Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/s4-ZC7TMPbrstVp6txS68F7AdcI.roa
File: s4-ZC7TMPbrstVp6txS68F7AdcI.roa (raw, json)
Hash identifier: fi/7Yen5ZEThuMTxr2uoaOJmsr2+rDHvfbG/pJAVN3Q=
Subject key identifier: B3:8F:99:0B:B4:CC:3D:BA:EC:B5:5A:7A:B7:14:BA:F0:5E:C0:75:C2
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A7E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/s4-ZC7TMPbrstVp6txS68F7AdcI.roa
Signing time: Tue 30 Apr 2024 14:54:02 +0000
ROA not before: Tue 30 Apr 2024 14:54:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6782 (0x1a7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 14:54:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B38F990BB4CC3DBAECB55A7AB714BAF05EC075C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:87:76:84:44:7e:19:09:a2:71:d4:fa:c5:68:
76:30:3a:3f:c7:bc:79:eb:0e:ad:69:9c:74:f3:e0:
4a:72:4e:d9:a4:ba:5a:87:43:51:0d:90:9f:d0:47:
05:43:4c:00:89:0a:cb:15:09:18:0a:75:20:5c:5a:
86:61:4a:11:74:f6:04:ce:4f:89:51:e7:13:b0:2f:
2f:da:a1:d4:ee:2d:d0:6d:70:07:44:73:f2:89:c2:
6d:12:a0:16:ef:35:a7:45:96:dd:6c:cb:a3:4a:61:
f8:c7:ab:a0:96:37:56:fd:44:cb:7d:5a:5d:b7:c3:
f7:30:79:e2:33:75:52:c0:e5:b1:41:4e:36:66:a5:
a5:18:bc:42:1c:5f:1b:ec:d6:60:22:57:f3:41:cb:
41:ef:a6:be:13:ef:b5:69:a5:d0:09:1c:da:67:0e:
d4:50:6f:fb:ef:5e:ba:49:bf:cb:33:32:37:16:9e:
89:47:22:96:77:84:8b:23:c8:ba:b8:66:a9:8e:53:
e7:ab:b3:8e:84:42:09:41:d3:be:6c:ad:b9:5b:db:
a9:62:db:fe:b3:8b:bb:cd:b6:e6:f0:e9:b0:bb:7e:
12:c2:91:b2:74:98:12:f8:1c:f5:0f:7e:06:b1:4c:
da:ff:bf:9f:16:90:96:68:bf:4c:90:a0:8f:ee:c2:
1d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:8F:99:0B:B4:CC:3D:BA:EC:B5:5A:7A:B7:14:BA:F0:5E:C0:75:C2
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/s4-ZC7TMPbrstVp6txS68F7AdcI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:c1:87:55:49:b3:94:5a:8b:e1:b1:e9:f3:02:ac:1b:67:97:
93:80:4b:dc:0d:60:60:dc:0d:a0:3b:ad:b0:28:86:41:73:54:
4a:f2:11:ff:70:f4:a5:ea:52:63:2a:74:fb:6b:8e:f0:16:a9:
f8:73:51:49:f7:e1:36:49:53:30:85:94:0d:b7:71:85:1e:0d:
ed:bc:70:07:32:23:2e:b4:5b:d2:b9:45:25:c3:ac:e8:77:d9:
83:10:85:d7:47:b3:b5:13:79:e7:02:ab:9d:e0:cc:a3:86:b2:
4c:42:18:06:63:2f:7c:09:ff:fb:ed:45:6e:4b:dd:1d:5f:6a:
d7:84:ca:1e:da:ca:cb:9b:af:af:b3:f9:72:b6:c5:5f:52:c2:
e7:2c:c6:10:6d:1d:13:1c:e3:0b:39:3f:11:de:cd:9e:24:f8:
e9:b4:1d:fa:0b:80:b4:45:0a:4c:fd:fc:8d:1b:d6:0f:18:c3:
5e:90:8c:b5:bf:82:f6:13:ce:70:a8:d0:c3:37:f8:16:b4:07:
83:82:7f:13:28:a5:d4:23:b8:cb:bc:b2:87:f3:30:a2:83:f7:
96:03:8d:74:d4:87:a3:a4:20:d6:ea:e5:49:1b:92:c8:d2:53:
8f:b6:12:b2:da:f0:ff:cf:5d:2d:c0:be:38:90:3c:23:db:d6:
d2:52:9a:c2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAx
NDU0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzOEY5OTBCQjRDQzNE
QkFFQ0I1NUE3QUI3MTRCQUYwNUVDMDc1QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/h3aERH4ZCaJx1PrFaHYwOj/HvHnrDq1pnHTz4EpyTtmkulqH
Q1ENkJ/QRwVDTACJCssVCRgKdSBcWoZhShF09gTOT4lR5xOwLy/aodTuLdBtcAdE
c/KJwm0SoBbvNadFlt1sy6NKYfjHq6CWN1b9RMt9Wl23w/cweeIzdVLA5bFBTjZm
paUYvEIcXxvs1mAiV/NBy0Hvpr4T77VppdAJHNpnDtRQb/vvXrpJv8szMjcWnolH
IpZ3hIsjyLq4ZqmOU+ers46EQglB075srblb26li2/6zi7vNtubw6bC7fhLCkbJ0
mBL4HPUPfgaxTNr/v58WkJZov0yQoI/uwh3TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUs4+ZC7TMPbrstVp6txS68F7AdcIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3M0LVpDN1RNUGJyc3RW
cDZ0eFM2OEY3QWRjSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAksGHVUmzlFqL4bHp8wKsG2eXk4BL3A1g
YNwNoDutsCiGQXNUSvIR/3D0pepSYyp0+2uO8Bap+HNRSffhNklTMIWUDbdxhR4N
7bxwBzIjLrRb0rlFJcOs6HfZgxCF10eztRN55wKrneDMo4ayTEIYBmMvfAn/++1F
bkvdHV9q14TKHtrKy5uvr7P5crbFX1LC5yzGEG0dExzjCzk/Ed7NniT46bQd+guA
tEUKTP38jRvWDxjDXpCMtb+C9hPOcKjQwzf4FrQHg4J/Eyil1CO4y7yyh/MwooP3
lgONdNSHo6Qg1urlSRuSyNJTj7YSstrw/89dLcC+OJA8I9vW0lKawg==
-----END CERTIFICATE-----
Generated at Tue Apr 30 18:40:19 2024 by rpki-client on console.sobornost.net