Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/N8hTT0Ys43nFuugZ0RYso88T5yc.roa
File: N8hTT0Ys43nFuugZ0RYso88T5yc.roa (raw, json)
Hash identifier: CoGl2qJSI5lFkLptm9j4R/TLE1o9+I0r72oa3jzOx00=
Subject key identifier: 37:C8:53:4F:46:2C:E3:79:C5:BA:E8:19:D1:16:2C:A3:CF:13:E7:27
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 14D4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/N8hTT0Ys43nFuugZ0RYso88T5yc.roa
Signing time: Mon 15 Apr 2024 12:23:18 +0000
ROA not before: Mon 15 Apr 2024 12:23:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5332 (0x14d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 12:23:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=37C8534F462CE379C5BAE819D1162CA3CF13E727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:77:f6:ea:09:08:57:69:8d:b0:ff:d9:30:4c:
b1:66:f9:1d:8c:23:27:72:dc:27:e5:ac:67:17:f0:
01:95:61:d7:74:7c:a5:0c:f7:f1:f7:89:b2:77:30:
e9:89:d1:49:25:d0:2a:72:1e:99:c1:46:e2:9b:63:
bb:d4:9f:68:c0:ee:0f:6b:38:59:1e:bc:e4:8c:7b:
6e:aa:cd:f0:11:84:70:52:7f:81:af:9b:b0:bc:d6:
64:68:23:70:df:15:ba:9d:77:0d:ef:9b:99:2a:ba:
9e:76:bb:22:b9:3a:0c:86:af:59:cc:35:01:96:e0:
94:16:25:af:26:0c:fe:2d:72:5a:93:cc:e7:1a:65:
ac:5c:4c:37:07:02:c4:80:f1:06:e5:e3:e6:13:07:
be:c9:56:47:48:c2:6d:e3:e0:ed:19:65:de:8d:11:
64:4b:cd:5b:d0:76:63:fa:0b:b5:10:39:77:90:a5:
28:c5:bb:ad:6a:5f:0e:18:ff:b2:ab:a2:4a:d2:a0:
28:80:8d:42:6e:66:1c:b6:76:39:56:92:34:80:dc:
08:33:a4:e8:55:5f:98:6c:28:47:61:11:17:cc:78:
82:4e:7b:29:cf:3f:93:64:bf:bd:b7:1a:3c:79:ec:
36:46:8e:39:ff:40:67:ca:56:c9:6a:35:c2:21:d3:
7e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C8:53:4F:46:2C:E3:79:C5:BA:E8:19:D1:16:2C:A3:CF:13:E7:27
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/N8hTT0Ys43nFuugZ0RYso88T5yc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:1d:3d:59:83:db:e2:1d:ff:f3:db:3a:bd:f5:ae:59:e7:76:
7a:0a:ac:0c:c3:46:6c:96:e9:ef:e5:d3:0b:93:7c:76:15:c0:
95:7b:f4:f4:4f:c9:4d:07:26:a6:ae:08:eb:50:f7:cd:35:91:
58:15:55:60:de:8b:c3:3c:09:a2:36:85:e7:b8:ab:ff:4b:c7:
68:96:06:a6:4b:48:e9:75:e5:17:f4:7a:cd:73:5c:03:6c:73:
a1:11:82:10:f3:7f:0e:b8:e2:b3:11:35:de:15:d8:ec:d9:23:
4a:f2:d1:b9:06:23:e4:ea:ad:f5:4b:8d:0c:14:46:93:66:f4:
57:4c:01:b1:a6:56:43:68:1c:fc:0f:bb:57:69:d3:cf:1a:7c:
93:66:5f:23:68:fc:ef:e0:b6:ef:aa:b2:16:c6:56:7c:3f:16:
9a:a9:71:84:e0:b7:e7:97:ca:c2:d9:ec:a6:0b:f6:bd:a3:c1:
ce:71:74:3f:49:b3:62:0d:cc:69:9c:6b:bc:1e:83:14:7c:b2:
6c:62:24:ab:1d:75:21:77:ef:fa:7b:dd:da:0a:db:0d:09:5a:
67:f3:1b:64:5e:ca:af:36:21:0d:7a:17:af:f2:bc:c6:61:86:
40:7b:bc:e0:c8:ff:4f:af:88:d1:c3:5d:27:b2:1d:9d:e4:57:
db:b7:1c:17
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFNQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUx
MjIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3Qzg1MzRGNDYyQ0Uz
NzlDNUJBRTgxOUQxMTYyQ0EzQ0YxM0U3MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqd/bqCQhXaY2w/9kwTLFm+R2MIydy3CflrGcX8AGVYdd0fKUM
9/H3ibJ3MOmJ0Ukl0CpyHpnBRuKbY7vUn2jA7g9rOFkevOSMe26qzfARhHBSf4Gv
m7C81mRoI3DfFbqddw3vm5kqup52uyK5OgyGr1nMNQGW4JQWJa8mDP4tclqTzOca
ZaxcTDcHAsSA8Qbl4+YTB77JVkdIwm3j4O0ZZd6NEWRLzVvQdmP6C7UQOXeQpSjF
u61qXw4Y/7KrokrSoCiAjUJuZhy2djlWkjSA3AgzpOhVX5hsKEdhERfMeIJOeynP
P5Nkv723Gjx57DZGjjn/QGfKVslqNcIh036/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUN8hTT0Ys43nFuugZ0RYso88T5ycwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL044aFRUMFlzNDNuRnV1
Z1owUllzbzg4VDV5Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXR09WYPb4h3/89s6vfWuWed2egqsDMNG
bJbp7+XTC5N8dhXAlXv09E/JTQcmpq4I61D3zTWRWBVVYN6LwzwJojaF57ir/0vH
aJYGpktI6XXlF/R6zXNcA2xzoRGCEPN/DrjisxE13hXY7NkjSvLRuQYj5Oqt9UuN
DBRGk2b0V0wBsaZWQ2gc/A+7V2nTzxp8k2ZfI2j87+C276qyFsZWfD8WmqlxhOC3
55fKwtnspgv2vaPBznF0P0mzYg3MaZxrvB6DFHyybGIkqx11IXfv+nvd2grbDQla
Z/MbZF7KrzYhDXoXr/K8xmGGQHu84Mj/T6+I0cNdJ7IdneRX27ccFw==
-----END CERTIFICATE-----
Generated at Mon Apr 15 19:41:48 2024 by rpki-client on console.sobornost.net