Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/POZEJq5kvu-_sXw1cqbGis4r9Kc.roa
File: POZEJq5kvu-_sXw1cqbGis4r9Kc.roa (raw, json)
Hash identifier: 2ZgoQnoNSLska0HU29tawzBpqxg/yTGv5aL/Sd91FGw=
Subject key identifier: 3C:E6:44:26:AE:64:BE:EF:BF:B1:7C:35:72:A6:C6:8A:CE:2B:F4:A7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FB6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/POZEJq5kvu-_sXw1cqbGis4r9Kc.roa
Signing time: Mon 01 Apr 2024 20:52:41 +0000
ROA not before: Mon 01 Apr 2024 20:52:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4022 (0xfb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 20:52:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3CE64426AE64BEEFBFB17C3572A6C68ACE2BF4A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c8:40:cd:a3:7a:dc:78:e6:bd:f8:81:c9:ae:
13:f9:1e:d6:3c:07:c1:cc:4e:1e:61:18:ce:3d:43:
d8:1e:60:ed:be:ea:5b:40:b8:62:36:9b:07:47:25:
cf:35:76:74:64:f4:3e:f1:c2:3c:0e:8f:af:c6:de:
65:d8:8c:54:72:af:eb:13:9e:c5:7d:3f:e3:e4:ec:
3c:2f:10:ab:99:9c:b4:39:8a:97:c1:df:ac:b6:c3:
93:6a:6b:df:c3:1f:93:17:90:ec:1a:93:6c:47:51:
22:48:99:0d:cb:21:8c:13:69:3c:a2:a8:28:93:10:
04:a1:c1:e2:a3:21:8e:8c:c1:61:ee:17:5c:0c:e8:
fc:80:5a:1e:83:0a:9b:52:a8:3f:87:15:81:b1:0c:
5f:5c:04:ce:e3:04:85:e5:2a:96:07:06:5c:a2:13:
1d:e9:16:54:e2:ca:84:89:88:43:ec:14:a6:72:7d:
03:c0:06:e6:35:b9:ab:1e:f1:34:ea:0e:e6:fb:70:
be:86:ac:69:b9:80:ec:df:3a:c7:30:05:9f:f2:27:
19:7d:c4:13:91:cb:74:72:e9:ff:26:f0:0d:54:02:
69:db:cb:4d:41:a1:19:c4:78:23:14:64:e6:38:10:
84:c7:f3:2f:e8:e7:60:4d:1b:93:e2:a6:52:9d:d7:
33:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E6:44:26:AE:64:BE:EF:BF:B1:7C:35:72:A6:C6:8A:CE:2B:F4:A7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/POZEJq5kvu-_sXw1cqbGis4r9Kc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:06:71:2e:52:de:71:c5:22:e5:01:09:f9:5a:91:15:13:9b:
6f:9b:6d:02:b5:71:0b:72:1a:97:9e:a8:79:b1:49:ef:b7:52:
2a:b0:56:73:b9:83:6c:14:18:56:93:05:3a:2a:eb:b9:27:9c:
35:76:f2:44:e2:eb:c3:4d:22:ff:bb:15:9f:5b:f6:bf:10:2b:
95:c1:48:eb:2d:48:b5:bc:49:7c:33:89:b5:7e:1f:06:c7:9e:
06:3b:61:39:90:7a:6d:1f:d5:4c:e6:17:6b:28:ce:e9:80:92:
ca:32:89:4f:ce:da:4a:16:63:a2:15:09:80:a9:6c:fe:8d:4d:
95:2d:00:d5:d1:bf:a3:c8:78:a7:f5:a1:96:5d:26:da:4e:0a:
67:6c:a1:bc:26:e2:de:57:c0:77:74:50:80:4f:4b:e2:4a:e7:
3a:bf:f2:82:03:19:a1:11:83:70:94:02:54:39:35:9c:8c:12:
18:5b:6d:27:30:e8:0e:22:e4:64:fd:16:81:00:f4:cc:08:63:
a3:02:c6:9a:3b:e4:a9:c4:2e:70:b6:96:b6:79:f4:b3:f6:2b:
65:1c:70:13:7f:c5:cb:65:62:14:c4:23:11:1c:2e:47:d8:18:
e5:f5:4d:e2:7e:50:c6:40:54:30:ba:3e:a6:dc:67:d7:9a:dd:
dc:7c:e4:d6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEy
MDUyNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDRTY0NDI2QUU2NEJF
RUZCRkIxN0MzNTcyQTZDNjhBQ0UyQkY0QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpyEDNo3rceOa9+IHJrhP5HtY8B8HMTh5hGM49Q9geYO2+6ltA
uGI2mwdHJc81dnRk9D7xwjwOj6/G3mXYjFRyr+sTnsV9P+Pk7DwvEKuZnLQ5ipfB
36y2w5Nqa9/DH5MXkOwak2xHUSJImQ3LIYwTaTyiqCiTEAShweKjIY6MwWHuF1wM
6PyAWh6DCptSqD+HFYGxDF9cBM7jBIXlKpYHBlyiEx3pFlTiyoSJiEPsFKZyfQPA
BuY1uase8TTqDub7cL6GrGm5gOzfOscwBZ/yJxl9xBORy3Ry6f8m8A1UAmnby01B
oRnEeCMUZOY4EITH8y/o52BNG5PiplKd1zPXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPOZEJq5kvu+/sXw1cqbGis4r9KcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BPWkVKcTVrdnUtX3NY
dzFjcWJHaXM0cjlLYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAywZxLlLeccUi5QEJ+VqRFRObb5ttArVx
C3Ial56oebFJ77dSKrBWc7mDbBQYVpMFOirruSecNXbyROLrw00i/7sVn1v2vxAr
lcFI6y1ItbxJfDOJtX4fBseeBjthOZB6bR/VTOYXayjO6YCSyjKJT87aShZjohUJ
gKls/o1NlS0A1dG/o8h4p/Whll0m2k4KZ2yhvCbi3lfAd3RQgE9L4krnOr/yggMZ
oRGDcJQCVDk1nIwSGFttJzDoDiLkZP0WgQD0zAhjowLGmjvkqcQucLaWtnn0s/Yr
ZRxwE3/Fy2ViFMQjERwuR9gY5fVN4n5QxkBUMLo+ptxn15rd3Hzk1g==
-----END CERTIFICATE-----
Generated at Tue Apr 2 02:40:47 2024 by rpki-client on console.sobornost.net