Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/dn9rcCiHqu8IALNr1If-nZdDuto.roa
File: dn9rcCiHqu8IALNr1If-nZdDuto.roa (raw, json)
Hash identifier: fVhbzPxc2aPycXn95hxtdycFsdN3YzL/okSriXdqckk=
Subject key identifier: 76:7F:6B:70:28:87:AA:EF:08:00:B3:6B:D4:87:FE:9D:97:43:BA:DA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F56
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/dn9rcCiHqu8IALNr1If-nZdDuto.roa
Signing time: Sun 31 Mar 2024 20:52:38 +0000
ROA not before: Sun 31 Mar 2024 20:52:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3926 (0xf56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 20:52:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=767F6B702887AAEF0800B36BD487FE9D9743BADA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:c5:47:57:c5:33:f1:a1:f0:4d:a6:62:4b:
e0:ce:51:55:0b:a1:80:13:55:17:18:3c:97:66:07:
94:0c:14:85:fe:c4:18:91:0d:73:0c:88:27:19:da:
6f:b3:93:c0:ab:fb:ef:dd:b5:be:41:91:33:c2:fc:
9b:22:c2:7a:cc:d8:be:d7:c3:48:f7:67:e0:29:cd:
29:b9:4b:12:84:4e:11:1e:7c:59:e2:2a:fc:67:1f:
57:96:45:46:1e:cf:fe:47:38:37:2f:86:d2:63:00:
5c:8f:30:62:ab:cb:e1:9e:89:2d:47:44:18:4c:48:
1c:4d:1b:fe:69:ce:d5:63:39:d2:85:cc:51:2d:13:
ea:a1:9d:9e:09:f4:e6:de:cf:e4:56:d6:ce:65:47:
93:37:1e:ff:64:78:bc:02:b2:a9:9c:b1:64:1b:70:
b1:d1:3e:15:70:05:d1:1f:0e:c3:fe:f4:c8:41:15:
ce:0f:a6:43:cc:3c:f2:b4:b8:da:dd:6c:0c:a7:cb:
10:aa:e0:6a:2b:b2:9b:35:e5:56:75:0f:58:58:03:
13:90:9d:de:e7:9c:c1:16:dd:e2:5a:0f:a4:4a:22:
b1:be:05:43:56:fb:96:8a:9f:a7:24:db:c6:60:3e:
49:2c:8e:85:a1:05:83:fe:ce:55:ab:a3:77:98:82:
02:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7F:6B:70:28:87:AA:EF:08:00:B3:6B:D4:87:FE:9D:97:43:BA:DA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/dn9rcCiHqu8IALNr1If-nZdDuto.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c5:db:44:ce:30:19:a3:39:ee:24:33:25:8d:d0:9e:d5:6b:33:
b6:01:a9:55:91:79:4c:97:8e:bb:1d:81:c5:ad:3d:96:a8:db:
bf:6e:a7:ae:57:19:4e:94:3e:d0:dc:41:dd:b5:51:21:49:7b:
7f:0b:f5:15:f8:8e:d9:e8:65:20:5e:29:e1:0e:0b:17:07:63:
f8:23:80:8a:07:55:72:b5:5f:a5:5f:39:74:b0:72:e1:c0:cf:
1c:13:bf:a5:df:47:5e:65:6f:a6:3c:ce:b1:c0:57:fc:45:f3:
c5:08:d8:44:7c:1f:93:d3:ef:da:61:6f:3f:55:ca:9a:31:26:
92:d0:50:b8:f4:e0:ea:db:c5:6d:16:a8:9a:42:e0:6e:25:83:
19:07:96:cf:8b:83:4c:4a:09:b8:81:0d:66:87:31:4b:2e:68:
bf:01:a3:62:83:7a:fa:2b:6f:f9:0b:f7:cf:29:e3:1e:fa:89:
e7:a5:bc:1e:1b:4e:52:cb:cd:91:8c:87:f2:19:01:ae:2a:01:
e6:2f:69:1a:0e:0e:ed:4d:e3:a4:9e:a0:2a:67:4a:62:01:2d:
b2:10:59:f7:c4:dd:ae:7d:30:58:46:c1:94:81:38:85:a1:bd:
81:12:6d:4a:30:fa:0d:d8:a3:6e:1d:2f:67:8c:31:2b:d2:68:
53:01:4f:a2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD1YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEy
MDUyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc2N0Y2QjcwMjg4N0FB
RUYwODAwQjM2QkQ0ODdGRTlEOTc0M0JBREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1ecVHV8Uz8aHwTaZiS+DOUVULoYATVRcYPJdmB5QMFIX+xBiR
DXMMiCcZ2m+zk8Cr++/dtb5BkTPC/JsiwnrM2L7Xw0j3Z+ApzSm5SxKEThEefFni
KvxnH1eWRUYez/5HODcvhtJjAFyPMGKry+GeiS1HRBhMSBxNG/5pztVjOdKFzFEt
E+qhnZ4J9Obez+RW1s5lR5M3Hv9keLwCsqmcsWQbcLHRPhVwBdEfDsP+9MhBFc4P
pkPMPPK0uNrdbAynyxCq4Gorsps15VZ1D1hYAxOQnd7nnMEW3eJaD6RKIrG+BUNW
+5aKn6ck28ZgPkksjoWhBYP+zlWro3eYggJVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdn9rcCiHqu8IALNr1If+nZdDutowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2RuOXJjQ2lIcXU4SUFM
TnIxSWYtblpkRHV0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAxdtEzjAZoznuJDMljdCe1WsztgGpVZF5
TJeOux2Bxa09lqjbv26nrlcZTpQ+0NxB3bVRIUl7fwv1FfiO2ehlIF4p4Q4LFwdj
+COAigdVcrVfpV85dLBy4cDPHBO/pd9HXmVvpjzOscBX/EXzxQjYRHwfk9Pv2mFv
P1XKmjEmktBQuPTg6tvFbRaomkLgbiWDGQeWz4uDTEoJuIENZocxSy5ovwGjYoN6
+itv+Qv3zynjHvqJ56W8HhtOUsvNkYyH8hkBrioB5i9pGg4O7U3jpJ6gKmdKYgEt
shBZ98Tdrn0wWEbBlIE4haG9gRJtSjD6Ddijbh0vZ4wxK9JoUwFPog==
-----END CERTIFICATE-----
Generated at Mon Apr 1 03:23:40 2024 by rpki-client on console.sobornost.net