Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/E-s6832ip8J0TUIx6ERAD4-1zt8.roa
File: E-s6832ip8J0TUIx6ERAD4-1zt8.roa (raw, json)
Hash identifier: iV2+T/3hdN1/WprUuXJ+cnBmfamEFm0WfAcFZsPanbM=
Subject key identifier: 13:EB:3A:F3:7D:A2:A7:C2:74:4D:42:31:E8:44:40:0F:8F:B5:CE:DF
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 121C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/E-s6832ip8J0TUIx6ERAD4-1zt8.roa
Signing time: Mon 08 Apr 2024 06:23:00 +0000
ROA not before: Mon 08 Apr 2024 06:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4636 (0x121c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 06:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=13EB3AF37DA2A7C2744D4231E844400F8FB5CEDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cb:b3:b8:7a:84:e7:ce:5f:56:32:b8:0d:36:
80:72:c5:77:61:f3:7d:cc:75:5c:d3:3b:ae:c5:a2:
18:5a:63:0c:f5:8f:bc:e8:a6:0b:e5:ab:62:98:01:
ba:cd:5b:08:44:2e:da:85:f3:5b:af:60:0b:a6:09:
b0:1c:e3:a6:1a:36:a0:01:04:dc:7e:40:bc:47:99:
d8:e8:1d:04:ce:dd:4b:4b:fb:a2:2d:bf:56:c8:e0:
4a:e6:9f:16:f9:8b:c3:27:e5:da:61:80:47:4b:de:
50:92:8f:ec:cd:ec:11:08:d5:6f:3a:24:3c:5e:93:
d9:18:49:aa:ac:21:24:5b:8f:b0:a7:2f:fc:dd:ce:
64:b0:50:d4:d7:b8:8e:fc:59:dd:ae:78:cb:9a:8f:
ec:98:2c:e5:23:83:59:9d:6a:a5:bf:f4:cc:ea:a1:
63:4e:ed:44:90:ad:44:b7:1d:88:ef:10:b3:36:e0:
34:4b:3f:9f:45:f7:a5:48:69:18:80:96:e8:a1:ee:
c8:9f:41:85:bb:4c:45:d9:1d:d7:3a:5e:fd:66:c0:
f6:61:99:aa:69:9e:bf:08:17:9a:73:6b:7a:2d:67:
30:d5:e1:8e:5d:80:c6:63:6b:c2:e9:f3:94:34:26:
17:4f:3d:5f:9f:8e:c2:5e:8a:ec:19:db:70:1b:b3:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EB:3A:F3:7D:A2:A7:C2:74:4D:42:31:E8:44:40:0F:8F:B5:CE:DF
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/E-s6832ip8J0TUIx6ERAD4-1zt8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:df:8a:2b:11:af:97:09:d5:4c:07:31:77:a5:ba:b8:99:cf:
6c:2e:96:f5:1f:dc:c1:6d:e0:9e:34:c2:71:4d:d6:df:a5:68:
50:62:69:f5:d7:6e:7e:b5:f4:97:4d:78:9d:96:d2:ad:f3:5e:
af:38:87:b1:d3:0e:0f:08:a0:3b:3a:37:bb:9d:0d:0b:b1:15:
47:81:a5:11:e4:de:34:68:be:b6:ce:ea:aa:27:c4:eb:18:a5:
54:51:30:88:2d:59:cd:4e:96:2c:4e:11:a2:b9:ea:51:3a:10:
d9:f0:c4:c6:1b:03:0d:f6:68:3e:f5:09:b0:be:fa:81:f0:8d:
50:af:88:32:54:bc:57:f3:5f:31:37:c5:0c:e2:60:cd:fe:39:
3c:47:5a:71:43:31:50:a8:2c:e6:30:1c:de:10:3e:da:dd:8c:
57:94:06:cc:52:83:bb:c2:de:72:0e:f1:b4:e9:5a:47:10:6c:
8f:79:95:2f:13:d0:25:9b:9c:9d:0c:c9:0a:8a:ab:a7:88:4d:
ea:1e:78:7d:6e:83:bb:ac:cc:c9:f5:fd:22:bc:7f:93:ba:f9:
04:2e:fa:26:4b:7f:14:92:28:e4:cb:56:8b:ef:c5:5e:25:d1:
1a:8b:3d:b8:e9:5e:81:67:14:1d:3d:f9:a8:6e:91:ec:24:70:
ef:3f:27:67
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEhwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgw
NjIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEzRUIzQUYzN0RBMkE3
QzI3NDRENDIzMUU4NDQ0MDBGOEZCNUNFREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLy7O4eoTnzl9WMrgNNoByxXdh833MdVzTO67FohhaYwz1j7zo
pgvlq2KYAbrNWwhELtqF81uvYAumCbAc46YaNqABBNx+QLxHmdjoHQTO3UtL+6It
v1bI4Ermnxb5i8Mn5dphgEdL3lCSj+zN7BEI1W86JDxek9kYSaqsISRbj7CnL/zd
zmSwUNTXuI78Wd2ueMuaj+yYLOUjg1mdaqW/9MzqoWNO7USQrUS3HYjvELM24DRL
P59F96VIaRiAluih7sifQYW7TEXZHdc6Xv1mwPZhmappnr8IF5pza3otZzDV4Y5d
gMZja8Lp85Q0JhdPPV+fjsJeiuwZ23Abs+HNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUE+s6832ip8J0TUIx6ERAD4+1zt8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0UtczY4MzJpcDhKMFRV
SXg2RVJBRDQtMXp0OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAGN+KKxGvlwnVTAcxd6W6uJnPbC6W9R/c
wW3gnjTCcU3W36VoUGJp9ddufrX0l014nZbSrfNerziHsdMODwigOzo3u50NC7EV
R4GlEeTeNGi+ts7qqifE6xilVFEwiC1ZzU6WLE4RornqUToQ2fDExhsDDfZoPvUJ
sL76gfCNUK+IMlS8V/NfMTfFDOJgzf45PEdacUMxUKgs5jAc3hA+2t2MV5QGzFKD
u8Lecg7xtOlaRxBsj3mVLxPQJZucnQzJCoqrp4hN6h54fW6Du6zMyfX9Irx/k7r5
BC76Jkt/FJIo5MtWi+/FXiXRGos9uOlegWcUHT35qG6R7CRw7z8nZw==
-----END CERTIFICATE-----
Generated at Mon Apr 8 12:58:56 2024 by rpki-client on console.sobornost.net