Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/rzSXXiUXwsChCwlKNJrISc9pUkk.roa
File: rzSXXiUXwsChCwlKNJrISc9pUkk.roa (raw, json)
Hash identifier: snKWqjQOmbYWYg51Ua1RmO21M0pN+zUnOTArL2aMZxA=
Subject key identifier: AF:34:97:5E:25:17:C2:C0:A1:0B:09:4A:34:9A:C8:49:CF:69:52:49
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 147E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rzSXXiUXwsChCwlKNJrISc9pUkk.roa
Signing time: Sun 14 Apr 2024 14:53:24 +0000
ROA not before: Sun 14 Apr 2024 14:53:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5246 (0x147e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 14:53:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AF34975E2517C2C0A10B094A349AC849CF695249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dc:31:1a:97:aa:d8:9e:8d:f3:9d:69:a6:1f:
6e:61:e1:d5:a2:97:e2:d7:04:09:00:68:5d:af:53:
9e:b8:07:a4:77:24:ab:7e:5f:c2:a9:7f:ed:0d:d5:
1c:9f:04:98:f5:dc:5a:0c:6b:e1:0a:fe:3a:ea:0e:
a3:7f:a1:69:c8:40:08:02:74:f9:41:3a:58:56:18:
9f:21:5d:a8:67:99:c0:ea:b5:4e:16:6b:3a:a6:33:
4f:4f:2f:0f:91:40:29:5f:c1:60:44:b6:d0:ac:97:
a3:45:44:50:77:8d:13:65:89:e1:33:4c:b7:76:6b:
b3:98:31:5b:72:7e:cd:03:ef:cb:d1:0e:07:2d:5c:
6f:8a:f9:94:49:7f:18:73:1e:51:90:93:54:33:38:
d8:15:44:aa:c4:7a:02:26:3e:5a:7c:a4:7a:e9:c0:
ce:aa:63:3b:e9:b4:7f:0b:50:e5:bb:3a:53:72:f1:
dc:16:e2:f4:e6:12:64:aa:bd:eb:d2:27:5c:25:2e:
46:5d:42:40:24:a6:e1:4e:06:88:61:8f:b7:35:01:
9f:80:09:cf:2f:4a:c6:15:35:5f:06:2c:e2:19:94:
8a:19:2c:96:09:a5:d6:6f:96:0d:20:86:e4:20:31:
91:cf:55:33:5f:65:d6:90:3e:ac:60:c6:6c:0a:18:
1d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:34:97:5E:25:17:C2:C0:A1:0B:09:4A:34:9A:C8:49:CF:69:52:49
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rzSXXiUXwsChCwlKNJrISc9pUkk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:2b:4e:9e:40:dc:a0:5f:cf:02:96:36:ad:1f:5d:7e:1c:f1:
03:3e:58:8d:08:72:85:91:8f:56:bb:66:00:bf:28:4c:e2:a0:
51:3b:d5:5b:eb:57:25:7b:67:aa:3f:a3:00:a5:b7:6e:3a:85:
1e:1e:e1:6b:cf:28:d5:12:01:ff:e6:ec:4c:b8:6b:2e:56:07:
50:c2:c9:2d:5b:5a:bc:01:49:95:ad:73:35:98:96:4a:37:bc:
bd:13:dd:9d:38:51:20:5f:2b:a4:a9:2f:d0:86:66:42:de:f6:
8f:3e:40:89:4b:c5:27:aa:9c:72:3f:c1:cb:d1:a2:a1:8c:c3:
fa:ac:35:83:57:9b:14:be:1e:98:b1:24:51:42:c0:57:58:2f:
76:13:e2:3b:90:f7:97:99:22:2c:dc:8b:cd:71:dd:f8:7e:d4:
59:63:88:26:1c:7d:b2:04:c3:17:2b:5d:b1:6a:ce:6e:40:26:
4f:5a:4f:f5:b2:99:84:9c:64:e7:8f:3d:be:f4:0c:e1:2b:7c:
be:68:1a:75:41:1f:6c:d8:e4:f8:df:b0:85:06:30:e7:36:3a:
92:79:41:10:00:00:ea:95:4f:7b:70:3f:55:2b:6a:8b:b3:6f:
73:4e:62:c0:b8:f1:a0:44:d9:79:78:d9:e7:89:41:73:04:f8:
77:38:c3:8f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFH4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQx
NDUzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGMzQ5NzVFMjUxN0My
QzBBMTBCMDk0QTM0OUFDODQ5Q0Y2OTUyNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC73DEal6rYno3znWmmH25h4dWil+LXBAkAaF2vU564B6R3JKt+
X8Kpf+0N1RyfBJj13FoMa+EK/jrqDqN/oWnIQAgCdPlBOlhWGJ8hXahnmcDqtU4W
azqmM09PLw+RQClfwWBEttCsl6NFRFB3jRNlieEzTLd2a7OYMVtyfs0D78vRDgct
XG+K+ZRJfxhzHlGQk1QzONgVRKrEegImPlp8pHrpwM6qYzvptH8LUOW7OlNy8dwW
4vTmEmSqvevSJ1wlLkZdQkAkpuFOBohhj7c1AZ+ACc8vSsYVNV8GLOIZlIoZLJYJ
pdZvlg0ghuQgMZHPVTNfZdaQPqxgxmwKGB3xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrzSXXiUXwsChCwlKNJrISc9pUkkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3J6U1hYaVVYd3NDaEN3
bEtOSnJJU2M5cFVray5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEASCtOnkDcoF/PApY2rR9dfhzxAz5YjQhy
hZGPVrtmAL8oTOKgUTvVW+tXJXtnqj+jAKW3bjqFHh7ha88o1RIB/+bsTLhrLlYH
UMLJLVtavAFJla1zNZiWSje8vRPdnThRIF8rpKkv0IZmQt72jz5AiUvFJ6qccj/B
y9GioYzD+qw1g1ebFL4emLEkUULAV1gvdhPiO5D3l5kiLNyLzXHd+H7UWWOIJhx9
sgTDFytdsWrObkAmT1pP9bKZhJxk5489vvQM4St8vmgadUEfbNjk+N+whQYw5zY6
knlBEAAA6pVPe3A/VStqi7Nvc05iwLjxoETZeXjZ54lBcwT4dzjDjw==
-----END CERTIFICATE-----
Generated at Sun Apr 14 18:59:53 2024 by rpki-client on console.sobornost.net