Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/aF1ocZubdd7Nl1U3_oYt0zJ7xcg.roa
File: aF1ocZubdd7Nl1U3_oYt0zJ7xcg.roa (raw, json)
Hash identifier: pMipymrLD3L1aduFxedxgebPN4LRONxb2LztCxnql9w=
Subject key identifier: 68:5D:68:71:9B:9B:75:DE:CD:97:55:37:FE:86:2D:D3:32:7B:C5:C8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F9E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/aF1ocZubdd7Nl1U3_oYt0zJ7xcg.roa
Signing time: Mon 01 Apr 2024 14:52:37 +0000
ROA not before: Mon 01 Apr 2024 14:52:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3998 (0xf9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 14:52:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=685D68719B9B75DECD975537FE862DD3327BC5C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:01:e2:81:e3:bb:d1:a1:78:7f:a5:04:d4:
64:a3:2f:76:1f:6c:c5:92:12:6a:ba:d1:65:52:6e:
52:77:99:a9:df:ff:c1:0b:8e:9d:32:81:fb:82:65:
73:8a:c2:c4:ba:d2:4a:92:66:a3:47:f1:34:d5:f7:
a4:d2:38:d4:95:34:05:4b:89:0e:29:93:87:92:fa:
fa:60:b7:68:92:aa:2f:08:47:d9:05:bc:c8:00:1b:
58:7f:a7:c7:49:3c:3b:c7:f6:20:b3:6e:3f:5c:6b:
08:4c:0a:af:e5:0d:a0:7b:aa:bf:f8:2a:14:68:88:
ac:d4:4d:c3:70:94:8a:a8:7b:1b:0b:f7:4d:ec:a6:
c1:db:8d:59:15:e2:55:19:23:07:e4:44:11:d7:a0:
db:0c:b5:69:a8:ee:af:1c:dc:f7:e4:e7:54:b0:9f:
43:c7:7b:f0:81:6a:87:27:bc:33:7c:15:73:5a:d4:
65:03:22:ff:a7:ec:32:44:48:35:3c:71:a4:09:e7:
ac:80:6f:9a:0e:0b:8f:81:13:c6:26:47:91:d1:b7:
4c:f4:c1:46:5e:7a:0a:93:2c:1f:16:af:4e:bb:77:
35:1b:5b:a8:33:04:9d:1a:4e:cd:a7:4a:7b:ba:00:
c2:0b:51:e0:11:55:a6:ec:0e:29:6d:35:7a:31:01:
0e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5D:68:71:9B:9B:75:DE:CD:97:55:37:FE:86:2D:D3:32:7B:C5:C8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/aF1ocZubdd7Nl1U3_oYt0zJ7xcg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:ab:b4:48:70:0e:a9:3d:08:e7:d3:01:a9:58:7c:bf:9d:be:
65:ff:e5:b6:ea:0a:0e:7c:6c:04:88:53:ab:cc:5f:ca:58:4a:
ac:ca:13:8b:23:3e:0f:0e:0d:98:e9:e2:66:e5:50:db:43:3a:
e1:b3:d2:1e:02:27:f6:0d:31:11:d6:d6:ea:67:56:c6:a7:19:
9c:f4:92:be:69:36:fa:6a:fe:b4:ce:a6:d3:47:55:1a:b2:4f:
de:7f:5f:9b:6d:3a:84:d5:8e:e1:60:a9:6f:8a:3e:e6:cb:da:
3b:86:87:28:bf:51:ab:e9:87:72:d4:b5:94:c1:cd:47:9e:92:
af:48:37:72:4d:61:b7:8d:fb:b8:01:d8:50:35:4d:4c:25:78:
21:ec:d0:ad:d6:40:43:ff:6a:8a:c6:30:23:71:a2:72:62:35:
e5:9a:6e:98:5e:2a:14:bb:b4:30:38:d2:10:b8:ac:69:e3:d8:
de:bc:89:02:0b:20:0e:a2:54:6b:74:a4:4e:42:99:3f:84:e3:
ad:73:5b:f8:d0:12:a8:1d:e0:f4:e8:0e:c3:cc:93:51:5c:5d:
2b:02:91:2d:d5:18:27:0e:15:21:36:b0:88:f4:69:82:0f:dd:
d9:55:14:9d:ab:33:da:22:01:1b:82:72:db:8c:77:54:32:c3:
5d:ed:3e:d9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEx
NDUyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY4NUQ2ODcxOUI5Qjc1
REVDRDk3NTUzN0ZFODYyREQzMzI3QkM1QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfxQHigeO70aF4f6UE1GSjL3YfbMWSEmq60WVSblJ3manf/8EL
jp0ygfuCZXOKwsS60kqSZqNH8TTV96TSONSVNAVLiQ4pk4eS+vpgt2iSqi8IR9kF
vMgAG1h/p8dJPDvH9iCzbj9cawhMCq/lDaB7qr/4KhRoiKzUTcNwlIqoexsL903s
psHbjVkV4lUZIwfkRBHXoNsMtWmo7q8c3Pfk51Swn0PHe/CBaocnvDN8FXNa1GUD
Iv+n7DJESDU8caQJ56yAb5oOC4+BE8YmR5HRt0z0wUZeegqTLB8Wr067dzUbW6gz
BJ0aTs2nSnu6AMILUeARVabsDiltNXoxAQ5fAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaF1ocZubdd7Nl1U3/oYt0zJ7xcgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2FGMW9jWnViZGQ3Tmwx
VTNfb1l0MHpKN3hjZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAsau0SHAOqT0I59MBqVh8v52+Zf/ltuoK
DnxsBIhTq8xfylhKrMoTiyM+Dw4NmOniZuVQ20M64bPSHgIn9g0xEdbW6mdWxqcZ
nPSSvmk2+mr+tM6m00dVGrJP3n9fm206hNWO4WCpb4o+5svaO4aHKL9Rq+mHctS1
lMHNR56Sr0g3ck1ht437uAHYUDVNTCV4IezQrdZAQ/9qisYwI3GicmI15ZpumF4q
FLu0MDjSELisaePY3ryJAgsgDqJUa3SkTkKZP4TjrXNb+NASqB3g9OgOw8yTUVxd
KwKRLdUYJw4VITawiPRpgg/d2VUUnasz2iIBG4Jy24x3VDLDXe0+2Q==
-----END CERTIFICATE-----
Generated at Mon Apr 1 20:28:33 2024 by rpki-client on console.sobornost.net