Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/gq6ZL2pGfH-HUZA2lsQNRjkvNYM.roa
File: gq6ZL2pGfH-HUZA2lsQNRjkvNYM.roa (raw, json)
Hash identifier: WFIYDmiquh906AEajdDbbOKkP0Tn0XLS7uCmFsXEwbU=
Subject key identifier: 82:AE:99:2F:6A:46:7C:7F:87:51:90:36:96:C4:0D:46:39:2F:35:83
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1736
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/gq6ZL2pGfH-HUZA2lsQNRjkvNYM.roa
Signing time: Sun 21 Apr 2024 20:53:33 +0000
ROA not before: Sun 21 Apr 2024 20:53:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5942 (0x1736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 21 20:53:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=82AE992F6A467C7F8751903696C40D46392F3583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dc:18:73:30:49:ad:1a:63:10:9f:2e:3b:9e:
ce:3f:0e:36:d1:6f:28:a7:53:fa:ad:73:e1:5d:8c:
da:72:88:e1:35:e2:3c:c6:80:6f:66:fb:45:d4:b1:
b2:1f:fd:38:03:2f:72:5b:57:ce:64:72:77:55:c3:
4d:aa:20:26:c1:8e:e0:f4:25:fa:a8:b8:89:b4:fe:
fa:a8:0d:61:c6:12:f5:77:9b:83:be:47:2b:e7:31:
bd:44:d0:d7:ab:97:6b:ab:3b:12:98:83:53:24:87:
fd:a0:a5:18:73:63:33:bd:dc:6d:b8:65:86:79:99:
d8:ad:14:80:34:d0:9f:0b:ee:1b:c1:a0:92:bd:b3:
ea:00:70:22:37:d6:65:bf:d0:24:31:a6:10:11:be:
d6:ee:da:19:08:46:7a:06:91:b1:d4:26:ba:67:31:
c5:b0:e5:f5:85:da:96:92:63:b4:0c:d4:99:91:4c:
67:0c:e1:5e:36:e0:ea:63:15:c2:43:95:7f:f6:61:
82:32:ab:d5:ed:16:9f:5b:0f:3c:bf:6e:87:ad:b4:
20:42:95:5b:23:5d:f2:d7:a8:58:7e:3b:60:cd:2b:
76:af:83:4c:89:84:be:65:fd:0f:c7:f1:e1:79:42:
04:01:cf:61:eb:81:ac:a2:8d:3d:8a:65:e4:19:90:
ff:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AE:99:2F:6A:46:7C:7F:87:51:90:36:96:C4:0D:46:39:2F:35:83
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/gq6ZL2pGfH-HUZA2lsQNRjkvNYM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:f6:22:8e:f0:6a:c2:b8:93:65:f0:fb:9f:98:78:35:a9:81:
3b:7a:24:73:a6:25:eb:92:e7:60:78:cf:9d:d3:6f:b4:43:48:
51:46:33:96:65:f2:c8:16:b2:a7:0b:11:81:a5:75:af:04:5b:
60:1a:f3:41:95:61:2b:63:f8:85:b8:54:1d:8a:8d:da:02:cd:
1d:c6:ac:dc:b5:ee:d4:1e:d8:0c:f9:7e:2a:62:0f:90:09:00:
47:00:5b:0b:e7:3e:ac:91:5c:e9:91:c3:c5:39:8c:9d:d0:37:
cc:0f:ec:9b:6e:ff:0a:a2:f4:c4:18:05:6f:bb:03:c1:8a:81:
f0:6e:8d:32:e8:0d:7a:32:5d:41:17:c9:14:a8:1a:2e:66:0d:
27:29:f6:32:33:e0:bf:c8:84:85:0a:27:fd:3f:6b:86:7d:ef:
28:93:25:3d:17:99:24:55:da:29:15:bf:f0:bd:54:c0:54:ba:
a4:2d:e8:65:6f:7a:de:c2:75:e4:8c:d8:fa:ee:f3:55:33:be:
ac:39:a7:3a:e5:e2:c9:2c:41:bf:9d:c9:59:b4:72:32:01:44:
93:28:8f:2d:74:e4:86:eb:08:38:75:5f:8a:95:48:84:5a:01:
d6:10:1a:ab:bd:d2:e2:6f:ee:70:74:6d:d2:11:64:1d:16:9f:
50:b5:87:ba
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjEy
MDUzMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyQUU5OTJGNkE0NjdD
N0Y4NzUxOTAzNjk2QzQwRDQ2MzkyRjM1ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs3BhzMEmtGmMQny47ns4/DjbRbyinU/qtc+FdjNpyiOE14jzG
gG9m+0XUsbIf/TgDL3JbV85kcndVw02qICbBjuD0JfqouIm0/vqoDWHGEvV3m4O+
RyvnMb1E0Nerl2urOxKYg1Mkh/2gpRhzYzO93G24ZYZ5mditFIA00J8L7hvBoJK9
s+oAcCI31mW/0CQxphARvtbu2hkIRnoGkbHUJrpnMcWw5fWF2paSY7QM1JmRTGcM
4V424OpjFcJDlX/2YYIyq9XtFp9bDzy/boettCBClVsjXfLXqFh+O2DNK3avg0yJ
hL5l/Q/H8eF5QgQBz2HrgayijT2KZeQZkP/HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgq6ZL2pGfH+HUZA2lsQNRjkvNYMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2dxNlpMMnBHZkgtSFVa
QTJsc1FOUmprdk5ZTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAYvYijvBqwriTZfD7n5h4NamBO3okc6Yl
65LnYHjPndNvtENIUUYzlmXyyBaypwsRgaV1rwRbYBrzQZVhK2P4hbhUHYqN2gLN
Hcas3LXu1B7YDPl+KmIPkAkARwBbC+c+rJFc6ZHDxTmMndA3zA/sm27/CqL0xBgF
b7sDwYqB8G6NMugNejJdQRfJFKgaLmYNJyn2MjPgv8iEhQon/T9rhn3vKJMlPReZ
JFXaKRW/8L1UwFS6pC3oZW963sJ15IzY+u7zVTO+rDmnOuXiySxBv53JWbRyMgFE
kyiPLXTkhusIOHVfipVIhFoB1hAaq73S4m/ucHRt0hFkHRafULWHug==
Generated at Mon Apr 22 01:44:00 2024 by rpki-client on console.sobornost.net