Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/YI3YksVA6Xs10PT1YMr7OdxT2tE.roa
File: YI3YksVA6Xs10PT1YMr7OdxT2tE.roa (raw, json)
Hash identifier: iGZwRi89KuNCPaTbrZZReHchDBCpSXcEO1iXPmLYBpM=
Subject key identifier: 60:8D:D8:92:C5:40:E9:7B:35:D0:F4:F5:60:CA:FB:39:DC:53:DA:D1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1946
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/YI3YksVA6Xs10PT1YMr7OdxT2tE.roa
Signing time: Sat 27 Apr 2024 08:53:51 +0000
ROA not before: Sat 27 Apr 2024 08:53:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6470 (0x1946)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 27 08:53:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=608DD892C540E97B35D0F4F560CAFB39DC53DAD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6b:21:fd:e9:da:35:a0:64:dc:de:9b:a9:e0:
3e:a3:5c:a5:ea:09:05:c2:60:c5:ca:e5:6f:cd:20:
d7:b5:ef:ac:29:a9:0e:8f:a8:60:28:f2:98:20:d7:
f3:b2:83:8d:11:2e:ca:9f:d9:fc:2e:71:d6:c2:9e:
b6:07:fe:d1:56:cb:7d:4b:40:69:38:45:dc:32:2b:
c7:a8:98:aa:6b:81:74:30:1a:2b:c8:e9:12:32:7e:
76:0b:0a:42:d4:f5:7e:36:80:b9:85:11:6a:0b:8d:
31:bf:b9:95:03:35:71:b2:68:05:fc:5c:83:ff:1a:
51:75:7c:f5:f3:de:bf:c3:cd:3d:a7:1a:11:0f:a1:
45:a7:c9:35:9f:6f:83:1a:15:ca:04:e4:f2:a2:26:
19:8a:2d:e3:aa:a5:76:8f:d6:7e:03:32:30:f3:7d:
f5:4e:df:fe:f7:72:b3:89:b1:ef:3d:22:55:4e:0a:
db:d2:37:33:4c:fb:ea:42:f9:bf:b0:f6:13:de:42:
0d:17:3c:29:a6:cb:68:9e:b5:25:b5:e6:c8:62:a5:
06:df:13:70:0a:7f:bf:32:e4:45:e1:d2:85:e4:24:
33:48:20:2e:0c:3f:2b:b7:bf:3c:dd:c3:5f:ba:ab:
01:48:5f:95:5f:d8:38:56:fd:8b:40:14:b5:da:de:
2f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8D:D8:92:C5:40:E9:7B:35:D0:F4:F5:60:CA:FB:39:DC:53:DA:D1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/YI3YksVA6Xs10PT1YMr7OdxT2tE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:0e:bf:50:d7:14:02:2e:75:84:96:02:41:f8:8d:ef:6a:ab:
8e:b8:ab:67:d2:f9:7b:fd:71:e7:38:f4:e9:b7:3d:51:ed:a5:
8b:04:2c:2d:c9:8b:99:89:2d:58:7e:a5:78:94:19:e7:fa:e6:
8b:a8:a2:12:ad:af:e0:d4:12:74:a5:3c:7d:a0:f0:15:89:48:
7c:3f:dc:0c:81:ad:c5:be:7b:34:8e:40:22:08:c8:d8:e9:43:
d1:da:cf:62:06:ec:77:a9:55:89:c5:26:3f:8f:65:1e:14:bf:
f8:57:b6:e0:1c:c5:ec:cc:d4:d0:93:0e:86:df:56:4c:c1:13:
00:8d:a3:db:ff:88:80:2f:2c:53:0f:84:f8:0c:e9:a5:f7:14:
20:4f:ca:a7:3a:4f:ee:8c:21:f7:e9:4d:47:29:89:28:a8:39:
d9:ff:af:0b:83:0c:4d:ca:e1:c5:90:b8:f9:50:05:53:39:a2:
aa:28:2e:cc:e0:97:d2:97:e5:7d:71:62:59:c9:2c:2d:fb:cc:
3f:45:d1:70:da:3f:8b:62:ad:aa:a2:c0:ae:7b:b1:18:2f:52:
04:e9:b0:7d:dc:9b:55:08:f9:8d:52:86:07:da:0a:14:57:7a:
49:3a:c0:c1:13:b7:c1:b6:b2:76:39:62:40:ce:38:41:b7:0d:
77:b1:a7:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGUYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjcw
ODUzNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwOEREODkyQzU0MEU5
N0IzNUQwRjRGNTYwQ0FGQjM5REM1M0RBRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzayH96do1oGTc3pup4D6jXKXqCQXCYMXK5W/NINe176wpqQ6P
qGAo8pgg1/Oyg40RLsqf2fwucdbCnrYH/tFWy31LQGk4RdwyK8eomKprgXQwGivI
6RIyfnYLCkLU9X42gLmFEWoLjTG/uZUDNXGyaAX8XIP/GlF1fPXz3r/DzT2nGhEP
oUWnyTWfb4MaFcoE5PKiJhmKLeOqpXaP1n4DMjDzffVO3/73crOJse89IlVOCtvS
NzNM++pC+b+w9hPeQg0XPCmmy2ietSW15shipQbfE3AKf78y5EXh0oXkJDNIIC4M
Pyu3vzzdw1+6qwFIX5Vf2DhW/YtAFLXa3i8nAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYI3YksVA6Xs10PT1YMr7OdxT2tEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1lJM1lrc1ZBNlhzMTBQ
VDFZTXI3T2R4VDJ0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAgQ6/UNcUAi51hJYCQfiN72qrjrirZ9L5
e/1x5zj06bc9Ue2liwQsLcmLmYktWH6leJQZ5/rmi6iiEq2v4NQSdKU8faDwFYlI
fD/cDIGtxb57NI5AIgjI2OlD0drPYgbsd6lVicUmP49lHhS/+Fe24BzF7MzU0JMO
ht9WTMETAI2j2/+IgC8sUw+E+AzppfcUIE/KpzpP7owh9+lNRymJKKg52f+vC4MM
TcrhxZC4+VAFUzmiqiguzOCX0pflfXFiWcksLfvMP0XRcNo/i2KtqqLArnuxGC9S
BOmwfdybVQj5jVKGB9oKFFd6STrAwRO3wbaydjliQM44QbcNd7Gn9A==
-----END CERTIFICATE-----
Generated at Sat Apr 27 12:54:23 2024 by rpki-client on console.sobornost.net