 9_hURAf6STShWUd-0k3f1z-hLjE.roa (raw, json)
Hash identifier: k+8rCpXwuS79MDStKRQZ9ll5qZmKve+jf0DAlO5tUzk=
Subject key identifier: F7:F8:54:44:07:FA:49:34:A1:59:47:7E:D2:4D:DF:D7:3F:A1:2E:31
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B86
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9_hURAf6STShWUd-0k3f1z-hLjE.roa
Signing time: Fri 03 May 2024 08:54:10 +0000
ROA not before: Fri 03 May 2024 08:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7046 (0x1b86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 08:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F7F8544407FA4934A159477ED24DDFD73FA12E31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c1:0d:fc:d4:b7:e3:90:f6:c9:21:86:f8:b2:
54:fc:50:8d:e1:0b:0a:5d:0f:d4:f6:db:2b:65:f1:
79:21:f6:4b:82:c3:27:b8:5b:4c:99:07:76:18:2e:
1b:a5:bb:3f:26:2c:1f:ec:f2:ae:5b:05:10:9e:3d:
b7:a2:bb:48:46:63:ff:54:41:df:34:e2:83:bf:28:
d3:60:4a:b7:5c:15:11:4f:e8:32:4f:7b:88:54:74:
c5:6d:1b:09:fa:2f:2c:60:76:4d:45:76:0c:d3:fc:
93:36:f8:05:07:1e:1f:b1:f6:76:70:8d:d7:00:fc:
a9:8b:8f:1f:a5:83:4d:cc:33:a7:6f:49:30:fe:81:
f4:53:b3:f4:cb:3c:fc:60:9d:9f:ee:ed:ff:46:d9:
a0:b8:f3:19:dd:52:ea:33:1c:4e:a7:6a:04:26:80:
99:01:a0:14:cf:5b:4b:27:c4:16:d2:7e:42:b0:b8:
48:5e:a5:8a:c7:03:b7:db:47:39:3e:4b:e5:a2:70:
84:3d:65:9b:f7:5e:b7:9e:6f:64:9c:2e:90:b6:9f:
dd:c2:ec:e4:ef:57:99:0d:27:ba:d4:df:70:0d:03:
62:d5:56:c2:c5:02:cc:70:a0:0f:10:d5:92:05:e7:
77:94:16:e9:fc:fa:7d:69:ad:80:dc:4c:61:dc:71:
56:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F8:54:44:07:FA:49:34:A1:59:47:7E:D2:4D:DF:D7:3F:A1:2E:31
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9_hURAf6STShWUd-0k3f1z-hLjE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:99:ab:f5:ba:7c:2d:14:84:03:1d:f8:ce:1a:d1:71:47:b4:
1c:bf:dc:9c:42:1d:56:16:ce:38:58:a3:e1:bd:fd:69:65:47:
fe:9b:5e:49:0e:79:e8:43:80:d4:5d:b3:9f:11:60:23:29:89:
be:e9:81:d1:70:71:a7:ae:65:88:1e:f3:db:d2:fe:63:0e:97:
9a:04:d1:3e:0b:4e:b4:9e:9e:c7:4e:98:9a:4e:84:43:a3:90:
b7:c5:34:0e:1a:42:27:8e:e5:c2:fa:19:3e:ea:1d:39:21:d5:
93:15:b3:0d:fb:eb:92:8d:83:4d:47:cd:24:e8:65:ea:db:74:
7f:06:f5:7b:9a:be:44:30:b8:9a:55:1b:4e:15:b8:32:48:42:
a6:bd:08:c6:bc:e1:e2:a4:f6:a9:56:53:75:ff:f1:57:86:28:
50:34:ea:57:5d:27:0f:63:66:c1:57:e8:df:2d:f6:c0:fb:8f:
45:dd:e9:c3:c6:ca:2e:1f:c9:9f:2e:a9:c7:f3:79:85:f5:df:
84:32:df:38:75:ef:90:0c:e3:e4:39:5e:2d:f9:b0:ac:0b:25:
95:72:7a:7a:aa:0d:97:a3:08:ea:4e:c0:42:85:5d:5d:64:32:
dc:1e:fb:08:97:d5:c1:d6:e9:f7:c1:ca:4a:c5:ac:71:48:ce:
11:c2:18:8b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMw
ODU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY3Rjg1NDQ0MDdGQTQ5
MzRBMTU5NDc3RUQyNERERkQ3M0ZBMTJFMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlwQ381LfjkPbJIYb4slT8UI3hCwpdD9T22ytl8Xkh9kuCwye4
W0yZB3YYLhuluz8mLB/s8q5bBRCePbeiu0hGY/9UQd804oO/KNNgSrdcFRFP6DJP
e4hUdMVtGwn6Lyxgdk1FdgzT/JM2+AUHHh+x9nZwjdcA/KmLjx+lg03MM6dvSTD+
gfRTs/TLPPxgnZ/u7f9G2aC48xndUuozHE6nagQmgJkBoBTPW0snxBbSfkKwuEhe
pYrHA7fbRzk+S+WicIQ9ZZv3Xreeb2ScLpC2n93C7OTvV5kNJ7rU33ANA2LVVsLF
AsxwoA8Q1ZIF53eUFun8+n1prYDcTGHccVY9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9/hURAf6STShWUd+0k3f1z+hLjEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzlfaFVSQWY2U1RTaFdV
ZC0wazNmMXotaExqRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAxpmr9bp8LRSEAx34zhrRcUe0HL/cnEId
VhbOOFij4b39aWVH/pteSQ556EOA1F2znxFgIymJvumB0XBxp65liB7z29L+Yw6X
mgTRPgtOtJ6ex06Ymk6EQ6OQt8U0DhpCJ47lwvoZPuodOSHVkxWzDfvrko2DTUfN
JOhl6tt0fwb1e5q+RDC4mlUbThW4MkhCpr0Ixrzh4qT2qVZTdf/xV4YoUDTqV10n
D2NmwVfo3y32wPuPRd3pw8bKLh/Jny6px/N5hfXfhDLfOHXvkAzj5DleLfmwrAsl
lXJ6eqoNl6MI6k7AQoVdXWQy3B77CJfVwdbp98HKSsWscUjOEcIYiw==
-----END CERTIFICATE-----
Generated at Fri May 3 14:44:29 2024 by rpki-client on console.sobornost.net