Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/LHxWljL3HALdpo5M9Kwv4hsqagk.roa
File: LHxWljL3HALdpo5M9Kwv4hsqagk.roa (raw, json)
Hash identifier: +X4SXdFSgG6O5h3jJajFZR1vIIZPMFUT9NEwCoddjk4=
Subject key identifier: 2C:7C:56:96:32:F7:1C:02:DD:A6:8E:4C:F4:AC:2F:E2:1B:2A:6A:09
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BAA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LHxWljL3HALdpo5M9Kwv4hsqagk.roa
Signing time: Fri 03 May 2024 17:54:12 +0000
ROA not before: Fri 03 May 2024 17:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7082 (0x1baa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 17:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2C7C569632F71C02DDA68E4CF4AC2FE21B2A6A09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:77:b9:8a:23:09:c3:26:3d:0f:6b:f9:5e:ae:
5d:04:8c:1e:8d:2a:9f:92:01:d1:81:44:a3:1e:77:
9e:21:e8:92:90:53:be:e8:2e:3b:ef:2c:54:da:73:
b0:e2:b7:78:10:ab:f7:13:14:fb:db:dd:bc:e7:aa:
6e:6c:0b:66:02:a9:9b:32:da:fb:ae:86:06:1e:33:
50:c8:c4:bb:ad:e0:fd:0d:a4:8f:53:98:e0:3b:7b:
99:28:ae:2b:c0:1e:26:4e:58:dc:6f:66:6e:7b:25:
4e:b6:9e:e5:96:c3:b3:06:7b:37:de:99:f4:06:64:
c9:6a:60:38:b0:16:6f:f9:33:99:9a:da:85:17:26:
26:8a:10:3e:c3:ae:2e:a1:f1:b8:9a:8b:9d:e9:69:
ef:ea:de:17:5d:c7:f0:5c:c3:09:1e:36:ed:a0:8d:
2a:fc:7e:20:44:1b:ed:e8:8f:e3:e0:9b:fa:7d:76:
92:d1:dc:06:d5:73:80:fd:9e:29:03:11:c8:65:87:
64:18:8d:af:9d:d9:ee:d9:1d:dc:d3:ef:a5:c5:36:
a4:aa:e4:98:df:e3:15:0e:d7:ba:e0:48:c9:12:b7:
aa:d2:86:2e:09:53:8f:0e:52:97:2c:70:c9:c3:0a:
99:24:89:68:c4:30:99:89:4f:4c:ef:cd:b6:97:49:
dc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7C:56:96:32:F7:1C:02:DD:A6:8E:4C:F4:AC:2F:E2:1B:2A:6A:09
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LHxWljL3HALdpo5M9Kwv4hsqagk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:be:e5:0f:c5:96:ae:0b:59:e3:76:c1:4e:5b:a1:a8:dc:e4:
57:60:ac:e8:6f:30:e2:8f:59:d2:6c:d0:5f:56:d6:31:8b:43:
38:d9:88:99:c2:66:f7:a3:6f:64:bd:54:54:e6:48:fb:e8:59:
93:e5:f4:87:4e:a7:02:7d:d5:0b:09:bb:4d:70:67:aa:e8:6a:
99:f4:cc:a9:72:df:08:fb:4a:6b:91:10:7d:51:74:4c:c4:21:
7d:30:0b:85:54:17:09:c0:c0:f5:1b:79:fe:b1:f3:0e:8d:5e:
47:4f:54:71:d6:09:eb:5f:d5:6a:11:a0:29:cd:76:48:31:8b:
49:94:c5:9c:22:56:f6:ae:fd:cb:9d:20:27:7a:2d:2d:81:a3:
f8:91:ec:48:fc:a5:7e:2d:da:b9:91:4c:e0:f1:c2:02:a6:51:
a6:66:86:3d:94:8c:4d:d2:04:41:96:f8:e5:21:76:39:e6:95:
7b:b4:d4:88:ab:39:b6:f2:9d:32:38:2d:54:67:75:03:4e:39:
96:f1:e7:9a:44:3d:11:f0:f8:39:42:ef:09:30:e8:cf:7e:cf:
50:fb:17:a7:b4:90:4a:06:2b:22:e9:ad:3a:7e:6d:a3:bb:18:
5c:a7:18:ff:a3:b4:6a:f2:93:a6:7d:0e:bf:28:70:38:29:b0:
d3:1c:31:cf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG6owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMx
NzU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDN0M1Njk2MzJGNzFD
MDJEREE2OEU0Q0Y0QUMyRkUyMUIyQTZBMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOd7mKIwnDJj0Pa/lerl0EjB6NKp+SAdGBRKMed54h6JKQU77o
LjvvLFTac7Dit3gQq/cTFPvb3bznqm5sC2YCqZsy2vuuhgYeM1DIxLut4P0NpI9T
mOA7e5korivAHiZOWNxvZm57JU62nuWWw7MGezfemfQGZMlqYDiwFm/5M5ma2oUX
JiaKED7Dri6h8biai53pae/q3hddx/BcwwkeNu2gjSr8fiBEG+3oj+Pgm/p9dpLR
3AbVc4D9nikDEchlh2QYja+d2e7ZHdzT76XFNqSq5Jjf4xUO17rgSMkSt6rShi4J
U48OUpcscMnDCpkkiWjEMJmJT0zvzbaXSdxtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULHxWljL3HALdpo5M9Kwv4hsqagkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0xIeFdsakwzSEFMZHBv
NU05S3d2NGhzcWFnay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAs77lD8WWrgtZ43bBTluhqNzkV2Cs6G8w
4o9Z0mzQX1bWMYtDONmImcJm96NvZL1UVOZI++hZk+X0h06nAn3VCwm7TXBnquhq
mfTMqXLfCPtKa5EQfVF0TMQhfTALhVQXCcDA9Rt5/rHzDo1eR09UcdYJ61/VahGg
Kc12SDGLSZTFnCJW9q79y50gJ3otLYGj+JHsSPylfi3auZFM4PHCAqZRpmaGPZSM
TdIEQZb45SF2OeaVe7TUiKs5tvKdMjgtVGd1A045lvHnmkQ9EfD4OULvCTDoz37P
UPsXp7SQSgYrIumtOn5to7sYXKcY/6O0avKTpn0OvyhwOCmw0xwxzw==
Generated at Fri May 3 23:21:24 2024 by rpki-client on console.sobornost.net