Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Zo2Ktu72ptHy3v7s84GaUWG5mWs.roa
File: Zo2Ktu72ptHy3v7s84GaUWG5mWs.roa (raw, json)
Hash identifier: J+CbAEIjv7m7kNfLiv6Fedvyic0+INqMd9pZPS93oqc=
Subject key identifier: 66:8D:8A:B6:EE:F6:A6:D1:F2:DE:FE:EC:F3:81:9A:51:61:B9:99:6B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1280
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Zo2Ktu72ptHy3v7s84GaUWG5mWs.roa
Signing time: Tue 09 Apr 2024 07:23:00 +0000
ROA not before: Tue 09 Apr 2024 07:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4736 (0x1280)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 9 07:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=668D8AB6EEF6A6D1F2DEFEECF3819A5161B9996B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:bf:01:b5:67:ce:51:b1:4e:c4:a6:ea:7b:9e:
cf:50:8f:46:d0:35:7c:19:09:8f:fb:e3:d3:cf:69:
14:f1:bf:c0:47:d6:53:d4:f3:49:73:b3:bb:0c:34:
eb:fd:91:09:7c:28:ce:8f:b7:2a:ce:bc:90:68:5c:
54:4d:f8:5a:08:39:95:f6:59:1b:6a:02:49:e4:77:
42:cc:87:a7:8e:a6:70:b3:67:49:44:6f:53:b8:e8:
db:de:cd:12:4f:b3:9b:03:6b:90:ca:46:79:6c:4d:
ff:d6:26:c5:f8:63:96:ab:0b:09:af:32:97:b6:9b:
5d:22:d5:0f:14:55:df:68:e5:b8:5b:43:5b:47:d1:
45:5f:1c:2b:84:d8:2f:16:3d:f0:39:5f:be:cf:fa:
ae:9c:7b:d9:49:6d:ce:b4:0f:e0:ff:6f:78:6c:1a:
a6:36:bf:b9:dc:f5:b7:50:e9:ab:62:45:f7:da:1e:
87:9a:e3:19:b5:20:19:4a:c9:ad:d6:1d:c0:43:ef:
d7:e0:0f:56:4f:50:4d:33:de:0b:cd:f2:c1:61:0c:
a5:0d:f0:ca:46:70:7d:60:65:3e:48:69:2b:ab:72:
db:ac:10:c2:55:fa:3d:ef:62:9a:22:a5:a5:c1:53:
61:83:b4:38:05:79:dd:8a:a9:12:1f:54:dc:17:47:
71:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8D:8A:B6:EE:F6:A6:D1:F2:DE:FE:EC:F3:81:9A:51:61:B9:99:6B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Zo2Ktu72ptHy3v7s84GaUWG5mWs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:02:e9:f0:78:ba:c2:8f:4a:f1:9b:37:36:05:b0:7e:fe:be:
30:41:7c:61:5d:0b:c6:a5:55:c8:8f:37:1e:29:0f:52:a6:94:
59:c0:48:5b:f0:84:04:26:e5:29:02:ce:6e:c2:a0:51:bc:a3:
5e:ab:e6:07:e9:aa:30:4b:80:70:fa:95:1c:1d:e9:89:fe:66:
08:0a:31:ee:dc:90:33:8c:80:30:41:70:96:ff:37:42:02:f1:
dc:d1:da:43:97:65:e9:75:6d:0b:f2:2b:3a:a0:d9:1b:5f:76:
ed:1e:aa:d6:a7:9b:14:68:1a:bf:1b:3c:64:26:77:36:75:53:
ef:c9:1a:91:87:f1:7e:97:fe:0c:08:88:0b:a7:e4:9f:c9:4b:
6e:62:88:53:a0:b0:5b:c1:04:f2:9b:19:e0:1b:da:98:5a:c7:
f8:7f:6a:52:44:77:e7:1c:e5:31:0a:c0:bd:a2:56:48:ac:6e:
bb:2c:b0:3a:6d:1f:a7:44:4f:bb:cf:bc:6c:87:6a:ca:17:6a:
49:5a:f1:d1:43:37:56:20:b6:35:05:f5:e2:3c:51:53:e2:49:
9a:dc:9a:14:f0:8e:54:e3:e7:b1:2c:f5:c5:a1:0e:73:b1:55:
ec:9b:ac:1f:63:5b:b3:ec:7c:2a:1f:24:e4:69:15:d6:fd:40:
88:5e:13:28
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDkw
NzIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY2OEQ4QUI2RUVGNkE2
RDFGMkRFRkVFQ0YzODE5QTUxNjFCOTk5NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDovwG1Z85RsU7Epup7ns9Qj0bQNXwZCY/749PPaRTxv8BH1lPU
80lzs7sMNOv9kQl8KM6PtyrOvJBoXFRN+FoIOZX2WRtqAknkd0LMh6eOpnCzZ0lE
b1O46NvezRJPs5sDa5DKRnlsTf/WJsX4Y5arCwmvMpe2m10i1Q8UVd9o5bhbQ1tH
0UVfHCuE2C8WPfA5X77P+q6ce9lJbc60D+D/b3hsGqY2v7nc9bdQ6atiRffaHoea
4xm1IBlKya3WHcBD79fgD1ZPUE0z3gvN8sFhDKUN8MpGcH1gZT5IaSurctusEMJV
+j3vYpoipaXBU2GDtDgFed2KqRIfVNwXR3ErAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZo2Ktu72ptHy3v7s84GaUWG5mWswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1pvMkt0dTcycHRIeTN2
N3M4NEdhVVdHNW1Xcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAgQLp8Hi6wo9K8Zs3NgWwfv6+MEF8YV0L
xqVVyI83HikPUqaUWcBIW/CEBCblKQLObsKgUbyjXqvmB+mqMEuAcPqVHB3pif5m
CAox7tyQM4yAMEFwlv83QgLx3NHaQ5dl6XVtC/IrOqDZG1927R6q1qebFGgavxs8
ZCZ3NnVT78kakYfxfpf+DAiIC6fkn8lLbmKIU6CwW8EE8psZ4BvamFrH+H9qUkR3
5xzlMQrAvaJWSKxuuyywOm0fp0RPu8+8bIdqyhdqSVrx0UM3ViC2NQX14jxRU+JJ
mtyaFPCOVOPnsSz1xaEOc7FV7JusH2Nbs+x8Kh8k5GkV1v1AiF4TKA==
-----END CERTIFICATE-----
Generated at Tue Apr 9 13:37:39 2024 by rpki-client on console.sobornost.net