Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/EauVEVsesOVuHvffYP-C-MVNMlY.roa
File: EauVEVsesOVuHvffYP-C-MVNMlY.roa (raw, json)
Hash identifier: tfBLcYVB/8gfBjGeOShNjk56qO9iZLqLnVC/pIzBy9Q=
Subject key identifier: 11:AB:95:11:5B:1E:B0:E5:6E:1E:F7:DF:60:FF:82:F8:C5:4D:32:56
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E1C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/EauVEVsesOVuHvffYP-C-MVNMlY.roa
Signing time: Thu 28 Mar 2024 14:22:32 +0000
ROA not before: Thu 28 Mar 2024 14:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3612 (0xe1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 28 14:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=11AB95115B1EB0E56E1EF7DF60FF82F8C54D3256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5c:b0:1b:cf:03:7e:1a:55:0f:b6:ec:da:70:
c6:7b:fc:cb:05:17:6a:8a:4c:61:f4:4d:9f:81:c2:
d0:15:6e:27:40:06:26:e3:e8:a6:91:82:dc:8c:1c:
cf:77:94:2b:bd:f8:c7:74:b8:dc:e5:a3:33:86:df:
4c:93:95:d0:75:05:5a:e6:3d:8f:8b:8c:a7:14:25:
ab:98:c0:8d:84:2f:2f:5a:98:5a:b3:e0:81:ff:46:
97:68:0b:b8:af:76:8b:6e:e5:22:08:44:bf:0f:a6:
6b:f6:37:41:c2:e1:4f:a3:b4:8e:d9:91:41:b8:9b:
a8:f6:07:c1:48:71:5e:11:3e:28:36:35:11:1c:84:
78:5f:2b:b5:6c:05:c5:29:16:84:d2:05:17:5a:a7:
bd:28:1d:27:67:8b:4c:e6:05:6a:c2:dd:8d:8c:3c:
68:30:c4:f3:be:6c:83:e1:40:85:06:48:15:cb:72:
43:88:a2:cc:6a:da:92:5b:1b:23:94:72:0e:fb:05:
c4:bb:47:01:0d:bb:a0:a9:44:85:54:12:d4:cb:5d:
e6:11:b5:48:ed:2e:a7:ee:d9:56:d3:70:f7:b3:e5:
57:ea:49:7d:44:2a:15:22:94:25:aa:fe:bd:53:1a:
e6:79:63:53:ed:82:d9:6f:73:93:cf:4e:87:5f:dd:
55:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AB:95:11:5B:1E:B0:E5:6E:1E:F7:DF:60:FF:82:F8:C5:4D:32:56
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/EauVEVsesOVuHvffYP-C-MVNMlY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:fa:c6:a5:df:2b:3a:7b:3a:af:db:30:75:bd:17:4e:9e:e3:
3d:08:83:90:61:73:df:e5:6b:25:d1:91:90:a9:70:5b:e2:83:
f7:3c:c8:76:bc:22:ed:d6:45:5e:59:4a:df:5f:ef:37:68:da:
86:60:8a:a5:54:71:75:ba:df:60:0e:16:bd:fc:73:32:f6:e7:
cd:e7:6d:ae:10:3b:d3:40:12:11:b4:07:a3:26:bc:be:f5:b4:
96:ec:fa:63:71:5c:23:32:8f:20:43:74:16:a6:fe:5b:91:86:
47:cf:00:7a:be:ac:50:44:b1:fd:b3:4e:8d:bf:83:55:ab:47:
98:22:2c:4d:7a:ee:c4:d8:56:69:c5:2c:f2:c3:22:9f:21:fe:
df:10:72:a3:a2:ed:da:99:6c:a1:e2:4b:bd:59:c0:5a:22:d2:
8e:43:a4:4a:43:74:d0:65:33:ab:c0:f1:b5:4d:88:95:75:b5:
fe:94:e6:77:ad:5b:07:45:06:12:63:a0:38:96:6c:fd:68:1d:
73:dd:9c:3d:70:6f:18:4e:02:51:45:82:ec:77:39:e7:ad:26:
19:49:8e:95:87:21:fe:70:a7:2d:35:c3:0c:72:8b:73:c2:1e:
07:89:d2:ec:d3:40:7a:fa:ea:0d:41:50:e5:d8:8a:7d:a9:13:
f1:64:bc:df
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDhwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjgx
NDIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDExQUI5NTExNUIxRUIw
RTU2RTFFRjdERjYwRkY4MkY4QzU0RDMyNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrXLAbzwN+GlUPtuzacMZ7/MsFF2qKTGH0TZ+BwtAVbidABibj
6KaRgtyMHM93lCu9+Md0uNzlozOG30yTldB1BVrmPY+LjKcUJauYwI2ELy9amFqz
4IH/RpdoC7ivdotu5SIIRL8Ppmv2N0HC4U+jtI7ZkUG4m6j2B8FIcV4RPig2NREc
hHhfK7VsBcUpFoTSBRdap70oHSdni0zmBWrC3Y2MPGgwxPO+bIPhQIUGSBXLckOI
osxq2pJbGyOUcg77BcS7RwENu6CpRIVUEtTLXeYRtUjtLqfu2VbTcPez5VfqSX1E
KhUilCWq/r1TGuZ5Y1Ptgtlvc5PPTodf3VVxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUEauVEVsesOVuHvffYP+C+MVNMlYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0VhdVZFVnNlc09WdUh2
ZmZZUC1DLU1WTk1sWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEATPrGpd8rOns6r9swdb0XTp7jPQiDkGFz
3+VrJdGRkKlwW+KD9zzIdrwi7dZFXllK31/vN2jahmCKpVRxdbrfYA4WvfxzMvbn
zedtrhA700ASEbQHoya8vvW0luz6Y3FcIzKPIEN0Fqb+W5GGR88Aer6sUESx/bNO
jb+DVatHmCIsTXruxNhWacUs8sMinyH+3xByo6Lt2plsoeJLvVnAWiLSjkOkSkN0
0GUzq8DxtU2IlXW1/pTmd61bB0UGEmOgOJZs/Wgdc92cPXBvGE4CUUWC7Hc5560m
GUmOlYch/nCnLTXDDHKLc8IeB4nS7NNAevrqDUFQ5diKfakT8WS83w==
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:02:49 2024 by rpki-client on console.sobornost.net