Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/rU1Nsq-UpityTl2rBT6vv_wOido.roa
File: rU1Nsq-UpityTl2rBT6vv_wOido.roa (raw, json)
Hash identifier: gTUIh0l1ypSlot/4pcanN5JeyjMWTfP6RQrq6joX42Y=
Subject key identifier: AD:4D:4D:B2:AF:94:A6:2B:72:4E:5D:AB:05:3E:AF:BF:FC:0E:89:DA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1246
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rU1Nsq-UpityTl2rBT6vv_wOido.roa
Signing time: Mon 08 Apr 2024 16:52:57 +0000
ROA not before: Mon 08 Apr 2024 16:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4678 (0x1246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 16:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD4D4DB2AF94A62B724E5DAB053EAFBFFC0E89DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:69:e2:c7:fb:b2:fa:d9:20:ad:fc:1e:c1:43:
53:d2:7b:00:1d:ae:46:b7:0b:0f:ca:12:e7:be:07:
a0:46:fd:9e:b4:af:78:e1:02:5e:d4:8e:01:43:2c:
6d:10:da:73:ff:fd:fa:14:8b:bd:e2:0c:4f:58:07:
38:7f:e1:a8:4d:78:d1:95:f1:fc:ce:5d:85:23:af:
0d:f0:96:43:0e:d3:4f:04:6e:39:de:b1:d8:f0:70:
1b:c1:7d:86:0a:40:6d:3b:f8:f5:38:44:44:e6:8c:
2b:cd:cd:b3:a2:22:ba:27:7a:ce:de:a3:d5:89:42:
67:92:84:28:ee:0d:5a:2d:ad:cd:23:8a:bd:eb:16:
b8:24:3d:6d:29:27:f2:0a:59:a2:92:e0:83:4f:9e:
02:47:f4:38:00:d6:82:78:1f:fb:24:ff:e8:26:09:
9f:c0:c1:3e:37:cc:96:30:c3:d0:b7:52:26:c5:10:
fe:6c:53:a0:d4:f6:80:ce:bb:c9:e9:97:b6:88:8f:
0a:a6:e5:69:a3:c2:a4:df:5c:92:45:bf:44:7c:78:
a8:c3:b9:90:76:ac:29:90:db:4d:af:63:68:6e:0e:
1c:f8:a7:11:84:0a:bc:e8:39:78:0e:09:ed:ce:1e:
27:b1:f1:da:e6:44:3a:86:2d:32:64:a9:1a:d7:3f:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4D:4D:B2:AF:94:A6:2B:72:4E:5D:AB:05:3E:AF:BF:FC:0E:89:DA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rU1Nsq-UpityTl2rBT6vv_wOido.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:d0:bc:13:9d:cf:77:41:14:28:ce:77:83:0d:99:6f:64:3a:
61:35:5a:b3:42:fb:9f:b4:c0:50:47:06:fc:56:3e:b5:c6:e8:
bb:34:3a:8c:f9:80:df:d1:b3:21:ce:c1:c9:d4:3b:4f:4d:29:
ae:35:ce:3a:0a:9c:78:74:5e:8c:5d:2f:48:96:a8:5f:bc:7d:
95:d6:50:2d:37:d5:2e:70:51:90:29:1d:66:9f:b5:40:ed:69:
2c:89:fa:d3:39:62:a7:58:b4:a5:c0:27:fb:0c:8f:a2:05:65:
b1:c3:aa:5f:a0:be:be:29:ab:1d:97:ea:10:8b:19:bc:78:57:
31:3f:77:8b:b7:09:2b:48:6b:15:7e:b1:a8:53:12:c0:00:af:
92:0e:5f:90:83:59:a5:e3:db:6d:86:29:f6:49:03:78:a5:bf:
aa:f9:08:4c:00:ff:eb:0d:8f:f4:17:ac:f5:03:55:46:11:62:
49:29:9e:84:4e:57:a1:be:be:e8:9c:8e:9b:2e:a6:aa:f8:44:
cb:0e:45:d5:a2:d2:e0:27:00:70:8d:03:c6:2c:4b:1e:0f:e9:
4f:d0:d4:f3:b8:07:7f:91:5a:34:83:7b:de:dd:c8:c7:cd:5e:
c0:31:1a:68:47:da:c1:c1:d8:c4:9f:0d:c8:03:6d:d5:eb:8d:
dc:49:6c:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgx
NjUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFENEQ0REIyQUY5NEE2
MkI3MjRFNURBQjA1M0VBRkJGRkMwRTg5REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlaeLH+7L62SCt/B7BQ1PSewAdrka3Cw/KEue+B6BG/Z60r3jh
Al7UjgFDLG0Q2nP//foUi73iDE9YBzh/4ahNeNGV8fzOXYUjrw3wlkMO008Ebjne
sdjwcBvBfYYKQG07+PU4RETmjCvNzbOiIrones7eo9WJQmeShCjuDVotrc0jir3r
FrgkPW0pJ/IKWaKS4INPngJH9DgA1oJ4H/sk/+gmCZ/AwT43zJYww9C3UibFEP5s
U6DU9oDOu8npl7aIjwqm5WmjwqTfXJJFv0R8eKjDuZB2rCmQ202vY2huDhz4pxGE
CrzoOXgOCe3OHiex8drmRDqGLTJkqRrXP2CXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrU1Nsq+UpityTl2rBT6vv/wOidowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3JVMU5zcS1VcGl0eVRs
MnJCVDZ2dl93T2lkby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXNC8E53Pd0EUKM53gw2Zb2Q6YTVas0L7
n7TAUEcG/FY+tcbouzQ6jPmA39GzIc7BydQ7T00prjXOOgqceHRejF0vSJaoX7x9
ldZQLTfVLnBRkCkdZp+1QO1pLIn60zlip1i0pcAn+wyPogVlscOqX6C+vimrHZfq
EIsZvHhXMT93i7cJK0hrFX6xqFMSwACvkg5fkINZpePbbYYp9kkDeKW/qvkITAD/
6w2P9Bes9QNVRhFiSSmehE5Xob6+6JyOmy6mqvhEyw5F1aLS4CcAcI0DxixLHg/p
T9DU87gHf5FaNIN73t3Ix81ewDEaaEfawcHYxJ8NyANt1euN3Els9A==
-----END CERTIFICATE-----
Generated at Mon Apr 8 23:55:35 2024 by rpki-client on console.sobornost.net