Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/slYDMx1IzkOLUbB3T1LBeVROh_o.roa
File: slYDMx1IzkOLUbB3T1LBeVROh_o.roa (raw, json)
Hash identifier: vSLfJHaFFS59soT+rcB3tdYzWbitpeXBS64CGU539eQ=
Subject key identifier: B2:56:03:33:1D:48:CE:43:8B:51:B0:77:4F:52:C1:79:54:4E:87:FA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1194
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/slYDMx1IzkOLUbB3T1LBeVROh_o.roa
Signing time: Sat 06 Apr 2024 20:22:56 +0000
ROA not before: Sat 06 Apr 2024 20:22:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4500 (0x1194)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 20:22:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B25603331D48CE438B51B0774F52C179544E87FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:68:4d:40:d8:03:54:02:d4:27:9c:21:17:a4:
3f:1d:dc:d5:9d:ed:0c:72:bc:51:1b:65:75:dd:f9:
7b:57:27:b1:4f:b7:f5:0d:0f:41:93:dc:38:b1:a4:
56:42:be:86:63:8f:cf:6d:0b:14:01:4d:39:00:dc:
3d:8b:22:cd:96:67:3e:5c:e8:94:41:4b:d0:43:ae:
77:b9:d9:70:77:bc:75:de:4e:2e:fe:3a:3a:cb:ec:
8d:19:d3:7f:64:25:bc:7c:74:59:83:4b:a5:62:7e:
1b:0c:ea:df:00:6c:21:d9:b7:39:f3:f6:16:f6:79:
21:cc:f1:04:00:bd:08:aa:cf:df:31:2a:90:79:75:
85:15:7f:92:ff:24:76:a5:8a:66:c1:e7:96:8f:7d:
cf:e3:06:32:e7:da:51:cd:3f:f6:be:66:5b:7a:ad:
14:2f:88:59:02:3b:13:94:25:e3:20:7d:9a:35:c0:
d0:33:b9:4d:36:ff:63:5c:5c:50:e8:94:7e:ae:3f:
6f:48:1d:e4:ba:98:e9:9c:50:04:92:9a:b0:ab:7d:
6f:bb:61:cc:39:b8:ac:df:6c:ac:b8:11:ce:ea:2f:
32:f0:8f:c6:7e:e1:e7:78:ff:62:f7:1f:06:5c:28:
c7:80:34:da:81:bf:9b:98:38:69:c7:40:56:63:a6:
01:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:56:03:33:1D:48:CE:43:8B:51:B0:77:4F:52:C1:79:54:4E:87:FA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/slYDMx1IzkOLUbB3T1LBeVROh_o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:1d:64:b9:e0:3c:c7:d5:9d:94:95:52:15:7c:3c:11:28:1f:
a1:b5:72:35:e9:a6:b8:09:ae:32:c9:61:3e:5a:f0:f4:3b:e4:
cc:b4:2b:e0:b6:a5:77:34:e4:3e:b2:4c:81:7e:70:65:25:4d:
6b:4a:93:c1:b0:00:ed:b9:c2:aa:ef:b6:d4:b0:1a:66:8f:29:
49:37:c0:d7:2c:21:83:8d:e4:f3:7a:31:13:61:b4:1e:5b:6a:
d5:18:19:9c:1a:1b:4e:8f:c0:53:0d:04:04:28:59:3d:77:fe:
c4:d2:97:4c:d0:78:f5:2f:02:68:0d:05:46:61:08:ee:3d:36:
f8:89:b8:bb:61:41:7c:60:6a:01:bd:b6:be:2c:77:ad:78:4a:
52:db:40:78:5f:1c:b1:11:33:01:24:8a:e7:f4:e8:96:3c:53:
7b:1c:ff:06:0b:63:00:25:8b:2b:0d:46:bc:3e:50:90:49:a0:
ae:6f:b1:34:39:7b:de:f7:d8:8c:34:79:7a:54:1a:3b:7a:02:
f4:8d:5d:a9:b5:d5:b1:f6:8e:80:cd:c4:f8:81:fe:ed:f0:9d:
1c:ba:0f:cf:43:d4:c8:65:9a:2a:a5:37:c9:f0:c0:ba:1e:87:
8f:10:7b:2e:76:79:39:da:a5:8b:6e:2a:03:c1:f1:ea:b1:4c:
cc:00:0c:fa
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYy
MDIyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIyNTYwMzMzMUQ0OENF
NDM4QjUxQjA3NzRGNTJDMTc5NTQ0RTg3RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxaE1A2ANUAtQnnCEXpD8d3NWd7QxyvFEbZXXd+XtXJ7FPt/UN
D0GT3DixpFZCvoZjj89tCxQBTTkA3D2LIs2WZz5c6JRBS9BDrne52XB3vHXeTi7+
OjrL7I0Z039kJbx8dFmDS6VifhsM6t8AbCHZtznz9hb2eSHM8QQAvQiqz98xKpB5
dYUVf5L/JHalimbB55aPfc/jBjLn2lHNP/a+Zlt6rRQviFkCOxOUJeMgfZo1wNAz
uU02/2NcXFDolH6uP29IHeS6mOmcUASSmrCrfW+7Ycw5uKzfbKy4Ec7qLzLwj8Z+
4ed4/2L3HwZcKMeANNqBv5uYOGnHQFZjpgHVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUslYDMx1IzkOLUbB3T1LBeVROh/owHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3NsWURNeDFJemtPTFVi
QjNUMUxCZVZST2hfby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXx1kueA8x9WdlJVSFXw8ESgfobVyNemm
uAmuMslhPlrw9DvkzLQr4LaldzTkPrJMgX5wZSVNa0qTwbAA7bnCqu+21LAaZo8p
STfA1ywhg43k83oxE2G0Hltq1RgZnBobTo/AUw0EBChZPXf+xNKXTNB49S8CaA0F
RmEI7j02+Im4u2FBfGBqAb22vix3rXhKUttAeF8csREzASSK5/ToljxTexz/Bgtj
ACWLKw1GvD5QkEmgrm+xNDl73vfYjDR5elQaO3oC9I1dqbXVsfaOgM3E+IH+7fCd
HLoPz0PUyGWaKqU3yfDAuh6HjxB7LnZ5Odqli24qA8Hx6rFMzAAM+g==
-----END CERTIFICATE-----
Generated at Sun Apr 7 03:14:14 2024 by rpki-client on console.sobornost.net