Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/U4Sptf7gRZNRIIM1jI2VqiS6Phs.roa
File: U4Sptf7gRZNRIIM1jI2VqiS6Phs.roa (raw, json)
Hash identifier: h8a6+UCJD3JzRHI5mmbiXYMWIk9dJXZia5bZK6xWkhs=
Subject key identifier: 53:84:A9:B5:FE:E0:45:93:51:20:83:35:8C:8D:95:AA:24:BA:3E:1B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 139C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/U4Sptf7gRZNRIIM1jI2VqiS6Phs.roa
Signing time: Fri 12 Apr 2024 06:23:10 +0000
ROA not before: Fri 12 Apr 2024 06:23:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5020 (0x139c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 06:23:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5384A9B5FEE04593512083358C8D95AA24BA3E1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2e:63:a0:8d:8c:df:7d:ff:0a:d7:a8:ab:0b:
c3:19:3b:97:d8:7a:c9:55:1c:5e:3b:96:7d:d2:b0:
e4:c1:47:68:4f:48:4b:1f:bd:ce:e9:2d:8a:10:28:
72:85:83:9e:bf:99:cc:03:5a:13:d3:c7:19:88:5d:
63:0d:97:58:41:a9:3c:a6:d6:a4:45:c2:4c:bd:e2:
38:27:e6:56:7e:f4:b6:fd:19:bb:5a:b6:5c:6f:6b:
be:fb:ea:16:f2:f4:81:8d:f4:d0:fb:9d:40:7b:7f:
59:00:34:83:a9:ad:20:a7:76:8d:a5:cb:aa:91:f5:
cc:ee:39:6f:4c:2e:fb:a5:f9:52:1b:5f:8e:3c:30:
7b:4d:22:b2:49:62:b9:f0:ff:c8:f2:8c:b1:c1:84:
0d:5c:76:98:17:71:a0:d4:76:f0:87:52:81:ed:5a:
68:b1:e0:1b:93:5c:24:78:9b:ee:eb:e8:3a:6b:2a:
cf:6c:5c:a8:0e:69:53:8d:52:10:89:4f:90:3e:11:
95:a1:37:3b:b4:77:ab:e8:65:eb:6f:24:61:61:f2:
e8:b6:b9:0b:6a:ab:32:2a:e0:30:0a:70:28:ba:9d:
ca:60:70:98:a4:aa:bb:57:2b:e7:42:64:dd:42:50:
e9:10:9f:2a:7d:8f:a9:d1:17:f4:ea:9b:81:ec:4d:
dc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:84:A9:B5:FE:E0:45:93:51:20:83:35:8C:8D:95:AA:24:BA:3E:1B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/U4Sptf7gRZNRIIM1jI2VqiS6Phs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:7d:2a:4d:a6:ba:51:7f:8d:c8:72:f3:67:81:1f:05:2b:c5:
5c:38:3d:bf:22:9b:7d:87:e3:ac:ae:db:3d:b8:79:11:e9:de:
54:9c:5d:6b:ea:dd:69:92:b7:23:e1:9a:59:07:3c:b5:e7:3c:
d2:97:3e:47:3d:81:48:b9:4b:6d:38:02:fd:3a:4a:08:e3:6d:
49:12:0b:8f:63:90:b9:1f:3f:9a:72:d0:8c:60:0b:f0:c2:7b:
9f:5d:ab:93:2d:e9:ce:71:82:e9:54:5c:3c:dc:03:96:69:7f:
37:4e:91:09:00:f1:90:c6:b2:4c:1c:57:51:6f:94:ba:35:56:
4a:9b:69:ae:f5:38:0d:9f:4b:ad:22:c2:a4:bf:58:9f:6d:82:
45:2f:13:61:5a:87:4a:e8:8d:63:8c:fe:75:25:bb:c1:c5:ea:
af:b8:9f:99:11:7b:aa:64:c4:6b:16:02:46:f2:9e:28:42:10:
43:8f:0a:e6:ff:e4:05:00:5d:75:ec:9c:07:4e:f5:74:12:04:
f5:1d:6b:f7:91:d8:43:17:67:74:4f:41:05:d2:4e:7a:96:9e:
a6:a4:41:68:59:69:2d:df:06:92:52:f2:48:dd:1f:43:56:bc:
75:ed:7f:95:8e:21:02:14:17:64:8c:f1:a2:cc:2a:a6:06:7a:
8c:c5:ee:f6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIw
NjIzMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzODRBOUI1RkVFMDQ1
OTM1MTIwODMzNThDOEQ5NUFBMjRCQTNFMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTLmOgjYzfff8K16irC8MZO5fYeslVHF47ln3SsOTBR2hPSEsf
vc7pLYoQKHKFg56/mcwDWhPTxxmIXWMNl1hBqTym1qRFwky94jgn5lZ+9Lb9Gbta
tlxva7776hby9IGN9ND7nUB7f1kANIOprSCndo2ly6qR9czuOW9MLvul+VIbX448
MHtNIrJJYrnw/8jyjLHBhA1cdpgXcaDUdvCHUoHtWmix4BuTXCR4m+7r6DprKs9s
XKgOaVONUhCJT5A+EZWhNzu0d6voZetvJGFh8ui2uQtqqzIq4DAKcCi6ncpgcJik
qrtXK+dCZN1CUOkQnyp9j6nRF/Tqm4HsTdzPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUU4Sptf7gRZNRIIM1jI2VqiS6PhswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1U0U3B0ZjdnUlpOUklJ
TTFqSTJWcWlTNlBocy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAt30qTaa6UX+NyHLzZ4EfBSvFXDg9vyKb
fYfjrK7bPbh5EeneVJxda+rdaZK3I+GaWQc8tec80pc+Rz2BSLlLbTgC/TpKCONt
SRILj2OQuR8/mnLQjGAL8MJ7n12rky3pznGC6VRcPNwDlml/N06RCQDxkMayTBxX
UW+UujVWSptprvU4DZ9LrSLCpL9Yn22CRS8TYVqHSuiNY4z+dSW7wcXqr7ifmRF7
qmTEaxYCRvKeKEIQQ48K5v/kBQBddeycB071dBIE9R1r95HYQxdndE9BBdJOepae
pqRBaFlpLd8GklLySN0fQ1a8de1/lY4hAhQXZIzxoswqpgZ6jMXu9g==
-----END CERTIFICATE-----
Generated at Fri Apr 12 12:41:59 2024 by rpki-client on console.sobornost.net