Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/c3ZXQ-s8AZYOupsgrKpWkBBbkLI.roa
File: c3ZXQ-s8AZYOupsgrKpWkBBbkLI.roa (raw, json)
Hash identifier: tTsBU/St2nXtutknKLRgLlTmhI5+cuefFL2YQdYimfY=
Subject key identifier: 73:76:57:43:EB:3C:01:96:0E:BA:9B:20:AC:AA:56:90:10:5B:90:B2
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 160E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/c3ZXQ-s8AZYOupsgrKpWkBBbkLI.roa
Signing time: Thu 18 Apr 2024 18:53:27 +0000
ROA not before: Thu 18 Apr 2024 18:53:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5646 (0x160e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 18:53:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=73765743EB3C01960EBA9B20ACAA5690105B90B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:58:62:d0:ef:41:7f:9b:c4:16:e0:45:f2:f0:
a5:10:0e:52:e3:0d:4a:9a:cb:a2:6c:c8:52:ea:45:
3f:9c:ce:a4:8f:1b:f9:7d:27:b4:67:1f:79:95:df:
93:44:97:cf:79:7e:a5:1c:25:f6:2d:0c:ec:ae:f8:
c1:77:38:6d:07:3f:70:01:49:ff:ac:06:60:2b:9a:
86:c0:de:6c:73:bf:cd:bc:35:f9:0f:c1:fd:e9:15:
ee:1a:a5:51:93:03:a2:4f:d1:09:5d:7c:9d:51:8f:
6c:eb:8c:b5:32:d8:e0:18:e8:db:62:87:33:cd:4c:
ad:58:af:59:cd:6e:f3:57:be:b3:9b:06:7b:85:fc:
02:f4:50:1b:1d:2e:bc:44:5e:62:a3:8c:8c:9c:01:
9f:b0:ec:6e:61:38:da:20:63:ac:38:0f:70:2c:01:
6c:8f:7f:78:74:7a:9b:9b:03:bc:2c:e3:ed:95:05:
e3:a6:d0:4c:b1:a8:15:5f:55:08:c9:d9:99:69:ea:
eb:56:94:c5:b3:7c:41:5f:19:c5:a0:34:5d:44:9a:
9a:02:6e:5d:41:99:fe:64:36:db:35:b5:83:a1:df:
a2:79:7c:c3:91:6f:91:eb:43:88:a6:cf:da:8d:2c:
24:fb:b4:6e:50:50:6e:39:f7:e8:62:c6:c4:d3:69:
f5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:76:57:43:EB:3C:01:96:0E:BA:9B:20:AC:AA:56:90:10:5B:90:B2
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/c3ZXQ-s8AZYOupsgrKpWkBBbkLI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:da:97:69:3d:81:b7:93:66:a4:11:df:7d:77:e9:07:bc:66:
f4:4f:61:05:ed:08:2f:84:c6:e8:e0:20:5e:6f:d1:b6:28:dc:
67:fa:48:05:dd:c4:b4:7b:40:6e:be:44:e1:7e:6a:1d:93:8a:
26:53:fc:8b:c0:32:fe:59:eb:2c:00:f0:5d:3e:de:9c:7d:ed:
48:b6:f6:ec:02:02:64:2b:34:10:48:3f:34:87:3d:a1:86:fa:
72:1f:bf:9e:2a:1b:39:5e:1e:ad:aa:c9:1e:95:5f:77:d4:6f:
e6:0c:ea:cd:66:6d:50:83:73:4b:e3:27:f7:f8:ed:df:e7:f6:
db:28:27:97:ae:ab:e3:70:71:e2:d6:7c:1e:fd:6c:35:ce:90:
13:33:92:16:2a:50:70:7c:55:e5:64:57:0e:a9:90:e7:02:af:
6f:71:0e:fd:c4:6d:2c:8e:a2:8f:72:4b:fd:88:6b:33:16:9d:
fb:79:e8:99:fb:06:99:b6:85:61:16:4e:fd:35:5f:92:4a:e8:
14:4b:54:d8:c6:a6:0a:41:70:df:62:a9:fd:0b:77:f9:96:80:
ac:fc:9f:62:81:48:df:1e:26:bb:a0:3c:39:83:77:e7:f8:4a:
02:45:d5:75:d0:3e:ee:37:68:9f:2e:3a:11:42:94:99:c1:ca:
ef:6d:ac:53
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFg4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgx
ODUzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDczNzY1NzQzRUIzQzAx
OTYwRUJBOUIyMEFDQUE1NjkwMTA1QjkwQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDWGLQ70F/m8QW4EXy8KUQDlLjDUqay6JsyFLqRT+czqSPG/l9
J7RnH3mV35NEl895fqUcJfYtDOyu+MF3OG0HP3ABSf+sBmArmobA3mxzv828NfkP
wf3pFe4apVGTA6JP0QldfJ1Rj2zrjLUy2OAY6NtihzPNTK1Yr1nNbvNXvrObBnuF
/AL0UBsdLrxEXmKjjIycAZ+w7G5hONogY6w4D3AsAWyPf3h0epubA7ws4+2VBeOm
0EyxqBVfVQjJ2Zlp6utWlMWzfEFfGcWgNF1EmpoCbl1Bmf5kNts1tYOh36J5fMOR
b5HrQ4imz9qNLCT7tG5QUG459+hixsTTafWnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUc3ZXQ+s8AZYOupsgrKpWkBBbkLIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2MzWlhRLXM4QVpZT3Vw
c2dyS3BXa0JCYmtMSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEANtqXaT2Bt5NmpBHffXfpB7xm9E9hBe0I
L4TG6OAgXm/RtijcZ/pIBd3EtHtAbr5E4X5qHZOKJlP8i8Ay/lnrLADwXT7enH3t
SLb27AICZCs0EEg/NIc9oYb6ch+/niobOV4erarJHpVfd9Rv5gzqzWZtUINzS+Mn
9/jt3+f22ygnl66r43Bx4tZ8Hv1sNc6QEzOSFipQcHxV5WRXDqmQ5wKvb3EO/cRt
LI6ij3JL/YhrMxad+3nomfsGmbaFYRZO/TVfkkroFEtU2MamCkFw32Kp/Qt3+ZaA
rPyfYoFI3x4mu6A8OYN35/hKAkXVddA+7jdony46EUKUmcHK722sUw==
-----END CERTIFICATE-----
Generated at Fri Apr 19 08:12:41 2024 by rpki-client on console.sobornost.net