Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/FGnLGQwjeBtK_hifygOIFfte10s.roa
File: FGnLGQwjeBtK_hifygOIFfte10s.roa (raw, json)
Hash identifier: idwrI3reC4orVxh3EVrnLgnx73lUkjvTNbKNAAVvwfM=
Subject key identifier: 14:69:CB:19:0C:23:78:1B:4A:FE:18:9F:CA:03:88:15:FB:5E:D7:4B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15FE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/FGnLGQwjeBtK_hifygOIFfte10s.roa
Signing time: Thu 18 Apr 2024 14:53:27 +0000
ROA not before: Thu 18 Apr 2024 14:53:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5630 (0x15fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 14:53:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1469CB190C23781B4AFE189FCA038815FB5ED74B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8b:06:07:31:18:d3:44:4d:26:05:c2:40:a3:
c1:2e:f1:a4:70:2c:37:62:6e:5c:ce:73:a2:5c:71:
2d:98:95:e5:3c:43:25:ec:61:e1:8b:45:c8:6d:78:
ae:98:b1:12:c3:7e:2a:48:e6:45:93:a3:23:35:54:
af:1e:f4:fc:03:ac:26:f7:ba:a1:cf:b8:f1:7e:8f:
c0:0a:c7:76:03:59:1a:71:11:18:a0:f5:35:bf:bf:
9b:05:af:fb:28:26:24:7d:26:89:8f:92:8e:3b:2f:
86:39:f1:2b:6d:3c:83:a2:c3:c6:96:0d:19:98:a4:
26:b7:3d:ed:3c:2e:e8:ce:c4:5c:a8:2d:66:24:63:
27:f7:00:99:31:d5:05:f8:91:dc:3b:d3:f0:ad:06:
86:70:19:0b:44:be:85:43:50:c4:db:31:d8:d1:b1:
f2:b7:75:eb:66:7b:f2:37:71:09:f3:25:98:c7:37:
e2:f9:c0:26:bc:61:ac:40:b3:8b:fb:1c:f1:e4:b4:
7d:82:e2:15:8f:8a:09:8d:eb:76:18:e1:e8:49:cd:
b3:80:83:c9:7b:3c:51:76:2f:7c:af:06:de:eb:4b:
6e:d9:69:22:cf:09:2a:bd:a1:83:55:69:35:9d:37:
9b:c3:57:46:17:4c:67:db:ac:0b:ba:33:82:52:dc:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:69:CB:19:0C:23:78:1B:4A:FE:18:9F:CA:03:88:15:FB:5E:D7:4B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/FGnLGQwjeBtK_hifygOIFfte10s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:f1:4e:4e:6c:35:79:0b:cd:9b:7a:28:1b:02:ac:97:2f:ec:
8d:02:0b:cb:51:be:7f:2a:11:0a:9a:bf:3e:80:14:6e:73:0f:
c7:b7:3b:76:10:b1:f6:fb:f0:c5:94:b8:eb:e3:b5:41:5c:04:
51:9c:db:d0:89:12:d6:f4:b1:8c:71:1b:41:17:1e:7a:c3:e5:
9a:7e:9c:18:80:eb:dc:20:e3:1d:7c:ed:b1:b6:18:7b:bd:47:
cd:65:8d:ff:52:fc:36:05:6a:b7:20:ea:bc:3b:77:5a:e8:de:
a7:61:d3:44:ac:8d:40:63:41:d2:f9:57:d0:a3:b3:44:b9:d4:
39:a3:81:58:24:c8:0b:9f:28:94:4c:28:9b:ed:4b:4c:7d:75:
54:79:b7:36:6b:92:a1:62:db:2c:6b:b8:54:cb:08:47:c5:7d:
ed:42:33:3f:52:9c:f3:76:6c:e3:71:5d:f7:d3:40:bd:67:66:
56:da:d8:43:01:83:45:d5:e5:5e:c4:3e:43:63:08:f6:13:47:
ca:36:c9:55:ed:5d:5a:15:e4:1f:e8:2d:e5:7d:6e:e5:aa:7a:
21:12:f2:e9:24:cc:e1:76:2e:81:b9:cf:3b:71:7f:e0:ba:ce:
d8:e4:67:ef:52:48:48:56:70:1d:4a:8f:2c:a4:31:93:2d:32:
32:21:05:2e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgx
NDUzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0NjlDQjE5MEMyMzc4
MUI0QUZFMTg5RkNBMDM4ODE1RkI1RUQ3NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmiwYHMRjTRE0mBcJAo8Eu8aRwLDdiblzOc6JccS2YleU8QyXs
YeGLRchteK6YsRLDfipI5kWToyM1VK8e9PwDrCb3uqHPuPF+j8AKx3YDWRpxERig
9TW/v5sFr/soJiR9JomPko47L4Y58SttPIOiw8aWDRmYpCa3Pe08LujOxFyoLWYk
Yyf3AJkx1QX4kdw70/CtBoZwGQtEvoVDUMTbMdjRsfK3detme/I3cQnzJZjHN+L5
wCa8YaxAs4v7HPHktH2C4hWPigmN63YY4ehJzbOAg8l7PFF2L3yvBt7rS27ZaSLP
CSq9oYNVaTWdN5vDV0YXTGfbrAu6M4JS3BbpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFGnLGQwjeBtK/hifygOIFfte10swHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0ZHbkxHUXdqZUJ0S19o
aWZ5Z09JRmZ0ZTEwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAy/FOTmw1eQvNm3ooGwKsly/sjQILy1G+
fyoRCpq/PoAUbnMPx7c7dhCx9vvwxZS46+O1QVwEUZzb0IkS1vSxjHEbQRceesPl
mn6cGIDr3CDjHXztsbYYe71HzWWN/1L8NgVqtyDqvDt3Wujep2HTRKyNQGNB0vlX
0KOzRLnUOaOBWCTIC58olEwom+1LTH11VHm3NmuSoWLbLGu4VMsIR8V97UIzP1Kc
83Zs43Fd99NAvWdmVtrYQwGDRdXlXsQ+Q2MI9hNHyjbJVe1dWhXkH+gt5X1u5ap6
IRLy6STM4XYugbnPO3F/4LrO2ORn71JISFZwHUqPLKQxky0yMiEFLg==
-----END CERTIFICATE-----
Generated at Thu Apr 18 22:00:45 2024 by rpki-client on console.sobornost.net