Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Swr3N2OoAOSmVdF2ZoAfDU1Em1I.roa
File: Swr3N2OoAOSmVdF2ZoAfDU1Em1I.roa (raw, json)
Hash identifier: Nbnp1Vw7hCVJZOqh8X2BJwJlrGy9iv+uzanf/WdxM24=
Subject key identifier: 4B:0A:F7:37:63:A8:00:E4:A6:55:D1:76:66:80:1F:0D:4D:44:9B:52
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10B6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Swr3N2OoAOSmVdF2ZoAfDU1Em1I.roa
Signing time: Thu 04 Apr 2024 12:52:44 +0000
ROA not before: Thu 04 Apr 2024 12:52:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4278 (0x10b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 12:52:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4B0AF73763A800E4A655D17666801F0D4D449B52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:46:53:0f:4f:d5:b3:ff:eb:91:78:f9:63:47:
41:b7:48:ce:13:46:53:bb:bc:92:8d:0a:1c:4a:89:
b2:6f:1e:ae:08:6f:8c:17:76:92:88:37:35:e5:95:
f8:3d:a2:5f:0c:73:6b:33:f2:de:fe:d8:6e:52:f3:
01:b3:ea:e5:43:16:77:60:cd:da:16:f0:75:de:60:
d8:cd:ef:62:a3:32:f5:3d:c6:f5:99:7f:a4:36:f6:
99:a8:57:79:6f:01:c2:09:72:08:ca:a6:df:76:57:
1e:76:3c:a5:57:c6:e2:bf:cd:1f:2b:8b:a6:e8:0d:
02:1b:84:0c:9d:48:44:8f:f6:6a:20:97:be:9c:20:
ae:08:c0:9f:59:65:7b:98:96:73:7e:2d:a8:61:e8:
dc:e2:f0:0e:94:d5:d1:13:66:f2:35:7e:69:4e:da:
e9:4d:7f:39:e4:c6:86:78:c2:15:28:06:4a:93:e7:
00:bb:bf:f7:8c:23:37:2f:ef:f8:ed:06:42:b0:fa:
c1:2d:1f:44:5b:7a:bc:e6:b8:ef:2f:9f:bd:da:5a:
d6:5b:8b:66:85:37:a7:7e:51:57:18:be:6f:22:df:
47:2a:ef:f1:a9:68:b5:b9:0a:da:37:d4:18:11:58:
12:e4:ec:c4:7f:3a:f1:f2:fd:ac:47:78:e9:22:38:
e0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0A:F7:37:63:A8:00:E4:A6:55:D1:76:66:80:1F:0D:4D:44:9B:52
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Swr3N2OoAOSmVdF2ZoAfDU1Em1I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:cc:9c:fc:3b:af:db:5e:71:b0:a2:4a:4d:6a:59:59:86:69:
33:3a:0c:55:a5:8d:e9:d7:6a:44:c4:bf:92:ce:92:a7:44:f0:
05:5a:ea:81:87:00:d5:ef:21:87:89:26:0f:cf:2e:31:da:42:
62:de:f0:c3:b2:56:40:2e:83:c8:97:76:8d:45:87:5a:50:22:
bf:4d:a7:52:4c:b3:fc:5f:32:28:cf:f6:59:49:72:2f:68:cb:
ab:78:b3:98:f1:f2:88:11:1e:bc:96:a2:09:9a:27:73:63:db:
e0:8a:8e:9a:39:61:e9:e4:c3:1b:d8:23:c7:61:72:de:45:be:
94:6b:58:18:59:43:53:6f:92:60:c7:1d:91:1a:7d:73:4d:c5:
cf:56:33:37:59:c5:8c:35:63:4c:c0:d2:c8:c2:b8:ae:dc:a5:
a3:74:b3:a7:78:42:63:a9:28:06:6c:fe:c6:48:ed:9e:cf:6a:
d1:e6:30:ab:5f:74:44:f7:88:02:17:9e:8b:65:dd:74:10:a0:
59:7e:09:64:c0:88:46:d6:81:13:07:cb:46:21:35:86:34:5e:
82:89:8c:e5:ab:47:a1:80:63:08:91:8e:fd:e2:2d:d7:fb:03:
37:e7:1e:82:37:cf:78:aa:db:e0:26:c4:e5:7d:e4:47:b3:ed:
fa:2d:0d:fd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICELYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQx
MjUyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCMEFGNzM3NjNBODAw
RTRBNjU1RDE3NjY2ODAxRjBENEQ0NDlCNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhRlMPT9Wz/+uRePljR0G3SM4TRlO7vJKNChxKibJvHq4Ib4wX
dpKINzXllfg9ol8Mc2sz8t7+2G5S8wGz6uVDFndgzdoW8HXeYNjN72KjMvU9xvWZ
f6Q29pmoV3lvAcIJcgjKpt92Vx52PKVXxuK/zR8ri6boDQIbhAydSESP9mogl76c
IK4IwJ9ZZXuYlnN+Lahh6Nzi8A6U1dETZvI1fmlO2ulNfznkxoZ4whUoBkqT5wC7
v/eMIzcv7/jtBkKw+sEtH0RberzmuO8vn73aWtZbi2aFN6d+UVcYvm8i30cq7/Gp
aLW5Cto31BgRWBLk7MR/OvHy/axHeOkiOOBDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSwr3N2OoAOSmVdF2ZoAfDU1Em1IwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1N3cjNOMk9vQU9TbVZk
RjJab0FmRFUxRW0xSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAnsyc/Duv215xsKJKTWpZWYZpMzoMVaWN
6ddqRMS/ks6Sp0TwBVrqgYcA1e8hh4kmD88uMdpCYt7ww7JWQC6DyJd2jUWHWlAi
v02nUkyz/F8yKM/2WUlyL2jLq3izmPHyiBEevJaiCZonc2Pb4IqOmjlh6eTDG9gj
x2Fy3kW+lGtYGFlDU2+SYMcdkRp9c03Fz1YzN1nFjDVjTMDSyMK4rtylo3Szp3hC
Y6koBmz+xkjtns9q0eYwq190RPeIAheei2XddBCgWX4JZMCIRtaBEwfLRiE1hjRe
gomM5atHoYBjCJGO/eIt1/sDN+cegjfPeKrb4CbE5X3kR7Pt+i0N/Q==
-----END CERTIFICATE-----
Generated at Thu Apr 4 19:57:51 2024 by rpki-client on console.sobornost.net