Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/s2Ur0vRoanaYXu-cyEGrePm75Rs.roa
File: s2Ur0vRoanaYXu-cyEGrePm75Rs.roa (raw, json)
Hash identifier: Yz9tZxMjcnFMNrxpyy81iR0MWSCHIu3hhOJmrkKc1OQ=
Subject key identifier: B3:65:2B:D2:F4:68:6A:76:98:5E:EF:9C:C8:41:AB:78:F9:BB:E5:1B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E98
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/s2Ur0vRoanaYXu-cyEGrePm75Rs.roa
Signing time: Fri 29 Mar 2024 21:23:23 +0000
ROA not before: Fri 29 Mar 2024 21:23:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3736 (0xe98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 21:23:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B3652BD2F4686A76985EEF9CC841AB78F9BBE51B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d8:13:38:9b:5d:1a:54:64:44:3c:5e:fb:4d:
8a:14:cb:20:0e:e1:72:0e:31:05:e3:25:ce:2e:73:
4d:f9:12:cb:68:31:2c:a5:6a:64:3f:9f:34:df:03:
aa:ab:4a:21:9c:43:76:fc:71:87:a6:fe:66:5d:e5:
62:4a:22:8e:fc:11:4b:54:7c:91:16:31:d6:61:4f:
82:2c:cc:d0:fb:63:77:15:c6:e3:08:bd:77:07:68:
bc:c5:ad:7d:cf:46:d1:ea:27:0b:15:5c:ea:ec:97:
40:80:19:62:44:62:2f:29:60:18:74:dd:85:6b:2d:
22:e2:da:4c:7b:6e:d8:c0:3d:42:cf:7b:16:5e:62:
4a:b7:09:68:b2:d3:d8:6c:c7:98:36:2e:fb:ce:80:
24:f8:ad:8a:da:ba:97:f2:32:88:16:a0:f3:10:7d:
fb:84:02:3c:54:9e:01:f3:e3:7a:50:55:6b:de:74:
01:4d:cd:dc:37:31:c8:d9:23:43:64:f5:d1:ac:97:
20:4c:e2:36:65:25:7d:30:20:44:4a:5b:68:50:74:
3c:98:0c:bf:e1:e3:99:19:51:47:34:77:47:91:3b:
35:5a:24:27:2e:00:d5:36:b5:49:8a:f7:16:d6:77:
66:8b:d9:9b:5e:0c:68:f7:4e:a8:74:1f:e2:52:87:
82:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:65:2B:D2:F4:68:6A:76:98:5E:EF:9C:C8:41:AB:78:F9:BB:E5:1B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/s2Ur0vRoanaYXu-cyEGrePm75Rs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:fc:6d:89:44:80:4b:5a:53:21:15:54:9c:4a:c4:f7:be:15:
c7:12:3d:0d:d5:cf:58:18:64:52:54:bc:1c:95:2d:ba:42:61:
53:38:80:67:0b:f7:ab:34:82:f5:60:ed:17:24:02:ca:92:78:
3f:65:5d:0c:c2:ee:a5:c9:ba:d4:46:c3:42:a9:93:68:f2:15:
ac:e0:95:f3:ef:2c:49:a0:3b:ab:8e:96:ff:bf:79:cc:47:76:
27:0e:0b:3c:77:e1:12:8f:11:e4:ca:91:fa:87:e8:eb:a8:58:
6f:86:82:f8:44:0c:d3:84:ed:de:a5:11:da:d0:37:9f:18:1c:
99:f0:ba:f4:c5:61:4f:bb:d3:77:3d:f1:c5:46:e9:2b:87:b0:
1f:f8:82:57:cb:a4:2b:eb:50:be:c0:8b:4d:6b:7d:40:54:12:
1e:e6:f1:df:cc:b1:c7:ee:41:65:d0:1b:9c:ed:6d:e5:bd:17:
a9:d3:22:42:bb:e0:cf:81:70:b6:35:1d:c3:9b:a0:4e:17:b1:
87:a0:31:38:20:61:81:a9:bf:52:45:c0:bd:ea:dd:1b:4c:1c:
3d:37:e5:59:25:b7:95:37:20:83:d6:f5:0c:0a:59:de:60:a3:
55:0d:50:35:48:dc:d6:ff:ca:0f:fa:94:01:47:37:a1:f1:2d:
2d:cf:03:1b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjky
MTIzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzNjUyQkQyRjQ2ODZB
NzY5ODVFRUY5Q0M4NDFBQjc4RjlCQkU1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo2BM4m10aVGREPF77TYoUyyAO4XIOMQXjJc4uc035EstoMSyl
amQ/nzTfA6qrSiGcQ3b8cYem/mZd5WJKIo78EUtUfJEWMdZhT4IszND7Y3cVxuMI
vXcHaLzFrX3PRtHqJwsVXOrsl0CAGWJEYi8pYBh03YVrLSLi2kx7btjAPULPexZe
Ykq3CWiy09hsx5g2LvvOgCT4rYraupfyMogWoPMQffuEAjxUngHz43pQVWvedAFN
zdw3McjZI0Nk9dGslyBM4jZlJX0wIERKW2hQdDyYDL/h45kZUUc0d0eROzVaJCcu
ANU2tUmK9xbWd2aL2ZteDGj3Tqh0H+JSh4ItAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUs2Ur0vRoanaYXu+cyEGrePm75RswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3MyVXIwdlJvYW5hWVh1
LWN5RUdyZVBtNzVScy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAVPxtiUSAS1pTIRVUnErE974VxxI9DdXP
WBhkUlS8HJUtukJhUziAZwv3qzSC9WDtFyQCypJ4P2VdDMLupcm61EbDQqmTaPIV
rOCV8+8sSaA7q46W/795zEd2Jw4LPHfhEo8R5MqR+ofo66hYb4aC+EQM04Tt3qUR
2tA3nxgcmfC69MVhT7vTdz3xxUbpK4ewH/iCV8ukK+tQvsCLTWt9QFQSHubx38yx
x+5BZdAbnO1t5b0XqdMiQrvgz4FwtjUdw5ugThexh6AxOCBhgam/UkXAverdG0wc
PTflWSW3lTcgg9b1DApZ3mCjVQ1QNUjc1v/KD/qUAUc3ofEtLc8DGw==
Generated at Sat Mar 30 05:22:44 2024 by rpki-client on console.sobornost.net