Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/_piIaW235Lx9-Ic6ffMAVdfGj44.roa
File: _piIaW235Lx9-Ic6ffMAVdfGj44.roa (raw, json)
Hash identifier: IUTxoot89PkdTPqUDF9AM+kAwoLUUxtaMxy/PImqIwA=
Subject key identifier: FE:98:88:69:6D:B7:E4:BC:7D:F8:87:3A:7D:F3:00:55:D7:C6:8F:8E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1910
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_piIaW235Lx9-Ic6ffMAVdfGj44.roa
Signing time: Fri 26 Apr 2024 19:23:49 +0000
ROA not before: Fri 26 Apr 2024 19:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6416 (0x1910)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 26 19:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FE9888696DB7E4BC7DF8873A7DF30055D7C68F8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:67:2f:19:ff:a7:f0:3b:34:00:f8:d6:a0:
e3:9c:ab:74:48:2c:a2:94:96:04:ee:72:1a:92:a6:
50:6a:5a:25:10:de:6f:a8:52:35:38:2e:4e:87:76:
be:00:3a:81:dc:7b:4c:ae:bc:0f:74:46:28:d9:de:
cc:3e:af:23:80:9d:d1:7d:58:e2:77:ab:e0:ec:0d:
ae:4d:ac:1c:9e:42:ca:c8:e5:da:30:19:9b:7d:5b:
3e:9f:2e:ab:41:4a:0a:d9:16:98:e7:22:20:dd:b2:
d8:91:79:5c:ef:db:67:0a:02:f7:b5:52:01:cd:6a:
75:df:00:e7:fc:f1:c9:e1:55:fa:57:13:36:6e:0e:
6e:28:d7:4f:bd:73:04:5c:1f:9b:5e:f1:9a:7d:61:
20:3a:07:cc:27:fd:a7:34:d5:b7:b2:f6:a2:fd:27:
d3:1a:db:84:35:0c:7a:7e:a7:8c:10:df:67:c2:8d:
1f:6e:a4:95:0f:f0:79:84:26:8a:3e:03:76:4a:a7:
af:fb:f2:3d:f1:b4:a7:86:ae:c5:9b:08:59:d8:d4:
28:af:a1:15:43:92:a8:4d:a9:46:fb:ed:7d:c6:5f:
0f:9f:8a:2e:c1:70:97:05:ab:f1:46:4a:be:16:90:
13:e5:55:11:25:7a:72:9f:f8:47:b6:03:cb:91:10:
8e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:98:88:69:6D:B7:E4:BC:7D:F8:87:3A:7D:F3:00:55:D7:C6:8F:8E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/_piIaW235Lx9-Ic6ffMAVdfGj44.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:01:15:ec:c6:82:f2:e1:81:f0:fd:cf:ae:9d:20:f0:64:55:
b8:b3:1d:45:3a:90:c6:87:4f:05:f9:a9:42:35:96:26:44:ad:
69:33:c3:fb:9c:79:67:35:e4:9e:56:ff:93:7f:4d:f5:df:6d:
0c:b7:37:57:15:43:d9:3f:5d:ac:2c:09:24:ba:65:14:5c:45:
4a:6c:91:52:29:30:1a:38:3e:6d:d4:45:a4:f9:99:cd:b1:08:
04:52:87:31:df:78:bc:16:08:47:bc:09:41:03:ba:64:23:6a:
02:17:3d:e2:10:fb:3f:ee:01:5b:71:fe:8b:2e:11:6c:12:73:
87:a7:c3:38:ca:5d:47:72:7c:ac:c8:0b:85:8b:c2:10:9c:51:
b3:a4:c3:25:c4:ba:19:bc:4a:5c:e2:a8:e9:3f:53:05:11:2b:
39:7b:63:29:2c:b2:3b:00:b0:cd:7a:0c:c0:32:be:59:d6:43:
f1:30:ef:c3:f4:ec:41:91:5d:e6:23:91:8f:c8:7b:b4:07:cb:
51:2d:5a:d2:c2:dc:73:55:8f:9a:02:31:e5:ea:70:4b:e0:32:
28:e7:69:20:9c:77:e0:c6:5a:18:f8:bf:2d:cb:21:20:05:ba:
df:6a:53:26:26:f4:f0:3c:fb:86:b3:ce:28:90:e4:83:56:56:
01:a0:8e:dd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGRAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjYx
OTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFOTg4ODY5NkRCN0U0
QkM3REY4ODczQTdERjMwMDU1RDdDNjhGOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7i2cvGf+n8Ds0APjWoOOcq3RILKKUlgTuchqSplBqWiUQ3m+o
UjU4Lk6Hdr4AOoHce0yuvA90RijZ3sw+ryOAndF9WOJ3q+DsDa5NrByeQsrI5dow
GZt9Wz6fLqtBSgrZFpjnIiDdstiReVzv22cKAve1UgHNanXfAOf88cnhVfpXEzZu
Dm4o10+9cwRcH5te8Zp9YSA6B8wn/ac01bey9qL9J9Ma24Q1DHp+p4wQ32fCjR9u
pJUP8HmEJoo+A3ZKp6/78j3xtKeGrsWbCFnY1CivoRVDkqhNqUb77X3GXw+fii7B
cJcFq/FGSr4WkBPlVRElenKf+Ee2A8uREI6NAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/piIaW235Lx9+Ic6ffMAVdfGj44wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL19waUlhVzIzNUx4OS1J
YzZmZk1BVmRmR2o0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXQEV7MaC8uGB8P3Prp0g8GRVuLMdRTqQ
xodPBfmpQjWWJkStaTPD+5x5ZzXknlb/k39N9d9tDLc3VxVD2T9drCwJJLplFFxF
SmyRUikwGjg+bdRFpPmZzbEIBFKHMd94vBYIR7wJQQO6ZCNqAhc94hD7P+4BW3H+
iy4RbBJzh6fDOMpdR3J8rMgLhYvCEJxRs6TDJcS6GbxKXOKo6T9TBRErOXtjKSyy
OwCwzXoMwDK+WdZD8TDvw/TsQZFd5iORj8h7tAfLUS1a0sLcc1WPmgIx5epwS+Ay
KOdpIJx34MZaGPi/LcshIAW632pTJib08Dz7hrPOKJDkg1ZWAaCO3Q==
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:40:45 2024 by rpki-client on console.sobornost.net