Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/BU5Vsxe6mJMV0f8V3_OCJJbJNSM.roa
File: BU5Vsxe6mJMV0f8V3_OCJJbJNSM.roa (raw, json)
Hash identifier: ytSq4VWDYlIcPkM9xJIo61DN/ScHMMvxGidSzxNgNRY=
Subject key identifier: 05:4E:55:B3:17:BA:98:93:15:D1:FF:15:DF:F3:82:24:96:C9:35:23
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10C6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BU5Vsxe6mJMV0f8V3_OCJJbJNSM.roa
Signing time: Thu 04 Apr 2024 16:52:47 +0000
ROA not before: Thu 04 Apr 2024 16:52:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4294 (0x10c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 16:52:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=054E55B317BA989315D1FF15DFF3822496C93523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ee:ed:f8:90:04:74:0d:33:e6:4b:0c:8a:1a:
01:6f:a5:04:85:7a:f2:4a:b2:6f:fb:94:34:aa:00:
a6:b9:6f:83:d1:30:61:03:d8:17:fb:66:f0:71:18:
f6:29:b0:1b:ff:a9:be:7f:72:ac:6e:21:0c:03:0e:
09:02:f3:00:31:de:62:e5:7d:be:58:bd:d2:8d:09:
8b:43:4f:dc:ba:86:ff:15:9e:f6:8c:8b:66:24:6a:
c4:1f:cd:c7:a7:49:07:8b:80:ba:49:97:e0:73:83:
6c:48:63:25:7d:9d:27:d5:fa:c0:56:aa:77:6b:ee:
a4:66:f4:8e:cf:96:fc:d0:10:3c:b5:b1:dd:0b:62:
3a:59:a7:df:45:bc:17:3b:82:c8:ac:c8:9b:9b:63:
27:2c:cf:3a:bb:f1:40:27:6e:0c:ba:4d:26:68:ec:
29:bc:61:88:6e:df:5f:db:82:b4:d9:b9:bd:5c:21:
5d:e6:c0:6d:1f:c1:7f:70:2b:f9:43:93:33:6b:d2:
d3:81:c9:d9:79:02:67:94:ab:da:de:26:e7:75:5d:
13:0d:15:16:1d:93:22:28:c0:71:4c:aa:66:0b:7f:
6e:55:83:f7:84:91:09:43:92:c9:38:f2:fa:e9:d6:
ca:42:b3:57:b5:80:f2:5b:c2:35:66:8b:57:f7:2f:
ca:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4E:55:B3:17:BA:98:93:15:D1:FF:15:DF:F3:82:24:96:C9:35:23
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BU5Vsxe6mJMV0f8V3_OCJJbJNSM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:aa:cd:bd:59:22:34:9c:b3:43:77:a1:02:43:e8:60:6c:74:
fc:73:7c:d7:39:e3:0c:10:66:cb:34:f7:c4:91:1b:5e:98:b2:
87:b1:6d:83:15:c7:60:92:3c:9e:ab:76:78:d9:84:83:47:d1:
66:a2:fd:e8:5a:72:47:19:00:83:ee:6e:5f:0f:33:42:0c:12:
99:95:7a:49:10:f2:bb:36:56:f0:e9:27:df:3f:06:9d:d9:6f:
49:9c:3d:b2:0b:13:64:50:26:06:65:1f:f1:a3:5f:49:70:64:
81:62:2d:dc:24:8c:73:5d:ab:d0:60:aa:12:81:d3:c9:af:82:
3a:20:95:f9:df:b5:f0:1a:9d:3e:0b:73:77:f5:38:a0:ac:b2:
39:6e:36:97:f3:78:c3:b1:06:39:f9:ec:ff:30:e7:7b:79:af:
ba:ae:e3:7c:2a:90:93:d8:b3:e7:10:f5:14:b6:1f:40:f4:94:
a0:cb:4f:81:90:5a:6a:c6:5e:93:7b:a4:db:9e:ae:4b:1e:1d:
83:f8:3c:b1:cc:79:57:8c:71:99:03:54:40:75:54:5e:2e:31:
b6:d3:ea:aa:82:c1:ce:71:27:45:3d:46:01:e7:8b:b7:16:65:
12:c5:09:6a:6a:0f:18:e2:75:42:55:e9:95:9d:ea:11:d8:14:
48:38:be:7d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQx
NjUyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1NEU1NUIzMTdCQTk4
OTMxNUQxRkYxNURGRjM4MjI0OTZDOTM1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF7u34kAR0DTPmSwyKGgFvpQSFevJKsm/7lDSqAKa5b4PRMGED
2Bf7ZvBxGPYpsBv/qb5/cqxuIQwDDgkC8wAx3mLlfb5YvdKNCYtDT9y6hv8VnvaM
i2YkasQfzcenSQeLgLpJl+Bzg2xIYyV9nSfV+sBWqndr7qRm9I7PlvzQEDy1sd0L
YjpZp99FvBc7gsisyJubYycszzq78UAnbgy6TSZo7Cm8YYhu31/bgrTZub1cIV3m
wG0fwX9wK/lDkzNr0tOBydl5AmeUq9reJud1XRMNFRYdkyIowHFMqmYLf25Vg/eE
kQlDksk48vrp1spCs1e1gPJbwjVmi1f3L8o/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBU5Vsxe6mJMV0f8V3/OCJJbJNSMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0JVNVZzeGU2bUpNVjBm
OFYzX09DSkpiSk5TTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAQarNvVkiNJyzQ3ehAkPoYGx0/HN81znj
DBBmyzT3xJEbXpiyh7FtgxXHYJI8nqt2eNmEg0fRZqL96FpyRxkAg+5uXw8zQgwS
mZV6SRDyuzZW8Okn3z8GndlvSZw9sgsTZFAmBmUf8aNfSXBkgWIt3CSMc12r0GCq
EoHTya+COiCV+d+18BqdPgtzd/U4oKyyOW42l/N4w7EGOfns/zDne3mvuq7jfCqQ
k9iz5xD1FLYfQPSUoMtPgZBaasZek3uk256uSx4dg/g8scx5V4xxmQNUQHVUXi4x
ttPqqoLBznEnRT1GAeeLtxZlEsUJamoPGOJ1QlXplZ3qEdgUSDi+fQ==
-----END CERTIFICATE-----
Generated at Thu Apr 4 23:41:04 2024 by rpki-client on console.sobornost.net