Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/t5cb_ZQNki-IzKxMxuLHRGg59ME.roa
File: t5cb_ZQNki-IzKxMxuLHRGg59ME.roa (raw, json)
Hash identifier: 68B9JCrngWGlsU+VqGuyioFQlWZuSSFe7cg8FSt/LyQ=
Subject key identifier: B7:97:1B:FD:94:0D:92:2F:88:CC:AC:4C:C6:E2:C7:44:68:39:F4:C1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F2C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/t5cb_ZQNki-IzKxMxuLHRGg59ME.roa
Signing time: Sun 31 Mar 2024 10:22:35 +0000
ROA not before: Sun 31 Mar 2024 10:22:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3884 (0xf2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 10:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B7971BFD940D922F88CCAC4CC6E2C7446839F4C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c7:92:ee:cc:af:e9:9c:0b:0e:5a:ce:d7:88:
d7:8e:56:b9:ff:05:2a:b9:46:a9:e8:09:c7:13:f9:
6f:ca:d5:95:93:76:ef:0f:ce:65:9c:91:f8:6b:b4:
a3:14:7d:30:0a:71:ff:4d:82:52:3f:66:e4:ed:bb:
71:bf:e4:b3:81:8e:93:80:e5:cc:92:2e:bc:ad:9d:
0b:6b:6b:df:31:df:98:5e:5b:47:30:19:52:9a:5c:
8f:ec:0c:78:de:49:31:82:19:6d:6a:d1:15:da:e7:
ec:c8:11:28:63:24:34:36:ca:ee:e8:03:a2:fc:ac:
b7:0a:c6:f4:b0:19:e9:00:6f:fa:21:a3:1e:45:e5:
a2:da:ca:9a:39:78:93:38:0f:e8:00:3e:eb:51:e9:
00:8f:d4:ef:58:c3:f0:6a:fb:9e:1b:c4:46:fc:28:
76:49:9b:56:db:5b:50:70:c5:66:ef:b1:71:54:f4:
c6:93:91:48:62:3f:ee:03:47:c6:7a:69:65:00:a4:
23:e8:24:6c:0c:8d:c9:74:8b:5b:eb:44:18:8b:fe:
ff:cd:58:9e:9e:75:e1:03:47:02:01:0f:cb:47:18:
00:aa:fe:69:0a:d8:c4:13:18:a8:99:95:60:83:ac:
89:55:32:c3:34:16:b8:46:c0:79:f1:b2:d1:29:fb:
7e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:97:1B:FD:94:0D:92:2F:88:CC:AC:4C:C6:E2:C7:44:68:39:F4:C1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/t5cb_ZQNki-IzKxMxuLHRGg59ME.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:e0:d9:2a:56:ff:ef:62:dc:91:b9:26:95:a6:36:d6:a7:36:
3c:d7:10:e1:4f:71:46:06:ef:2e:41:18:24:f3:30:d3:90:86:
9d:14:12:de:fc:bc:53:0e:55:a4:9d:08:1a:5b:fe:1f:bf:f2:
3f:23:41:73:6f:cf:98:7f:35:f8:96:d9:b4:84:3f:d8:c0:f0:
8c:d2:20:09:b3:fa:67:79:e7:c0:06:c6:34:f9:dd:b4:ea:8f:
68:dc:10:09:0d:b0:67:2f:a0:77:c6:f3:3f:0c:ea:b6:f2:fb:
cc:9c:69:dd:60:9f:30:19:a0:2e:8a:96:ca:81:8d:da:91:5a:
b4:b1:b5:f9:67:fd:30:a5:41:f6:4e:d3:6e:3f:5c:a8:a8:dc:
24:a0:00:33:6b:5d:4e:a9:51:f0:58:6d:28:f2:e4:16:e5:a2:
fd:f6:62:70:fd:83:c0:5c:5d:2d:21:a3:5e:f4:69:df:dd:9b:
a7:27:76:67:7a:89:20:63:78:38:1a:e2:44:7a:d6:73:74:55:
1c:68:40:e7:0a:fc:b1:c0:0a:13:6d:5b:71:4f:e8:de:58:5a:
f4:83:e2:2d:aa:01:1f:b3:7b:5f:81:13:99:76:4d:e8:6b:4a:
33:24:c0:cb:bf:6a:9e:2c:6d:0b:cd:b7:18:14:91:c3:80:d5:
3f:14:44:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDywwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEx
MDIyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3OTcxQkZEOTQwRDky
MkY4OENDQUM0Q0M2RTJDNzQ0NjgzOUY0QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDax5LuzK/pnAsOWs7XiNeOVrn/BSq5RqnoCccT+W/K1ZWTdu8P
zmWckfhrtKMUfTAKcf9NglI/ZuTtu3G/5LOBjpOA5cySLrytnQtra98x35heW0cw
GVKaXI/sDHjeSTGCGW1q0RXa5+zIEShjJDQ2yu7oA6L8rLcKxvSwGekAb/ohox5F
5aLaypo5eJM4D+gAPutR6QCP1O9Yw/Bq+54bxEb8KHZJm1bbW1BwxWbvsXFU9MaT
kUhiP+4DR8Z6aWUApCPoJGwMjcl0i1vrRBiL/v/NWJ6edeEDRwIBD8tHGACq/mkK
2MQTGKiZlWCDrIlVMsM0FrhGwHnxstEp+34PAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUt5cb/ZQNki+IzKxMxuLHRGg59MEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3Q1Y2JfWlFOa2ktSXpL
eE14dUxIUkdnNTlNRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAA+DZKlb/72LckbkmlaY21qc2PNcQ4U9x
RgbvLkEYJPMw05CGnRQS3vy8Uw5VpJ0IGlv+H7/yPyNBc2/PmH81+JbZtIQ/2MDw
jNIgCbP6Z3nnwAbGNPndtOqPaNwQCQ2wZy+gd8bzPwzqtvL7zJxp3WCfMBmgLoqW
yoGN2pFatLG1+Wf9MKVB9k7Tbj9cqKjcJKAAM2tdTqlR8FhtKPLkFuWi/fZicP2D
wFxdLSGjXvRp392bpyd2Z3qJIGN4OBriRHrWc3RVHGhA5wr8scAKE21bcU/o3lha
9IPiLaoBH7N7X4ETmXZN6GtKMyTAy79qnixtC823GBSRw4DVPxREpQ==
-----END CERTIFICATE-----
Generated at Sun Mar 31 13:30:54 2024 by rpki-client on console.sobornost.net