Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/nMU4mSJ0shPrgTubp9Z3PEQsdgk.roa
File: nMU4mSJ0shPrgTubp9Z3PEQsdgk.roa (raw, json)
Hash identifier: etDnj156BKyLJm9+gHx4SF3t5k0v36PM8KN/JUOcuHo=
Subject key identifier: 9C:C5:38:99:22:74:B2:13:EB:81:3B:9B:A7:D6:77:3C:44:2C:76:09
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BA2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nMU4mSJ0shPrgTubp9Z3PEQsdgk.roa
Signing time: Fri 03 May 2024 15:54:12 +0000
ROA not before: Fri 03 May 2024 15:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7074 (0x1ba2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 15:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9CC538992274B213EB813B9BA7D6773C442C7609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4a:ef:a6:e1:a7:2d:2c:a6:1f:f3:11:95:c2:
07:1e:82:da:c9:6d:9b:a2:cb:35:35:53:bc:ac:7d:
6a:94:b9:c8:46:5e:11:7a:da:2f:7d:70:f2:06:87:
78:ef:ec:27:83:9c:b9:33:5e:4c:7a:8a:4c:4b:77:
21:23:a7:71:e2:8f:06:50:1f:86:59:fb:9d:4e:be:
bb:4c:06:9e:17:c9:76:55:e1:ce:66:17:eb:ff:fa:
62:48:83:8e:2c:ca:60:f1:6b:a7:d8:58:34:cf:12:
0b:42:99:bf:d0:3f:8a:7a:6a:2e:bb:b2:17:7a:37:
9f:ca:3c:eb:97:a0:11:9b:76:04:70:92:15:b0:62:
1f:ef:17:7a:f2:91:b6:bd:90:20:7d:80:05:55:4c:
cd:ce:ef:96:b4:f7:be:0d:2a:58:af:87:15:75:13:
9d:7f:ae:97:80:80:57:e3:7d:d1:c6:46:9c:c2:2d:
f5:42:2d:42:cf:8a:64:9c:58:95:01:69:ae:cc:ef:
4e:d7:05:91:03:dc:23:4e:dd:44:fb:1f:2e:da:19:
ec:ea:49:08:dc:ac:ef:38:f3:1b:6e:03:ed:53:07:
8b:d9:df:cd:11:e8:1c:f2:56:29:c7:5d:b9:a2:57:
8b:03:58:37:24:49:42:15:20:2c:a9:21:33:90:ca:
35:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C5:38:99:22:74:B2:13:EB:81:3B:9B:A7:D6:77:3C:44:2C:76:09
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/nMU4mSJ0shPrgTubp9Z3PEQsdgk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:d1:07:b1:64:e7:e2:0d:db:fd:db:30:fe:e0:5e:61:91:b3:
26:08:f0:fb:b6:14:06:e0:ad:31:0b:7b:ca:9b:10:00:9f:1f:
9d:eb:26:32:2d:cd:ce:6a:6d:13:cb:3a:34:07:05:96:27:fd:
d9:0d:a8:ea:a1:f0:df:d7:29:b2:da:15:48:c8:c4:1e:59:5b:
d5:81:fc:ed:a1:f7:48:16:c8:0f:d1:d5:c0:a8:fd:92:bb:54:
3e:68:36:50:21:b8:46:dd:5c:73:1c:2d:f3:1b:8a:71:42:e3:
79:6c:47:13:c5:c8:8b:ea:eb:80:0f:ca:95:e0:10:40:36:5b:
34:fc:8a:23:3a:23:b3:29:15:ce:5b:0f:f3:ba:60:3f:ee:5b:
a1:b0:9b:5f:40:c4:d4:a5:fb:84:24:53:f2:69:39:7b:d1:49:
a2:c6:23:ad:a4:e6:dd:52:36:07:67:e1:10:d8:40:5e:ad:59:
d4:1f:c7:93:76:9b:28:c3:c0:28:a3:d2:ac:db:6b:42:ee:a8:
bb:68:d5:50:0d:c9:c3:00:c3:3f:3e:d5:ed:d2:96:e8:3a:37:
e5:0c:62:ee:50:08:44:f6:00:07:79:7f:d8:90:18:47:57:fe:
4e:af:36:ba:97:5d:6d:33:55:83:3b:d5:7d:dc:aa:c7:1c:09:
3f:11:85:dd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMx
NTU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlDQzUzODk5MjI3NEIy
MTNFQjgxM0I5QkE3RDY3NzNDNDQyQzc2MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJSu+m4actLKYf8xGVwgcegtrJbZuiyzU1U7ysfWqUuchGXhF6
2i99cPIGh3jv7CeDnLkzXkx6ikxLdyEjp3HijwZQH4ZZ+51OvrtMBp4XyXZV4c5m
F+v/+mJIg44symDxa6fYWDTPEgtCmb/QP4p6ai67shd6N5/KPOuXoBGbdgRwkhWw
Yh/vF3rykba9kCB9gAVVTM3O75a0974NKlivhxV1E51/rpeAgFfjfdHGRpzCLfVC
LULPimScWJUBaa7M707XBZED3CNO3UT7Hy7aGezqSQjcrO848xtuA+1TB4vZ380R
6BzyVinHXbmiV4sDWDckSUIVICypITOQyjXbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnMU4mSJ0shPrgTubp9Z3PEQsdgkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL25NVTRtU0owc2hQcmdU
dWJwOVozUEVRc2Rnay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAvdEHsWTn4g3b/dsw/uBeYZGzJgjw+7YU
BuCtMQt7ypsQAJ8fnesmMi3NzmptE8s6NAcFlif92Q2o6qHw39cpstoVSMjEHllb
1YH87aH3SBbID9HVwKj9krtUPmg2UCG4Rt1ccxwt8xuKcULjeWxHE8XIi+rrgA/K
leAQQDZbNPyKIzojsykVzlsP87pgP+5bobCbX0DE1KX7hCRT8mk5e9FJosYjraTm
3VI2B2fhENhAXq1Z1B/Hk3abKMPAKKPSrNtrQu6ou2jVUA3JwwDDPz7V7dKW6Do3
5Qxi7lAIRPYAB3l/2JAYR1f+Tq82upddbTNVgzvVfdyqxxwJPxGF3Q==
-----END CERTIFICATE-----
Generated at Fri May 3 20:57:19 2024 by rpki-client on console.sobornost.net