Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Gr9hnR6DmsthfXMwdQbj2WCwjgg.roa
File: Gr9hnR6DmsthfXMwdQbj2WCwjgg.roa (raw, json)
Hash identifier: ovr40xaWXCoTvY4AmqOxsj8HU5ZsKCn8VUoy/tZEF3E=
Subject key identifier: 1A:BF:61:9D:1E:83:9A:CB:61:7D:73:30:75:06:E3:D9:60:B0:8E:08
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0DB8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Gr9hnR6DmsthfXMwdQbj2WCwjgg.roa
Signing time: Wed 27 Mar 2024 13:22:25 +0000
ROA not before: Wed 27 Mar 2024 13:22:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3512 (0xdb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 27 13:22:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1ABF619D1E839ACB617D73307506E3D960B08E08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0f:0d:12:27:c5:97:cf:aa:a7:26:d9:aa:a9:
50:44:74:c6:f6:cb:c7:b7:4d:84:c8:1d:10:59:7f:
cb:57:5b:79:57:b0:00:8a:9b:f0:e2:81:b2:46:5d:
51:97:00:a3:c4:a5:49:72:16:48:bc:b1:ea:40:80:
d2:25:aa:95:c9:8f:f9:c1:86:84:a0:0e:12:48:ae:
a7:53:3d:a0:d8:c3:f2:31:92:35:75:e1:b9:76:42:
84:1c:0c:ec:30:76:45:8f:14:ba:f2:2a:04:82:dd:
7c:ef:81:33:5f:01:32:0a:3f:fd:bb:b8:85:cf:09:
f7:bf:c2:27:89:b1:c3:0d:9f:5e:ad:ba:7a:1a:6c:
af:91:3e:a4:94:77:77:12:04:03:35:85:5f:cf:f4:
17:e9:44:54:fb:1c:79:97:bd:46:3c:0b:4f:3b:c6:
ff:ea:63:37:9d:0b:9f:45:ef:04:a6:4c:fa:e9:c8:
54:9e:42:f0:89:2a:3f:46:bd:ae:7d:db:57:9e:e0:
f8:a3:7d:72:4f:cd:9c:37:ba:dc:2a:70:0b:cf:71:
73:f2:19:eb:68:7d:04:d9:c9:e0:07:e6:cf:4a:4e:
67:8f:92:7f:d6:96:85:20:4d:4e:ea:62:73:b5:01:
4e:b6:cd:10:3e:e4:41:e2:87:7c:db:5f:34:a5:68:
a4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BF:61:9D:1E:83:9A:CB:61:7D:73:30:75:06:E3:D9:60:B0:8E:08
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Gr9hnR6DmsthfXMwdQbj2WCwjgg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:15:32:ea:7f:42:3f:83:4a:31:79:5b:32:b3:89:9b:8f:f1:
1e:f8:c4:5a:4f:d5:37:1b:09:cf:9d:6a:78:81:1d:2f:c7:82:
e6:73:41:c4:37:93:a0:9d:9e:f6:15:ee:bb:2f:a9:87:36:e2:
16:0f:98:56:dc:1c:36:e5:ae:bc:87:8f:ac:26:00:bb:a5:88:
a1:9b:30:d2:20:3e:46:9a:38:cd:b1:f5:19:e4:f1:a2:6b:00:
b4:64:16:6e:d2:a6:84:ac:a4:f8:aa:09:3e:0f:a0:47:fe:87:
59:c7:f9:44:a1:2c:36:47:71:70:aa:6f:45:30:93:f7:20:6e:
92:76:08:ac:6c:7d:fe:63:c9:49:97:6b:ca:8e:de:17:42:dc:
14:18:25:b5:0c:e9:f1:4d:7d:25:99:23:14:a7:cf:70:b6:e1:
3e:73:3e:4a:00:a8:f1:8b:f6:76:7b:e7:30:a7:72:d1:f1:71:
8c:72:7d:4f:b8:06:47:90:18:9a:f6:11:13:58:6d:04:60:95:
59:02:98:c0:7a:e1:30:54:c6:09:5d:f6:d8:77:03:ea:f8:68:
ab:54:39:78:e8:35:dc:0a:0c:27:be:e0:ab:53:96:d6:3a:b3:
7a:bf:cd:38:c1:92:aa:67:c5:18:a9:1b:f9:22:8a:0f:bd:65:
e8:85:97:55
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDbgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjcx
MzIyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFBQkY2MTlEMUU4MzlB
Q0I2MTdENzMzMDc1MDZFM0Q5NjBCMDhFMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrDw0SJ8WXz6qnJtmqqVBEdMb2y8e3TYTIHRBZf8tXW3lXsACK
m/DigbJGXVGXAKPEpUlyFki8sepAgNIlqpXJj/nBhoSgDhJIrqdTPaDYw/IxkjV1
4bl2QoQcDOwwdkWPFLryKgSC3XzvgTNfATIKP/27uIXPCfe/wieJscMNn16tunoa
bK+RPqSUd3cSBAM1hV/P9BfpRFT7HHmXvUY8C087xv/qYzedC59F7wSmTPrpyFSe
QvCJKj9Gva5921ee4PijfXJPzZw3utwqcAvPcXPyGetofQTZyeAH5s9KTmePkn/W
loUgTU7qYnO1AU62zRA+5EHih3zbXzSlaKQLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGr9hnR6DmsthfXMwdQbj2WCwjggwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0dyOWhuUjZEbXN0aGZY
TXdkUWJqMldDd2pnZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAsxUy6n9CP4NKMXlbMrOJm4/xHvjEWk/V
NxsJz51qeIEdL8eC5nNBxDeToJ2e9hXuuy+phzbiFg+YVtwcNuWuvIePrCYAu6WI
oZsw0iA+Rpo4zbH1GeTxomsAtGQWbtKmhKyk+KoJPg+gR/6HWcf5RKEsNkdxcKpv
RTCT9yBuknYIrGx9/mPJSZdryo7eF0LcFBgltQzp8U19JZkjFKfPcLbhPnM+SgCo
8Yv2dnvnMKdy0fFxjHJ9T7gGR5AYmvYRE1htBGCVWQKYwHrhMFTGCV322HcD6vho
q1Q5eOg13AoMJ77gq1OW1jqzer/NOMGSqmfFGKkb+SKKD71l6IWXVQ==
-----END CERTIFICATE-----
Generated at Wed Mar 27 20:11:32 2024 by rpki-client on console.sobornost.net