Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/gsqIE73jVsthQUp_eN7GXwosFwY.roa
File: gsqIE73jVsthQUp_eN7GXwosFwY.roa (raw, json)
Hash identifier: WjI7Q9170422tHKllDyD8KVb06aTpKSH3e45N80zSVs=
Subject key identifier: 82:CA:88:13:BD:E3:56:CB:61:41:4A:7F:78:DE:C6:5F:0A:2C:17:06
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 14F6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/gsqIE73jVsthQUp_eN7GXwosFwY.roa
Signing time: Mon 15 Apr 2024 20:53:21 +0000
ROA not before: Mon 15 Apr 2024 20:53:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5366 (0x14f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 20:53:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=82CA8813BDE356CB61414A7F78DEC65F0A2C1706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4b:d6:57:7a:6b:48:67:d0:9d:d9:a0:8c:34:
99:83:84:e7:c7:0e:94:96:d7:d3:ef:c2:d5:82:c7:
4e:7a:ae:e0:14:6f:30:20:90:7e:e9:9f:8c:48:cd:
90:f0:06:fc:f4:04:dc:30:45:0f:98:25:45:99:da:
97:2c:bc:fe:e0:65:56:0c:d2:7d:a2:8f:05:ef:d8:
e8:7d:4b:f8:60:9e:70:5f:b8:34:da:c9:29:ff:3f:
50:d7:d8:9a:ad:bc:44:76:3d:75:3e:da:71:17:f2:
43:44:1b:2f:79:4f:63:94:54:3e:45:3b:a2:c6:6a:
40:d1:a4:5f:ba:13:f7:55:d6:31:19:9e:61:d1:a4:
80:0e:9f:73:c8:e2:22:7e:58:d9:bc:40:18:fa:3f:
21:1a:72:63:1c:9a:70:4f:f3:7f:91:b0:2d:88:62:
be:f2:90:25:1e:9c:da:c1:e6:b1:ca:24:f3:e6:d9:
af:7b:43:57:18:73:47:4d:dd:b2:21:24:e4:45:df:
3a:43:3b:95:a5:a9:68:f2:36:0e:97:02:e6:4d:b4:
56:3c:c8:b9:cd:ad:24:ab:6c:03:2b:de:4f:90:23:
6f:85:58:33:b0:28:60:fe:59:11:b0:9b:f8:7a:37:
c4:6e:40:90:38:d3:be:ab:54:5a:07:95:de:9e:08:
d0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CA:88:13:BD:E3:56:CB:61:41:4A:7F:78:DE:C6:5F:0A:2C:17:06
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/gsqIE73jVsthQUp_eN7GXwosFwY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:31:6d:7c:6d:b4:23:da:3c:61:e3:3f:49:3b:95:e2:d9:cb:
d5:a7:bc:9f:88:5b:0f:33:00:64:3a:28:ee:af:f3:dc:92:70:
d7:9a:5c:87:8b:0d:bf:6d:c7:6d:bb:be:fd:b6:a8:03:8b:1e:
a1:f9:86:48:40:32:a8:65:5b:33:b0:f1:4c:7b:06:58:96:9f:
7a:ec:4e:78:92:7f:46:d4:46:f1:5a:70:73:2f:0c:41:cc:45:
1c:2f:1f:31:02:3b:7e:23:25:60:8f:44:c2:e7:e1:b2:42:ce:
e8:d3:71:54:b4:7e:b6:0e:30:93:f8:c2:f8:29:fb:8c:2a:67:
b2:3a:13:48:9a:7b:84:5d:d3:c7:85:b8:20:36:4d:07:1a:8b:
f4:12:53:6d:95:9b:9f:55:d0:af:53:46:04:c1:c4:2d:07:e5:
8a:49:47:81:fb:8a:06:40:45:82:88:a3:3b:fc:2c:0b:1f:2b:
53:5e:92:d9:a3:34:03:8a:16:84:57:e2:d7:b8:fb:22:b7:06:
4d:97:f1:f1:c2:47:56:41:2a:fa:f0:2c:f2:a9:1f:4d:24:56:
78:3b:e6:c8:8a:80:10:49:6f:de:5d:a8:ca:79:8f:2a:98:76:
af:9c:d3:5d:25:7a:05:bd:63:4a:f8:d1:ce:79:04:a0:fd:8f:
2b:8c:c3:7e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFPYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUy
MDUzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyQ0E4ODEzQkRFMzU2
Q0I2MTQxNEE3Rjc4REVDNjVGMEEyQzE3MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8S9ZXemtIZ9Cd2aCMNJmDhOfHDpSW19PvwtWCx056ruAUbzAg
kH7pn4xIzZDwBvz0BNwwRQ+YJUWZ2pcsvP7gZVYM0n2ijwXv2Oh9S/hgnnBfuDTa
ySn/P1DX2JqtvER2PXU+2nEX8kNEGy95T2OUVD5FO6LGakDRpF+6E/dV1jEZnmHR
pIAOn3PI4iJ+WNm8QBj6PyEacmMcmnBP83+RsC2IYr7ykCUenNrB5rHKJPPm2a97
Q1cYc0dN3bIhJORF3zpDO5WlqWjyNg6XAuZNtFY8yLnNrSSrbAMr3k+QI2+FWDOw
KGD+WRGwm/h6N8RuQJA4076rVFoHld6eCNDDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgsqIE73jVsthQUp/eN7GXwosFwYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2dzcUlFNzNqVnN0aFFV
cF9lTjdHWHdvc0Z3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAyzFtfG20I9o8YeM/STuV4tnL1ae8n4hb
DzMAZDoo7q/z3JJw15pch4sNv23Hbbu+/baoA4seofmGSEAyqGVbM7DxTHsGWJaf
euxOeJJ/RtRG8Vpwcy8MQcxFHC8fMQI7fiMlYI9EwufhskLO6NNxVLR+tg4wk/jC
+Cn7jCpnsjoTSJp7hF3Tx4W4IDZNBxqL9BJTbZWbn1XQr1NGBMHELQfliklHgfuK
BkBFgoijO/wsCx8rU16S2aM0A4oWhFfi17j7IrcGTZfx8cJHVkEq+vAs8qkfTSRW
eDvmyIqAEElv3l2oynmPKph2r5zTXSV6Bb1jSvjRznkEoP2PK4zDfg==
Generated at Tue Apr 16 09:59:22 2024 by rpki-client on console.sobornost.net