Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ZqdY_o-HY7TENOKSxgIXrXKt1sc.roa
File: ZqdY_o-HY7TENOKSxgIXrXKt1sc.roa (raw, json)
Hash identifier: ubx6HL8H883Mk++IvjLjYd2CuYU5LFINXnVvl2JeGaI=
Subject key identifier: 66:A7:58:FE:8F:87:63:B4:C4:34:E2:92:C6:02:17:AD:72:AD:D6:C7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F7C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ZqdY_o-HY7TENOKSxgIXrXKt1sc.roa
Signing time: Mon 01 Apr 2024 06:22:41 +0000
ROA not before: Mon 01 Apr 2024 06:22:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3964 (0xf7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 06:22:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=66A758FE8F8763B4C434E292C60217AD72ADD6C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cd:11:6a:e3:82:a9:46:3e:95:d2:84:c8:d0:
17:11:7b:01:d0:d2:0e:ee:8a:39:2f:cb:07:9b:b2:
6e:06:68:e6:ee:0d:67:67:d3:bd:58:9c:f0:f8:40:
c6:08:80:cf:b6:71:65:d0:e5:27:e2:38:c9:0c:01:
2f:f8:d2:57:ac:c6:51:6e:c9:65:8d:4e:42:ea:09:
86:6c:2d:cc:d3:25:45:82:6c:f4:a9:6b:5e:85:3f:
11:a0:61:7b:b3:3c:11:81:87:e1:53:cc:79:96:ae:
c4:15:36:44:16:9f:21:a1:ef:70:55:a4:32:0a:0a:
e6:12:0f:e7:ca:42:6a:e7:10:66:f3:a9:47:44:ff:
67:f4:32:03:7d:c7:7d:1b:35:11:28:2e:d3:1c:cd:
3b:18:1f:0f:87:84:63:b4:87:97:4b:98:15:00:63:
58:81:24:f6:c2:30:3a:cc:45:09:07:a8:3d:8a:16:
99:06:ef:56:e2:04:27:9b:ef:94:43:3b:84:40:19:
93:b7:b4:e2:fb:35:d9:81:b8:60:ad:94:cf:a8:e2:
93:f7:a5:46:2f:34:c6:dc:7e:b6:9c:cc:8c:4b:fe:
6c:93:71:4e:a6:8c:1e:41:3c:b8:a2:88:f6:7f:8a:
50:a7:c1:56:5f:d7:57:29:03:2d:c9:f5:b5:90:30:
56:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A7:58:FE:8F:87:63:B4:C4:34:E2:92:C6:02:17:AD:72:AD:D6:C7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ZqdY_o-HY7TENOKSxgIXrXKt1sc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:36:a1:0b:14:74:4d:cf:ee:00:20:8a:0a:d9:48:51:06:ad:
a6:ec:69:dd:0d:1a:13:ee:ef:35:26:8c:2c:a2:b3:64:80:52:
80:44:f0:80:2b:09:8c:43:61:00:73:c7:28:1a:af:db:bf:0e:
47:c6:96:3b:5e:26:ea:0a:fe:eb:41:c8:80:2e:49:f3:83:05:
2e:26:bb:1b:24:35:69:19:fb:e1:40:ef:55:c7:96:31:d9:99:
4c:b5:96:8f:6d:5f:6e:80:22:92:ae:d3:24:8f:01:e5:dd:77:
78:db:79:23:78:c5:b8:77:2f:c6:56:d2:90:0e:8c:2d:9d:63:
d7:56:c2:4b:06:6a:50:c1:76:9c:4f:34:87:1c:e6:d3:86:35:
cc:bd:d4:60:aa:9c:2c:12:a5:ad:7c:5a:a0:3b:a0:0a:54:a6:
24:72:35:96:b0:fa:07:e8:37:92:74:97:f7:50:dd:58:bd:5f:
37:93:7c:f2:03:88:fd:e0:33:73:a4:57:0b:7f:d1:fe:ef:61:
54:2a:7d:50:47:0c:e1:ce:c1:f7:f8:df:20:f5:40:55:d2:7c:
56:98:33:f0:34:df:07:6e:e0:c4:97:92:3d:7e:52:ba:f5:ce:
7c:d1:0b:b1:32:09:5f:25:9b:1c:5b:83:45:33:64:a1:94:89:
d9:16:08:45
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD3wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEw
NjIyNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY2QTc1OEZFOEY4NzYz
QjRDNDM0RTI5MkM2MDIxN0FENzJBREQ2QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6zRFq44KpRj6V0oTI0BcRewHQ0g7uijkvywebsm4GaObuDWdn
071YnPD4QMYIgM+2cWXQ5SfiOMkMAS/40lesxlFuyWWNTkLqCYZsLczTJUWCbPSp
a16FPxGgYXuzPBGBh+FTzHmWrsQVNkQWnyGh73BVpDIKCuYSD+fKQmrnEGbzqUdE
/2f0MgN9x30bNREoLtMczTsYHw+HhGO0h5dLmBUAY1iBJPbCMDrMRQkHqD2KFpkG
71biBCeb75RDO4RAGZO3tOL7NdmBuGCtlM+o4pP3pUYvNMbcfraczIxL/myTcU6m
jB5BPLiiiPZ/ilCnwVZf11cpAy3J9bWQMFbfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZqdY/o+HY7TENOKSxgIXrXKt1scwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1pxZFlfby1IWTdURU5P
S1N4Z0lYclhLdDFzYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAHzahCxR0Tc/uACCKCtlIUQatpuxp3Q0a
E+7vNSaMLKKzZIBSgETwgCsJjENhAHPHKBqv278OR8aWO14m6gr+60HIgC5J84MF
Lia7GyQ1aRn74UDvVceWMdmZTLWWj21fboAikq7TJI8B5d13eNt5I3jFuHcvxlbS
kA6MLZ1j11bCSwZqUMF2nE80hxzm04Y1zL3UYKqcLBKlrXxaoDugClSmJHI1lrD6
B+g3knSX91DdWL1fN5N88gOI/eAzc6RXC3/R/u9hVCp9UEcM4c7B9/jfIPVAVdJ8
Vpgz8DTfB27gxJeSPX5SuvXOfNELsTIJXyWbHFuDRTNkoZSJ2RYIRQ==
-----END CERTIFICATE-----
Generated at Mon Apr 1 11:18:47 2024 by rpki-client on console.sobornost.net