Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/h0SxiJl029AXCzTmZEziqnIqcgM.roa
File: h0SxiJl029AXCzTmZEziqnIqcgM.roa (raw, json)
Hash identifier: aP452cPCvzIRE/17X25DqAJJS272QEJW6pC/hOwxMOs=
Subject key identifier: 87:44:B1:88:99:74:DB:D0:17:0B:34:E6:64:4C:E2:AA:72:2A:72:03
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F1E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h0SxiJl029AXCzTmZEziqnIqcgM.roa
Signing time: Sun 31 Mar 2024 06:52:34 +0000
ROA not before: Sun 31 Mar 2024 06:52:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3870 (0xf1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 06:52:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8744B1889974DBD0170B34E6644CE2AA722A7203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e2:f1:be:71:77:ac:82:f9:24:a5:1c:09:05:
25:48:2b:ac:5c:95:68:13:f9:d2:bc:e4:ea:2a:ae:
66:79:b5:cd:cc:bc:b0:c3:97:c4:b1:32:8a:4b:77:
c4:ea:f6:3d:49:43:04:84:7d:74:c2:d8:1b:ca:f1:
01:0c:64:fb:a3:2e:7a:f2:9d:1a:56:35:c6:a9:f2:
cd:46:24:2b:91:3b:ac:39:e6:b1:d9:a4:ec:18:6d:
30:dc:06:00:c5:a7:d0:54:8f:ef:79:bb:e5:a1:d5:
bd:ac:25:3d:7c:7f:c2:61:ed:48:31:5d:db:c6:8a:
f1:5c:97:24:e9:e0:38:39:39:d0:e4:f7:af:27:52:
8d:94:96:fa:49:2c:17:56:c4:09:05:ad:77:d5:bf:
42:7f:36:4a:aa:64:30:d7:c9:42:d3:9e:3b:a6:81:
4c:74:d6:db:57:60:58:32:b8:9f:e4:58:61:19:80:
53:f9:37:78:e8:49:5d:4b:7c:90:c8:fa:f3:63:99:
fa:f7:9f:b5:3d:6b:55:94:d4:84:f1:26:00:c6:52:
f9:2e:c4:a9:50:37:78:c5:7f:ab:26:dd:28:a6:35:
3a:97:eb:15:c9:20:d7:c2:5b:c3:38:70:9a:8d:52:
e0:f1:e3:03:1e:39:46:79:6a:11:5c:69:9e:23:4a:
6f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:44:B1:88:99:74:DB:D0:17:0B:34:E6:64:4C:E2:AA:72:2A:72:03
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h0SxiJl029AXCzTmZEziqnIqcgM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d8:b2:ce:cc:b6:81:79:eb:de:91:e6:6f:ad:6c:dc:df:5e:f1:
cc:7a:92:99:9b:06:57:fc:65:07:d8:5b:60:d2:11:3e:c4:b5:
a3:92:7f:13:b8:cd:c3:16:42:d2:74:62:cf:6d:47:94:81:f1:
a9:17:e1:e1:67:db:2b:48:44:3e:19:13:c4:41:17:46:22:b8:
6a:2a:66:8f:0c:18:e6:f8:8f:b4:07:8f:a9:46:92:60:d5:da:
b0:4d:8a:91:6d:12:23:36:a8:43:dc:c2:1d:d0:c1:61:de:76:
79:e4:64:ce:a5:f4:60:ab:46:13:b8:60:0f:f1:3d:97:f3:d7:
7f:c2:a2:11:a5:b5:97:03:6e:94:06:31:db:b0:a1:be:8d:aa:
bc:1e:13:02:6e:16:2c:7c:90:d1:c9:48:59:fd:ee:fa:ad:16:
c4:93:01:c0:06:49:6a:a2:b1:5d:9d:9b:5c:2a:61:6f:9d:c0:
79:a5:3e:14:3d:11:de:71:85:0e:d5:dd:c1:a9:1e:2c:b0:44:
6a:bb:3e:f4:e6:f7:f4:53:a9:1e:37:2d:e3:e8:df:59:e6:51:
a3:fc:09:5a:aa:1a:e6:d8:78:eb:0e:55:68:dc:49:e1:bb:f0:
8c:38:0b:b0:e7:bf:90:7e:99:3e:c1:0d:c2:84:78:3b:df:d6:
3b:4d:cf:ef
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEw
NjUyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3NDRCMTg4OTk3NERC
RDAxNzBCMzRFNjY0NENFMkFBNzIyQTcyMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH4vG+cXesgvkkpRwJBSVIK6xclWgT+dK85OoqrmZ5tc3MvLDD
l8SxMopLd8Tq9j1JQwSEfXTC2BvK8QEMZPujLnrynRpWNcap8s1GJCuRO6w55rHZ
pOwYbTDcBgDFp9BUj+95u+Wh1b2sJT18f8Jh7UgxXdvGivFclyTp4Dg5OdDk968n
Uo2UlvpJLBdWxAkFrXfVv0J/NkqqZDDXyULTnjumgUx01ttXYFgyuJ/kWGEZgFP5
N3joSV1LfJDI+vNjmfr3n7U9a1WU1ITxJgDGUvkuxKlQN3jFf6sm3SimNTqX6xXJ
INfCW8M4cJqNUuDx4wMeOUZ5ahFcaZ4jSm8pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUh0SxiJl029AXCzTmZEziqnIqcgMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2gwU3hpSmwwMjlBWEN6
VG1aRXppcW5JcWNnTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA2LLOzLaBeevekeZvrWzc317xzHqSmZsG
V/xlB9hbYNIRPsS1o5J/E7jNwxZC0nRiz21HlIHxqRfh4WfbK0hEPhkTxEEXRiK4
aipmjwwY5viPtAePqUaSYNXasE2KkW0SIzaoQ9zCHdDBYd52eeRkzqX0YKtGE7hg
D/E9l/PXf8KiEaW1lwNulAYx27Chvo2qvB4TAm4WLHyQ0clIWf3u+q0WxJMBwAZJ
aqKxXZ2bXCphb53AeaU+FD0R3nGFDtXdwakeLLBEars+9Ob39FOpHjct4+jfWeZR
o/wJWqoa5th46w5VaNxJ4bvwjDgLsOe/kH6ZPsENwoR4O9/WO03P7w==
-----END CERTIFICATE-----
Generated at Sun Mar 31 12:03:00 2024 by rpki-client on console.sobornost.net