Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ix5fgU5f232l40iMjeiHE-Iu-88.roa
File: ix5fgU5f232l40iMjeiHE-Iu-88.roa (raw, json)
Hash identifier: z3xG0+GpXUvTDTGOk588EZdIMxXH2Xg1D5v17ilQrhQ=
Subject key identifier: 8B:1E:5F:81:4E:5F:DB:7D:A5:E3:48:8C:8D:E8:87:13:E2:2E:FB:CF
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A18
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ix5fgU5f232l40iMjeiHE-Iu-88.roa
Signing time: Mon 29 Apr 2024 13:23:58 +0000
ROA not before: Mon 29 Apr 2024 13:23:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6680 (0x1a18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 29 13:23:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B1E5F814E5FDB7DA5E3488C8DE88713E22EFBCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a6:60:b2:50:1b:53:76:af:ac:d2:07:84:e1:
68:00:64:c5:16:81:f6:ef:03:f1:5b:e5:c7:28:5e:
1e:25:e0:21:29:46:f8:3b:6f:58:c8:4c:24:f2:4f:
de:c0:be:18:cf:0b:47:a3:a6:b1:64:ad:83:a1:ff:
32:5e:7b:22:29:44:48:0c:35:77:cf:9a:2d:3d:ca:
72:40:f8:65:73:d4:a9:ce:19:77:1e:6b:14:34:ea:
5d:6a:5a:2f:06:ad:70:16:3c:c6:79:3f:76:6c:a9:
a4:e3:b1:ab:5b:64:82:5c:65:59:72:82:2b:3a:28:
aa:c5:c2:a8:24:fe:24:6f:59:e2:c3:8c:6b:6c:d2:
90:ce:21:71:e6:a5:16:e1:9a:4d:21:19:e7:32:b2:
c8:26:77:2c:c1:50:e5:4f:a6:50:be:b6:d0:7a:be:
80:77:7f:18:c9:8d:44:be:a7:4c:9a:f1:db:ed:4d:
c5:39:1c:a4:7d:94:90:8e:23:d9:88:ab:60:5b:0a:
26:4d:ee:e7:c4:8b:ac:6d:a5:ac:56:48:76:e5:ea:
dd:3f:5b:d9:7d:11:26:f1:80:6c:a3:90:03:c2:43:
b0:60:62:f0:c3:49:b4:67:d7:21:dd:d6:07:72:99:
5d:79:0d:08:4e:c7:eb:71:3b:b2:69:d7:a5:74:13:
57:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1E:5F:81:4E:5F:DB:7D:A5:E3:48:8C:8D:E8:87:13:E2:2E:FB:CF
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ix5fgU5f232l40iMjeiHE-Iu-88.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:7d:e7:34:3c:8c:50:d6:1f:37:80:6b:8b:a2:80:73:bb:d2:
57:ce:e6:f4:04:dd:ea:92:f8:17:d9:fb:a3:da:aa:e0:05:45:
c4:71:77:08:3a:db:6f:8a:a3:b1:7d:f7:47:07:c0:64:31:38:
7d:f1:76:2c:eb:26:20:b0:fc:1c:22:4a:52:48:bc:3c:4a:62:
e9:c0:e8:b8:be:5e:21:db:7d:68:5d:be:34:8e:62:ea:e2:b7:
b7:99:74:8b:5e:5d:ee:67:1b:c6:13:1f:06:ad:d9:40:9a:ea:
ae:4c:65:94:94:ce:79:02:cd:d7:e3:2b:ca:20:9d:53:df:7b:
e6:2d:02:83:65:7f:58:33:ae:8f:cc:09:bf:28:53:d1:89:74:
6c:56:39:4c:f0:7e:b5:2e:b9:14:d2:c2:80:04:f9:71:69:c6:
9b:d9:4c:1a:a7:d7:cd:c1:75:9e:69:eb:b6:df:0a:df:09:d6:
58:d4:fb:9a:31:11:80:bd:64:4a:7a:e6:81:ac:03:3b:c4:93:
2b:6d:a8:94:ca:e1:10:a8:c9:8a:04:27:a2:cb:c1:57:e0:01:
ce:f5:fb:f3:c4:b7:f8:60:4c:08:d9:7b:37:ee:ad:7f:6b:52:
24:78:68:45:63:2d:4b:93:be:14:95:63:f7:98:f9:c4:fb:0d:
da:f5:e8:0e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjkx
MzIzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCMUU1RjgxNEU1RkRC
N0RBNUUzNDg4QzhERTg4NzEzRTIyRUZCQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+pmCyUBtTdq+s0geE4WgAZMUWgfbvA/Fb5ccoXh4l4CEpRvg7
b1jITCTyT97AvhjPC0ejprFkrYOh/zJeeyIpREgMNXfPmi09ynJA+GVz1KnOGXce
axQ06l1qWi8GrXAWPMZ5P3ZsqaTjsatbZIJcZVlygis6KKrFwqgk/iRvWeLDjGts
0pDOIXHmpRbhmk0hGecyssgmdyzBUOVPplC+ttB6voB3fxjJjUS+p0ya8dvtTcU5
HKR9lJCOI9mIq2BbCiZN7ufEi6xtpaxWSHbl6t0/W9l9ESbxgGyjkAPCQ7BgYvDD
SbRn1yHd1gdymV15DQhOx+txO7Jp16V0E1cNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUix5fgU5f232l40iMjeiHE+Iu+88wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2l4NWZnVTVmMjMybDQw
aU1qZWlIRS1JdS04OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAd33nNDyMUNYfN4Bri6KAc7vSV87m9ATd
6pL4F9n7o9qq4AVFxHF3CDrbb4qjsX33RwfAZDE4ffF2LOsmILD8HCJKUki8PEpi
6cDouL5eIdt9aF2+NI5i6uK3t5l0i15d7mcbxhMfBq3ZQJrqrkxllJTOeQLN1+Mr
yiCdU9975i0Cg2V/WDOuj8wJvyhT0Yl0bFY5TPB+tS65FNLCgAT5cWnGm9lMGqfX
zcF1nmnrtt8K3wnWWNT7mjERgL1kSnrmgawDO8STK22olMrhEKjJigQnosvBV+AB
zvX788S3+GBMCNl7N+6tf2tSJHhoRWMtS5O+FJVj95j5xPsN2vXoDg==
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:13:37 2024 by rpki-client on console.sobornost.net