Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/REMtNWz5l4SVAxxpeY_dY5I0YB8.roa
File: REMtNWz5l4SVAxxpeY_dY5I0YB8.roa (raw, json)
Hash identifier: lU5ZDzCborQSJPxiNqKKUF9sfbNXHxBIFpn7bfZLXo4=
Subject key identifier: 44:43:2D:35:6C:F9:97:84:95:03:1C:69:79:8F:DD:63:92:34:60:1F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FAC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/REMtNWz5l4SVAxxpeY_dY5I0YB8.roa
Signing time: Mon 01 Apr 2024 18:22:40 +0000
ROA not before: Mon 01 Apr 2024 18:22:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4012 (0xfac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 18:22:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=44432D356CF9978495031C69798FDD639234601F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a5:b9:4d:c4:23:1d:c4:72:1f:c3:7c:2e:f7:
69:e9:4e:1b:c7:e0:d0:5f:29:fd:b3:69:9d:8b:f0:
9e:b9:01:26:b6:ea:3b:0f:c6:38:77:69:0f:4a:fe:
1b:8d:fb:f8:ef:be:06:e5:73:0d:b8:ea:4e:0b:b6:
52:0a:4e:36:6c:e5:21:92:00:91:58:06:65:3a:e5:
a3:f6:c2:f3:d5:d5:70:af:24:95:b1:fd:8d:7d:a4:
a5:52:1e:7b:b4:7d:32:db:c1:00:74:90:79:fb:bd:
e0:17:f5:8a:ff:6d:0a:9f:1e:40:6b:ba:dc:b5:6d:
84:5c:3c:f1:2d:70:5e:e2:44:51:f2:0c:ff:b7:ee:
2e:ee:b1:d9:2d:f1:9f:e7:25:0d:2d:c7:10:ba:d0:
5a:87:0a:24:62:ab:09:a7:b9:d6:70:60:f2:60:c0:
6b:68:77:17:89:0f:9d:80:81:cd:e0:d1:73:29:6f:
07:53:3c:ff:02:0b:b9:e5:bb:62:a8:13:f2:1a:a7:
36:d5:4b:59:71:4b:f2:cc:de:d6:a7:10:7c:70:3d:
fd:6c:8c:43:e4:c3:b7:fc:16:ed:67:9b:9a:2a:3c:
10:77:67:07:ed:6e:e4:c3:e1:1d:53:f4:7a:99:0f:
af:53:a6:99:7a:75:d9:34:62:5b:9e:11:61:c6:61:
04:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:43:2D:35:6C:F9:97:84:95:03:1C:69:79:8F:DD:63:92:34:60:1F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/REMtNWz5l4SVAxxpeY_dY5I0YB8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:f6:2b:c0:91:ed:86:ee:fe:66:be:07:93:d7:92:f4:fb:a4:
79:5a:fc:b3:71:b7:eb:9b:5c:c6:99:45:96:9c:c0:01:6b:ae:
dd:b2:27:79:e0:a0:0c:7b:3d:4a:f2:84:a4:59:92:4e:e3:30:
3e:7b:86:e2:17:49:a4:1b:a3:87:40:40:b9:f1:3e:57:36:3e:
c0:55:54:ae:21:87:24:df:e7:63:8d:4f:3b:e2:9e:b5:c1:7f:
38:e6:75:cc:f8:17:ca:dd:30:d3:eb:ae:f5:cf:cd:49:d9:35:
61:3f:9b:39:6a:04:58:ca:3e:cd:8b:cf:2b:f1:70:35:d2:ef:
bf:95:e2:b7:0d:d0:a7:7b:61:27:e4:9f:9b:1d:eb:d7:fe:49:
1c:7a:30:16:72:50:4b:2b:4f:ff:fe:74:30:10:4f:ce:de:70:
d4:58:5d:b5:32:cd:46:14:02:70:8e:9f:71:d6:6f:c0:3c:7e:
c3:75:63:4f:3f:9d:f2:e7:61:e7:9e:86:02:99:c7:14:35:8e:
92:7e:53:5d:16:73:33:87:24:e0:bd:6a:a1:ae:7b:ee:d4:0b:
a5:5d:bd:40:12:00:82:ad:55:e4:45:24:a5:6b:32:14:58:aa:
03:20:46:86:18:03:17:45:79:05:8f:d9:76:1d:02:d1:c3:af:
5a:ee:b7:d7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEx
ODIyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ0NDMyRDM1NkNGOTk3
ODQ5NTAzMUM2OTc5OEZERDYzOTIzNDYwMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCopblNxCMdxHIfw3wu92npThvH4NBfKf2zaZ2L8J65ASa26jsP
xjh3aQ9K/huN+/jvvgblcw246k4LtlIKTjZs5SGSAJFYBmU65aP2wvPV1XCvJJWx
/Y19pKVSHnu0fTLbwQB0kHn7veAX9Yr/bQqfHkBruty1bYRcPPEtcF7iRFHyDP+3
7i7usdkt8Z/nJQ0txxC60FqHCiRiqwmnudZwYPJgwGtodxeJD52Agc3g0XMpbwdT
PP8CC7nlu2KoE/IapzbVS1lxS/LM3tanEHxwPf1sjEPkw7f8Fu1nm5oqPBB3Zwft
buTD4R1T9HqZD69Tppl6ddk0YlueEWHGYQTrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUREMtNWz5l4SVAxxpeY/dY5I0YB8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1JFTXROV3o1bDRTVkF4
eHBlWV9kWTVJMFlCOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAI/YrwJHthu7+Zr4Hk9eS9PukeVr8s3G3
65tcxplFlpzAAWuu3bIneeCgDHs9SvKEpFmSTuMwPnuG4hdJpBujh0BAufE+VzY+
wFVUriGHJN/nY41PO+KetcF/OOZ1zPgXyt0w0+uu9c/NSdk1YT+bOWoEWMo+zYvP
K/FwNdLvv5Xitw3Qp3thJ+Sfmx3r1/5JHHowFnJQSytP//50MBBPzt5w1FhdtTLN
RhQCcI6fcdZvwDx+w3VjTz+d8udh556GApnHFDWOkn5TXRZzM4ck4L1qoa577tQL
pV29QBIAgq1V5EUkpWsyFFiqAyBGhhgDF0V5BY/Zdh0C0cOvWu631w==
-----END CERTIFICATE-----
Generated at Mon Apr 1 22:19:10 2024 by rpki-client on console.sobornost.net