Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/vGDWgucoskT_b8Uhaemgh3d-shU.roa
File: vGDWgucoskT_b8Uhaemgh3d-shU.roa (raw, json)
Hash identifier: 3gie0HjgtXhLRZZTAMmLt+sT6P7EVCfWTDb6lXBAhj0=
Subject key identifier: BC:60:D6:82:E7:28:B2:44:FF:6F:C5:21:69:E9:A0:87:77:7E:B2:15
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 14E2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/vGDWgucoskT_b8Uhaemgh3d-shU.roa
Signing time: Mon 15 Apr 2024 15:53:18 +0000
ROA not before: Mon 15 Apr 2024 15:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5346 (0x14e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 15:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BC60D682E728B244FF6FC52169E9A087777EB215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:67:12:47:36:0e:cb:92:c0:bf:e7:d9:7f:1a:
37:e0:55:e6:d7:ff:4f:33:31:55:7d:1a:87:80:9c:
cf:29:d9:14:21:7c:78:6d:94:9b:11:d8:06:5c:c4:
e3:51:b0:65:86:10:f9:e2:b9:c2:52:85:46:c6:8a:
4a:2a:41:2f:03:a3:47:ce:da:bd:2d:4a:30:b1:f1:
0d:a6:8f:60:c7:a3:9a:1d:6d:6f:6d:62:66:fc:09:
81:98:59:94:cd:27:3e:c1:1e:8c:a6:84:41:a9:3e:
60:3d:08:4e:89:e1:63:97:fa:5a:43:09:ad:a9:3d:
e7:97:68:47:9d:e0:8c:5c:1e:9e:a3:79:6c:a2:d0:
25:70:b0:f8:56:23:1b:84:c1:2e:8c:a4:31:59:c1:
ae:2b:be:68:0c:76:70:a0:48:f4:a9:d3:42:97:1d:
6e:4b:a3:f1:c3:62:24:e6:40:29:05:66:34:15:2c:
05:ec:23:23:f2:7f:c1:29:e5:f4:4b:ab:57:64:56:
8c:24:fe:0c:c0:00:ba:af:48:5f:73:04:7b:41:4a:
4e:bd:3b:04:bb:1d:f0:57:db:03:a6:83:0e:c0:59:
03:45:bd:2e:fd:c7:90:74:26:8e:26:72:50:8f:1a:
ce:e1:f8:40:0b:7d:0e:0b:37:48:4d:27:fc:a3:64:
40:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:60:D6:82:E7:28:B2:44:FF:6F:C5:21:69:E9:A0:87:77:7E:B2:15
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/vGDWgucoskT_b8Uhaemgh3d-shU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:db:28:73:bd:57:6f:1d:67:24:09:fb:7a:00:ca:d5:35:8f:
e7:fe:16:19:1c:b9:36:ea:15:1c:56:7e:f3:b7:a0:d3:dc:1f:
72:a7:1f:d4:c6:64:8a:b3:00:d1:db:ce:cb:10:8b:f1:9d:03:
af:79:3f:2c:ce:05:17:b9:22:88:63:9b:52:f2:4f:5c:5c:c6:
9b:71:db:33:25:18:3c:dc:2b:f2:3a:99:ad:35:5e:c9:41:3a:
ca:d1:63:93:ac:6b:e6:e3:14:5c:a1:36:c7:7c:a1:a2:31:dc:
01:a3:0e:0d:fa:a5:e6:0b:cc:30:89:40:a4:99:2e:94:6c:49:
b9:4c:4d:dc:c2:9d:71:7d:65:42:66:59:bc:bd:74:79:dd:2b:
fd:28:4d:34:c7:6b:d0:02:e0:62:58:00:a4:71:20:01:18:f3:
f3:b6:47:9f:68:2f:84:2d:9b:0c:d4:8e:46:7b:f8:d8:2e:cd:
ba:ec:c2:9c:ae:a7:e9:c7:a9:49:77:c0:08:43:d2:f1:49:71:
f2:0a:7e:94:04:33:d9:56:19:a0:7f:3a:36:48:d1:ab:ad:0f:
f7:7f:98:99:35:b7:e4:62:1a:83:e1:c8:7d:ad:db:39:dc:9a:
ec:6c:85:c1:88:b3:13:ba:64:b4:af:f9:d2:94:29:64:35:4b:
64:ca:a7:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFOIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUx
NTUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDNjBENjgyRTcyOEIy
NDRGRjZGQzUyMTY5RTlBMDg3Nzc3RUIyMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4ZxJHNg7LksC/59l/GjfgVebX/08zMVV9GoeAnM8p2RQhfHht
lJsR2AZcxONRsGWGEPniucJShUbGikoqQS8Do0fO2r0tSjCx8Q2mj2DHo5odbW9t
Ymb8CYGYWZTNJz7BHoymhEGpPmA9CE6J4WOX+lpDCa2pPeeXaEed4IxcHp6jeWyi
0CVwsPhWIxuEwS6MpDFZwa4rvmgMdnCgSPSp00KXHW5Lo/HDYiTmQCkFZjQVLAXs
IyPyf8Ep5fRLq1dkVowk/gzAALqvSF9zBHtBSk69OwS7HfBX2wOmgw7AWQNFvS79
x5B0Jo4mclCPGs7h+EALfQ4LN0hNJ/yjZECdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvGDWgucoskT/b8Uhaemgh3d+shUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3ZHRFdndWNvc2tUX2I4
VWhhZW1naDNkLXNoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAytsoc71Xbx1nJAn7egDK1TWP5/4WGRy5
NuoVHFZ+87eg09wfcqcf1MZkirMA0dvOyxCL8Z0Dr3k/LM4FF7kiiGObUvJPXFzG
m3HbMyUYPNwr8jqZrTVeyUE6ytFjk6xr5uMUXKE2x3yhojHcAaMODfql5gvMMIlA
pJkulGxJuUxN3MKdcX1lQmZZvL10ed0r/ShNNMdr0ALgYlgApHEgARjz87ZHn2gv
hC2bDNSORnv42C7NuuzCnK6n6cepSXfACEPS8Ulx8gp+lAQz2VYZoH86NkjRq60P
93+YmTW35GIag+HIfa3bOdya7GyFwYizE7pktK/50pQpZDVLZMqnxg==
-----END CERTIFICATE-----
Generated at Tue Apr 16 00:10:50 2024 by rpki-client on console.sobornost.net