Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Cp_x-E-jazrdhLaOKR0OZk1esMM.roa
File: Cp_x-E-jazrdhLaOKR0OZk1esMM.roa (raw, json)
Hash identifier: pb7vF8FMcXaQ7NAWTun20+ml7mRjFSmY8ckmOAdgBvc=
Subject key identifier: 0A:9F:F1:F8:4F:A3:6B:3A:DD:84:B6:8E:29:1D:0E:66:4D:5E:B0:C3
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B2A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Cp_x-E-jazrdhLaOKR0OZk1esMM.roa
Signing time: Thu 02 May 2024 09:54:05 +0000
ROA not before: Thu 02 May 2024 09:54:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6954 (0x1b2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 2 09:54:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0A9FF1F84FA36B3ADD84B68E291D0E664D5EB0C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:82:1d:17:79:d0:2f:7f:95:b9:e8:8e:d7:b5:
40:7f:26:b4:99:0a:e7:42:4d:ee:8e:32:af:88:5e:
a6:df:a4:09:eb:7f:34:c8:32:b5:69:fa:b6:c8:46:
ad:75:22:60:b2:2c:04:e3:b5:ff:fb:00:0b:b2:5c:
d2:8b:30:92:60:2a:f8:c4:7b:a5:b9:64:66:e4:80:
3b:a8:6b:10:6d:ae:a5:95:93:a6:7e:21:e4:a3:a4:
3d:60:04:7f:b8:8a:a3:9d:4d:f7:b8:97:dd:77:e7:
b0:21:d5:e5:13:3c:88:74:56:1d:f9:d0:8d:18:6b:
b2:77:b9:54:e5:a6:66:43:2b:1d:6d:fd:1d:2c:eb:
11:7b:7f:11:4a:2b:4a:b2:35:00:f8:64:46:a6:bd:
3f:55:cd:7d:79:c1:9f:d0:94:eb:8f:9e:e5:06:f5:
8c:9a:39:c2:d9:ea:83:67:c6:f2:fe:4c:81:49:db:
60:e6:7f:a2:07:32:77:41:b6:29:d7:9d:91:51:4f:
4d:b1:ee:52:c1:03:3a:d5:ef:56:7a:2e:9d:5e:11:
08:cf:44:41:75:90:40:44:9b:44:57:33:21:db:7e:
9b:37:f0:43:64:21:d9:c3:9e:a3:11:a3:5e:93:48:
fa:10:34:93:44:2c:81:46:9b:c2:15:c3:27:ae:cc:
27:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:9F:F1:F8:4F:A3:6B:3A:DD:84:B6:8E:29:1D:0E:66:4D:5E:B0:C3
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Cp_x-E-jazrdhLaOKR0OZk1esMM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:ff:99:16:11:07:b5:cd:99:2e:8e:e9:cf:e2:a0:43:60:ba:
48:80:b4:33:af:cd:4d:fe:0a:6a:7b:15:66:3e:d7:79:72:2f:
a1:e2:9b:d9:f3:24:e3:2f:a4:e9:ba:93:fb:4d:22:ba:f6:f5:
79:c1:23:d3:86:a1:ac:44:b5:ec:7c:89:f1:d2:8f:6f:13:45:
b2:fc:12:56:6b:1c:b1:80:45:75:b5:42:60:78:e0:89:87:90:
cd:e4:8f:af:54:78:a2:e5:30:d0:b8:ea:e4:f3:4b:ec:b1:5f:
c7:b2:23:7e:55:c1:63:8e:b8:9f:e3:85:27:28:0c:6c:ae:da:
f8:5b:bd:37:89:fd:90:97:1d:0d:04:fe:41:ee:03:7a:0f:3f:
02:fc:2a:82:01:9e:e8:b2:71:33:d7:21:93:f1:ea:a8:a6:79:
3f:aa:c2:48:0f:bd:de:7e:9d:b7:36:d4:a7:19:03:8e:aa:0a:
86:eb:90:88:b7:1a:3b:4b:51:65:4d:c9:17:1f:4c:38:e2:45:
e8:6c:98:08:57:f8:91:f4:ed:bc:47:79:ee:44:bf:dc:0f:a2:
d5:49:24:70:9c:99:e6:94:48:bd:01:8f:cd:31:cb:19:49:fa:
26:66:2a:22:28:7f:65:73:b5:c5:59:00:ad:f8:52:47:38:a0:
cb:0e:30:fe
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDIw
OTU0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBOUZGMUY4NEZBMzZC
M0FERDg0QjY4RTI5MUQwRTY2NEQ1RUIwQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTgh0XedAvf5W56I7XtUB/JrSZCudCTe6OMq+IXqbfpAnrfzTI
MrVp+rbIRq11ImCyLATjtf/7AAuyXNKLMJJgKvjEe6W5ZGbkgDuoaxBtrqWVk6Z+
IeSjpD1gBH+4iqOdTfe4l91357Ah1eUTPIh0Vh350I0Ya7J3uVTlpmZDKx1t/R0s
6xF7fxFKK0qyNQD4ZEamvT9VzX15wZ/QlOuPnuUG9YyaOcLZ6oNnxvL+TIFJ22Dm
f6IHMndBtinXnZFRT02x7lLBAzrV71Z6Lp1eEQjPREF1kEBEm0RXMyHbfps38ENk
IdnDnqMRo16TSPoQNJNELIFGm8IVwyeuzCcDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCp/x+E+jazrdhLaOKR0OZk1esMMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0NwX3gtRS1qYXpyZGhM
YU9LUjBPWmsxZXNNTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAUf+ZFhEHtc2ZLo7pz+KgQ2C6SIC0M6/N
Tf4KansVZj7XeXIvoeKb2fMk4y+k6bqT+00iuvb1ecEj04ahrES17HyJ8dKPbxNF
svwSVmscsYBFdbVCYHjgiYeQzeSPr1R4ouUw0Ljq5PNL7LFfx7IjflXBY464n+OF
JygMbK7a+Fu9N4n9kJcdDQT+Qe4Deg8/AvwqggGe6LJxM9chk/HqqKZ5P6rCSA+9
3n6dtzbUpxkDjqoKhuuQiLcaO0tRZU3JFx9MOOJF6GyYCFf4kfTtvEd57kS/3A+i
1UkkcJyZ5pRIvQGPzTHLGUn6JmYqIih/ZXO1xVkArfhSRzigyw4w/g==
-----END CERTIFICATE-----
Generated at Thu May 2 13:57:27 2024 by rpki-client on console.sobornost.net