Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/BZFzQIknbWa3WwsFRswfmOEOwJs.roa
File: BZFzQIknbWa3WwsFRswfmOEOwJs.roa (raw, json)
Hash identifier: OVmmGOxkwZRMqGD69oRzRYHU2meLklYpNgEbK8TL8BU=
Subject key identifier: 05:91:73:40:89:27:6D:66:B7:5B:0B:05:46:CC:1F:98:E1:0E:C0:9B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 12EA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BZFzQIknbWa3WwsFRswfmOEOwJs.roa
Signing time: Wed 10 Apr 2024 09:53:05 +0000
ROA not before: Wed 10 Apr 2024 09:53:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4842 (0x12ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 09:53:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0591734089276D66B75B0B0546CC1F98E10EC09B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:63:a1:eb:c2:60:25:f3:a6:9d:5f:86:6e:4d:
ab:cd:a1:fb:cd:cb:85:e7:0b:c3:cf:1e:26:f3:68:
f9:f9:b6:dc:96:0c:b4:10:67:91:44:f8:7a:44:0d:
b5:c6:65:a4:01:6b:b9:b0:97:a4:39:70:6e:44:cc:
2b:bd:05:4c:05:2e:df:5c:d0:a9:d5:c5:29:67:81:
7e:26:b9:98:51:58:3c:3c:e9:a6:b4:72:05:32:83:
f3:96:77:02:ac:23:9d:50:46:f1:a1:64:6f:e2:1c:
13:95:c2:a3:da:3a:b4:a9:ed:7b:5a:7c:df:15:1a:
0b:48:84:32:7c:ed:8a:01:7c:a5:35:12:71:ea:28:
d0:10:ef:78:fb:37:fe:73:d4:3d:e2:0a:5f:81:03:
80:76:f0:40:a9:4b:be:4c:5d:01:f3:40:ff:96:87:
f9:f0:84:a3:31:47:f6:1c:96:9a:d2:8a:80:06:dc:
8f:3a:9b:9b:84:f1:ed:e5:1b:45:22:44:cf:a4:54:
08:42:11:00:58:85:cb:4e:a6:8e:7d:d4:ef:da:02:
15:74:fa:8a:31:ef:6f:f3:8e:2e:f9:39:d4:fb:eb:
f0:6c:f3:2f:bc:a2:0b:36:25:01:f8:22:af:28:ca:
87:bd:da:e3:ea:8d:ae:10:6e:2a:3e:fc:68:22:9e:
e6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:91:73:40:89:27:6D:66:B7:5B:0B:05:46:CC:1F:98:E1:0E:C0:9B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/BZFzQIknbWa3WwsFRswfmOEOwJs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:83:b0:2b:6a:78:ef:31:6f:a9:d1:b4:0a:f1:bd:f0:91:3e:
36:ec:49:80:41:38:52:90:69:5b:2c:7c:d9:ef:78:f1:e4:2b:
9b:72:6f:9e:7a:14:01:cf:c4:39:4c:53:d1:20:21:78:3a:0f:
43:2e:e6:81:ff:5f:6f:0e:f5:da:19:42:93:52:15:f4:45:24:
f1:4b:ce:ff:c0:07:4c:10:63:d5:43:d7:54:e8:f8:25:ac:47:
6b:f6:1f:c3:f3:cc:70:03:b8:a3:75:23:d7:e0:e1:a5:70:a3:
4c:7a:c1:60:a1:7b:42:15:ad:2d:bb:97:73:7e:46:b6:60:c2:
a7:b3:8d:02:3c:c3:b5:18:46:4f:a4:c8:8d:81:48:f3:12:76:
b4:1a:86:86:28:01:96:0b:fa:f4:ae:0e:47:97:34:51:23:50:
ad:82:89:f1:42:0c:86:3a:e2:25:c2:b5:df:63:1c:80:d9:03:
2d:0f:db:b6:3d:c0:24:72:ad:f1:d2:fb:d2:69:90:56:c2:8e:
de:26:d6:b1:b7:e6:9d:44:12:a6:61:c7:c9:ba:55:4e:f9:9a:
e3:71:0e:69:f2:6b:5e:e2:f5:34:54:60:75:10:29:5e:16:c1:
b9:07:ff:b5:7e:e4:5f:3f:a9:73:ee:e1:14:29:71:0f:29:c6:
df:a9:8b:e1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAw
OTUzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1OTE3MzQwODkyNzZE
NjZCNzVCMEIwNTQ2Q0MxRjk4RTEwRUMwOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Y6HrwmAl86adX4ZuTavNofvNy4XnC8PPHibzaPn5ttyWDLQQ
Z5FE+HpEDbXGZaQBa7mwl6Q5cG5EzCu9BUwFLt9c0KnVxSlngX4muZhRWDw86aa0
cgUyg/OWdwKsI51QRvGhZG/iHBOVwqPaOrSp7XtafN8VGgtIhDJ87YoBfKU1EnHq
KNAQ73j7N/5z1D3iCl+BA4B28ECpS75MXQHzQP+Wh/nwhKMxR/YclprSioAG3I86
m5uE8e3lG0UiRM+kVAhCEQBYhctOpo591O/aAhV0+oox72/zji75OdT76/Bs8y+8
ogs2JQH4Iq8oyoe92uPqja4Qbio+/GginuaDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBZFzQIknbWa3WwsFRswfmOEOwJswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0JaRnpRSWtuYldhM1d3
c0ZSc3dmbU9FT3dKcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEArIOwK2p47zFvqdG0CvG98JE+NuxJgEE4
UpBpWyx82e948eQrm3JvnnoUAc/EOUxT0SAheDoPQy7mgf9fbw712hlCk1IV9EUk
8UvO/8AHTBBj1UPXVOj4JaxHa/Yfw/PMcAO4o3Uj1+DhpXCjTHrBYKF7QhWtLbuX
c35GtmDCp7ONAjzDtRhGT6TIjYFI8xJ2tBqGhigBlgv69K4OR5c0USNQrYKJ8UIM
hjriJcK132McgNkDLQ/btj3AJHKt8dL70mmQVsKO3ibWsbfmnUQSpmHHybpVTvma
43EOafJrXuL1NFRgdRApXhbBuQf/tX7kXz+pc+7hFClxDynG36mL4Q==
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:17:29 2024 by rpki-client on console.sobornost.net