Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/z0LWUgf9OQbDb9v07AuTJORlQs8.roa
File: z0LWUgf9OQbDb9v07AuTJORlQs8.roa (raw, json)
Hash identifier: dkV16cou4kbheMeE99zPlkQZcSsjOOA3+XDksyw8CEg=
Subject key identifier: CF:42:D6:52:07:FD:39:06:C3:6F:DB:F4:EC:0B:93:24:E4:65:42:CF
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1AA0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/z0LWUgf9OQbDb9v07AuTJORlQs8.roa
Signing time: Tue 30 Apr 2024 23:24:46 +0000
ROA not before: Tue 30 Apr 2024 23:24:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6816 (0x1aa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 23:24:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CF42D65207FD3906C36FDBF4EC0B9324E46542CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:20:75:be:15:47:cb:2c:be:0f:8d:86:e1:d5:
5f:9a:3d:b2:8a:08:41:74:c7:38:19:55:9b:dc:3e:
75:96:09:0f:67:e6:e4:ec:5e:0c:d4:4f:6b:2b:6b:
79:2a:da:a4:1b:ec:6a:8e:a1:19:77:a8:5f:ad:df:
fb:d7:f6:3e:15:66:62:1f:1f:47:21:a9:cc:c4:a0:
42:15:21:1e:09:4b:ff:48:0c:8c:24:8a:b4:19:a9:
80:b1:91:b1:c6:62:ff:45:40:0d:11:25:8b:3e:5f:
c1:31:db:3c:4a:e9:13:79:97:3f:07:2c:96:d1:a8:
a7:bb:78:6a:61:d8:90:ef:96:45:d9:b8:98:3e:2b:
29:d4:97:84:6d:57:76:4e:bd:57:dd:82:81:4a:17:
83:69:bb:8e:70:a7:1d:16:90:ab:fe:3a:f5:51:bf:
b4:35:ed:ca:9b:96:ba:73:c6:c3:e3:c9:f7:52:26:
24:6a:0f:61:a1:34:aa:ae:06:47:ad:67:c8:7a:c2:
dd:83:ad:5b:2a:de:d5:d4:df:a9:67:4f:81:ee:e1:
c9:40:bf:d7:37:75:db:8e:f0:c9:0d:e7:88:97:eb:
aa:78:32:14:cb:90:9b:b4:26:85:e5:7d:47:9c:3b:
81:ed:b4:0e:bc:ad:f7:b0:c9:a3:0a:95:98:19:65:
cc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:42:D6:52:07:FD:39:06:C3:6F:DB:F4:EC:0B:93:24:E4:65:42:CF
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/z0LWUgf9OQbDb9v07AuTJORlQs8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:e6:c3:02:2a:c6:80:07:36:47:7f:3a:b5:ca:6c:85:55:8a:
2b:84:7c:e3:d0:46:28:33:e4:98:10:e6:61:8d:77:40:db:e6:
38:ba:1f:79:fc:46:8e:9b:6c:a4:dc:00:f2:08:b3:cc:a7:b9:
09:09:7b:37:1f:dc:2b:56:51:b4:51:05:b0:2c:0b:5a:e9:a0:
59:2b:ed:c4:0a:dd:4d:13:bd:c6:d4:65:3f:4f:15:04:93:36:
0e:49:35:6d:62:3a:64:9d:0b:34:31:24:63:cd:b6:57:23:ed:
32:ba:41:2c:05:ff:f7:5b:d7:5c:0f:dd:f8:ee:d5:6b:87:f6:
90:e7:29:52:8e:29:41:8e:b2:1b:24:54:a7:37:12:a3:f8:f1:
66:dd:47:f2:3a:db:d9:41:73:a5:fa:55:d2:f5:7d:12:6c:f7:
af:3d:cb:34:ed:b0:31:9b:75:ed:ef:25:2a:49:b6:75:ea:c0:
71:6a:be:10:4f:21:52:bd:d8:0f:05:68:b3:a5:4d:dc:81:98:
45:ba:b9:4a:f2:63:c1:91:a6:d8:f0:46:f8:c7:b7:e2:8c:d1:
02:4a:56:23:01:b0:5f:87:4c:17:08:16:82:79:76:c0:9d:59:
99:44:97:34:8a:00:4a:e7:9e:f2:90:e4:cf:e6:e5:46:cb:e6:
d7:32:0a:86
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGqAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAy
MzI0NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGNDJENjUyMDdGRDM5
MDZDMzZGREJGNEVDMEI5MzI0RTQ2NTQyQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8IHW+FUfLLL4PjYbh1V+aPbKKCEF0xzgZVZvcPnWWCQ9n5uTs
XgzUT2sra3kq2qQb7GqOoRl3qF+t3/vX9j4VZmIfH0chqczEoEIVIR4JS/9IDIwk
irQZqYCxkbHGYv9FQA0RJYs+X8Ex2zxK6RN5lz8HLJbRqKe7eGph2JDvlkXZuJg+
KynUl4RtV3ZOvVfdgoFKF4Npu45wpx0WkKv+OvVRv7Q17cqblrpzxsPjyfdSJiRq
D2GhNKquBketZ8h6wt2DrVsq3tXU36lnT4Hu4clAv9c3dduO8MkN54iX66p4MhTL
kJu0JoXlfUecO4HttA68rfewyaMKlZgZZcxBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUz0LWUgf9OQbDb9v07AuTJORlQs8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3owTFdVZ2Y5T1FiRGI5
djA3QXVUSk9SbFFzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAJObDAirGgAc2R386tcpshVWKK4R849BG
KDPkmBDmYY13QNvmOLofefxGjptspNwA8gizzKe5CQl7Nx/cK1ZRtFEFsCwLWumg
WSvtxArdTRO9xtRlP08VBJM2Dkk1bWI6ZJ0LNDEkY822VyPtMrpBLAX/91vXXA/d
+O7Va4f2kOcpUo4pQY6yGyRUpzcSo/jxZt1H8jrb2UFzpfpV0vV9Emz3rz3LNO2w
MZt17e8lKkm2derAcWq+EE8hUr3YDwVos6VN3IGYRbq5SvJjwZGm2PBG+Me34ozR
AkpWIwGwX4dMFwgWgnl2wJ1ZmUSXNIoASuee8pDkz+blRsvm1zIKhg==
-----END CERTIFICATE-----
Generated at Wed May 1 14:08:10 2024 by rpki-client on console.sobornost.net