Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Z_pUiVoQslASfpCMw_J1pkIrDcs.roa
File: Z_pUiVoQslASfpCMw_J1pkIrDcs.roa (raw, json)
Hash identifier: +lzFYTUxfbZol4SNbEwwPa3pmXmslndGDsqXm9d/zSY=
Subject key identifier: 67:FA:54:89:5A:10:B2:50:12:7E:90:8C:C3:F2:75:A6:42:2B:0D:CB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FEE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Z_pUiVoQslASfpCMw_J1pkIrDcs.roa
Signing time: Tue 02 Apr 2024 10:52:43 +0000
ROA not before: Tue 02 Apr 2024 10:52:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4078 (0xfee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 2 10:52:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=67FA54895A10B250127E908CC3F275A6422B0DCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:48:7d:65:0f:07:13:a5:79:fd:c1:a0:69:
dd:00:10:a3:31:19:9a:cc:ec:4d:3d:00:a4:66:c2:
0d:15:f6:d6:e5:d0:5a:76:d4:a0:5d:89:4c:aa:ab:
81:5c:b4:ad:60:c4:e6:46:70:bd:4b:f6:7c:46:94:
6a:1c:80:55:69:c8:de:25:57:d7:31:35:6a:f4:72:
80:68:28:2b:a8:97:99:07:2b:ed:1d:eb:e3:ba:64:
ef:46:09:fd:44:bf:b0:28:38:0c:6c:d7:3c:ed:30:
c4:ba:a2:ba:0c:d1:48:0d:20:3d:9f:12:ad:fd:a8:
09:3d:63:ff:59:43:65:95:bd:69:fb:dc:ae:35:9f:
7c:e3:d2:d6:88:4a:f7:06:e9:43:5c:cf:70:a5:87:
6a:a4:2e:ae:9e:b1:c2:d0:81:3a:5a:75:9e:ff:bc:
0c:ac:51:c2:3f:43:e5:a4:c0:49:56:48:1e:4b:01:
e1:0c:9d:8e:5d:3b:62:2b:a9:bb:dc:d9:6d:65:16:
fc:28:06:b5:cd:6f:be:1a:9f:a0:22:f2:6b:e9:69:
3a:c1:c4:29:50:7e:81:16:a8:53:b1:9b:38:9a:d4:
46:d2:26:75:ec:4e:67:ca:f5:7e:5d:3e:0d:1f:fb:
79:6b:07:e4:e6:83:a6:16:b3:fc:09:54:b2:5a:fc:
03:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FA:54:89:5A:10:B2:50:12:7E:90:8C:C3:F2:75:A6:42:2B:0D:CB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Z_pUiVoQslASfpCMw_J1pkIrDcs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:1d:4c:b0:da:df:f0:1e:f6:2e:0c:a6:9f:f3:ff:77:f7:97:
82:1c:60:f3:c5:32:2c:46:34:1c:1c:2d:b6:4b:cb:5b:4e:8b:
28:11:04:69:63:1f:e3:e4:31:51:d6:7f:06:cb:8d:54:ff:5c:
12:31:33:87:eb:93:b9:be:0b:63:42:94:30:74:03:26:59:cf:
4b:bc:4a:04:11:8a:12:ca:fa:99:12:b3:0d:e9:4d:f6:c6:73:
8e:5a:2d:e9:e0:6f:7f:a2:8a:98:79:8f:ff:b2:b4:de:13:56:
c4:1e:a8:65:51:7e:76:0a:f6:30:ea:6f:45:39:75:be:5f:6a:
fb:ce:b0:14:9e:fe:09:4b:4b:42:54:00:ac:b7:2e:1f:e9:ff:
71:ab:87:85:a1:75:be:ac:6a:87:e0:58:ae:38:aa:cb:f8:35:
84:ca:9b:71:b3:b3:6b:c3:8b:d3:3c:f7:a2:f2:18:24:7e:64:
c7:67:ed:74:81:04:fc:e3:ae:e1:41:8c:cb:68:a8:69:24:24:
0a:9a:85:f6:50:c4:a5:0e:7d:e6:eb:eb:93:dd:01:23:f7:2c:
e0:4e:9a:4d:60:c6:ba:ad:ed:64:b4:90:3b:66:ff:87:4f:6c:
63:2a:de:fb:46:0d:8e:8a:14:44:47:dc:bd:c1:34:d9:fc:0b:
48:1f:7c:09
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDIx
MDUyNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY3RkE1NDg5NUExMEIy
NTAxMjdFOTA4Q0MzRjI3NUE2NDIyQjBEQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFfUh9ZQ8HE6V5/cGgad0AEKMxGZrM7E09AKRmwg0V9tbl0Fp2
1KBdiUyqq4FctK1gxOZGcL1L9nxGlGocgFVpyN4lV9cxNWr0coBoKCuol5kHK+0d
6+O6ZO9GCf1Ev7AoOAxs1zztMMS6oroM0UgNID2fEq39qAk9Y/9ZQ2WVvWn73K41
n3zj0taISvcG6UNcz3Clh2qkLq6escLQgTpadZ7/vAysUcI/Q+WkwElWSB5LAeEM
nY5dO2Irqbvc2W1lFvwoBrXNb74an6Ai8mvpaTrBxClQfoEWqFOxmzia1EbSJnXs
TmfK9X5dPg0f+3lrB+Tmg6YWs/wJVLJa/APpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZ/pUiVoQslASfpCMw/J1pkIrDcswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1pfcFVpVm9Rc2xBU2Zw
Q013X0oxcGtJckRjcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAwh1MsNrf8B72Lgymn/P/d/eXghxg88Uy
LEY0HBwttkvLW06LKBEEaWMf4+QxUdZ/BsuNVP9cEjEzh+uTub4LY0KUMHQDJlnP
S7xKBBGKEsr6mRKzDelN9sZzjlot6eBvf6KKmHmP/7K03hNWxB6oZVF+dgr2MOpv
RTl1vl9q+86wFJ7+CUtLQlQArLcuH+n/cauHhaF1vqxqh+BYrjiqy/g1hMqbcbOz
a8OL0zz3ovIYJH5kx2ftdIEE/OOu4UGMy2ioaSQkCpqF9lDEpQ595uvrk90BI/cs
4E6aTWDGuq3tZLSQO2b/h09sYyre+0YNjooUREfcvcE02fwLSB98CQ==
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:48:33 2024 by rpki-client on console.sobornost.net