Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/_ompHjVZWQsUFWKG_qs0u8bmyZ8.roa
File: _ompHjVZWQsUFWKG_qs0u8bmyZ8.roa (raw, json)
Hash identifier: dF/V78Lp7bJMSRXrTzx8Arayi0vAcWkrmUmDp8/sLFA=
Subject key identifier: FE:89:A9:1E:35:59:59:0B:14:15:62:86:FE:AB:34:BB:C6:E6:C9:9F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1208
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_ompHjVZWQsUFWKG_qs0u8bmyZ8.roa
Signing time: Mon 08 Apr 2024 01:22:55 +0000
ROA not before: Mon 08 Apr 2024 01:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4616 (0x1208)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 01:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FE89A91E3559590B14156286FEAB34BBC6E6C99F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a3:a6:18:d6:a3:95:ed:39:19:67:7e:04:f1:
98:60:ce:b5:f5:42:f2:d0:35:72:2a:af:2e:6f:09:
49:b3:a3:16:49:05:30:9f:6a:1b:39:23:6f:2f:1a:
33:83:52:6c:3d:a6:f8:f4:fa:b1:a7:bd:02:62:3b:
71:6c:d4:6b:8b:e4:fd:36:91:e7:0b:14:93:bb:22:
4e:cd:ab:1e:08:3b:40:82:a4:c3:01:a6:34:92:86:
a1:95:17:7a:45:1c:ff:eb:32:41:5a:2d:02:63:a5:
3c:6d:ba:49:a6:4b:97:62:40:2d:35:a3:b3:d2:5f:
d2:bd:6c:83:cc:46:3c:4c:06:33:2b:0f:ee:5b:8a:
b0:70:cf:b4:79:9a:e5:9c:02:be:61:5d:7b:a7:bc:
15:79:b5:1a:dd:ba:d2:46:06:40:2b:e8:08:aa:0c:
dd:14:ca:74:03:77:3e:36:ef:c4:03:dc:48:f2:0d:
ef:ad:d0:c1:06:cb:22:2a:55:c8:4d:63:8e:7e:c6:
b8:ba:94:11:3a:4a:51:fc:f8:f1:cb:50:0a:b6:58:
fb:a2:ca:a9:e8:92:6d:15:0a:08:b3:2a:88:52:3b:
4d:f9:24:29:6d:6c:e4:56:f1:ea:3b:15:3d:1a:80:
58:e5:12:87:cd:c0:f5:af:91:e2:e9:25:82:bd:5b:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:89:A9:1E:35:59:59:0B:14:15:62:86:FE:AB:34:BB:C6:E6:C9:9F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_ompHjVZWQsUFWKG_qs0u8bmyZ8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:a9:16:25:10:e5:d5:11:e4:10:8b:f2:b1:a5:9e:54:64:9f:
4f:bf:be:37:6f:4d:9a:3b:4e:c1:71:77:f6:a7:b9:45:37:33:
84:c0:fb:bf:b2:e3:ab:b8:93:88:53:c5:4a:92:7e:0e:0b:fc:
f8:ee:50:86:e4:31:84:2f:c6:67:c4:83:e0:be:a4:16:53:90:
76:4b:3c:db:a3:5e:b1:91:74:a7:b8:72:57:5b:5c:97:15:2b:
83:1f:bb:7d:c1:8d:d8:da:15:2c:e0:ca:73:47:7d:2f:60:14:
e2:6d:0c:f7:71:b3:f2:d8:2b:01:9c:f9:69:47:77:07:64:78:
45:cc:fa:6c:cc:96:97:d4:90:e7:58:ae:05:53:26:06:1d:c0:
43:8b:26:38:26:20:62:76:ca:8d:1a:be:6b:59:00:23:a5:fe:
55:ea:d2:9d:6e:57:91:a3:26:f6:8c:a2:9a:af:ea:fe:f8:8c:
2a:9f:b3:d4:f7:98:46:fe:4c:92:3c:e6:4a:f5:00:77:3b:ea:
21:ba:82:88:ee:fd:2d:03:85:a2:26:de:81:47:a0:da:95:7b:
30:ea:ea:96:f5:13:e4:55:2b:e0:a7:c8:35:1a:7a:cb:79:26:
77:bf:04:67:74:cd:9d:17:8c:2c:99:9b:58:bf:d6:28:e9:4e:
58:7a:82:0b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgw
MTIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFODlBOTFFMzU1OTU5
MEIxNDE1NjI4NkZFQUIzNEJCQzZFNkM5OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDro6YY1qOV7TkZZ34E8ZhgzrX1QvLQNXIqry5vCUmzoxZJBTCf
ahs5I28vGjODUmw9pvj0+rGnvQJiO3Fs1GuL5P02kecLFJO7Ik7Nqx4IO0CCpMMB
pjSShqGVF3pFHP/rMkFaLQJjpTxtukmmS5diQC01o7PSX9K9bIPMRjxMBjMrD+5b
irBwz7R5muWcAr5hXXunvBV5tRrdutJGBkAr6AiqDN0UynQDdz4278QD3EjyDe+t
0MEGyyIqVchNY45+xri6lBE6SlH8+PHLUAq2WPuiyqnokm0VCgizKohSO035JClt
bORW8eo7FT0agFjlEofNwPWvkeLpJYK9WwGBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/ompHjVZWQsUFWKG/qs0u8bmyZ8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL19vbXBIalZaV1FzVUZX
S0dfcXMwdThibXlaOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAA6kWJRDl1RHkEIvysaWeVGSfT7++N29N
mjtOwXF39qe5RTczhMD7v7Ljq7iTiFPFSpJ+Dgv8+O5QhuQxhC/GZ8SD4L6kFlOQ
dks826NesZF0p7hyV1tclxUrgx+7fcGN2NoVLODKc0d9L2AU4m0M93Gz8tgrAZz5
aUd3B2R4Rcz6bMyWl9SQ51iuBVMmBh3AQ4smOCYgYnbKjRq+a1kAI6X+VerSnW5X
kaMm9oyimq/q/viMKp+z1PeYRv5MkjzmSvUAdzvqIbqCiO79LQOFoibegUeg2pV7
MOrqlvUT5FUr4KfINRp6y3kmd78EZ3TNnReMLJmbWL/WKOlOWHqCCw==
-----END CERTIFICATE-----
Generated at Mon Apr 8 09:30:10 2024 by rpki-client on console.sobornost.net