Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/FwJlWfD5OD3Sic9kNgIFD-75qrg.roa
File: FwJlWfD5OD3Sic9kNgIFD-75qrg.roa (raw, json)
Hash identifier: Uy47zdGSF3C/dOGWBUd72+b0JB1aByz3Q5Qr+oxG0w0=
Subject key identifier: 17:02:65:59:F0:F9:38:3D:D2:89:CF:64:36:02:05:0F:EE:F9:AA:B8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A22
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/FwJlWfD5OD3Sic9kNgIFD-75qrg.roa
Signing time: Mon 29 Apr 2024 15:54:00 +0000
ROA not before: Mon 29 Apr 2024 15:54:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6690 (0x1a22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 29 15:54:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17026559F0F9383DD289CF643602050FEEF9AAB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d6:82:09:0e:c6:7c:35:d1:44:5e:d5:55:b7:
05:75:19:6f:22:bf:c5:54:f8:1e:93:af:3c:8d:6e:
ef:76:52:3e:6a:7f:dd:be:a6:33:73:c6:79:69:71:
a3:0d:20:78:45:78:25:bd:67:37:d6:99:62:6a:61:
f9:2e:2a:24:cd:d4:0d:31:2f:84:0d:ce:c5:f9:86:
36:cc:7d:4f:73:39:5b:58:5f:ff:f3:ec:57:05:a9:
51:85:15:02:aa:62:36:a8:42:0c:f0:2e:77:87:b9:
6d:ff:bc:5f:da:8b:83:51:bb:8c:e6:a8:db:60:c2:
83:b6:b0:82:87:2a:8c:41:8b:21:7c:5c:25:19:1a:
01:f8:12:29:f8:4e:f6:6e:a0:6a:a9:b4:0a:83:dc:
47:ce:f2:dd:9a:b9:f3:63:3a:c3:e9:48:28:7c:74:
0e:fe:b8:30:0a:fe:f9:77:2a:2c:27:ad:ca:ff:6a:
a7:b8:1e:3a:4c:13:80:f0:36:8b:2b:ee:32:5a:69:
bd:af:30:bd:48:d6:91:67:4e:0c:22:8b:9b:db:a8:
b9:b2:79:3b:44:ef:59:77:40:57:0b:33:41:23:69:
28:ce:bc:ea:53:d3:ca:44:1f:a3:8c:51:b1:e3:e2:
66:af:26:d3:51:8c:d5:45:6c:47:b9:64:e8:4b:37:
24:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:02:65:59:F0:F9:38:3D:D2:89:CF:64:36:02:05:0F:EE:F9:AA:B8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/FwJlWfD5OD3Sic9kNgIFD-75qrg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:c9:75:83:02:33:4d:43:41:2e:f5:c5:ed:0a:f6:72:4e:84:
3a:10:70:4f:16:0e:36:99:10:4e:63:82:ed:5e:e9:23:90:be:
3a:d9:84:94:12:9c:74:01:73:eb:11:ae:7d:0b:d1:24:d1:58:
82:04:b3:aa:2d:3c:8e:d4:05:42:81:56:2d:15:bb:36:1f:e6:
dd:32:5c:d9:01:e0:d9:77:75:c0:1a:58:14:36:8a:ad:0b:0f:
5f:2e:82:3a:5c:70:4e:eb:b2:d6:ec:23:cc:37:ea:35:eb:67:
46:d4:1c:5f:b5:7c:fa:20:0c:da:50:fc:af:40:54:d8:30:b6:
61:26:d1:a6:16:02:58:4d:a1:a5:02:79:28:58:c0:48:0c:8c:
64:37:d7:36:9d:af:39:7f:ea:d4:eb:f5:f0:83:80:55:2d:aa:
ec:05:fb:69:c3:23:30:13:7b:d9:68:09:26:e6:28:fd:3d:b9:
03:95:0e:2d:e0:4b:49:46:ae:5d:6b:af:5e:12:02:53:25:41:
7c:4a:ac:59:53:6a:40:97:dd:84:ea:d1:69:b1:c2:24:fd:f8:
15:34:5b:7c:b9:a6:3d:55:e9:30:3e:ca:26:c2:0e:74:ae:23:
4f:4e:df:67:a7:18:9b:9b:56:d9:9a:ff:08:39:c2:90:c4:6d:
0f:61:1b:4f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGiIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjkx
NTU0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3MDI2NTU5RjBGOTM4
M0REMjg5Q0Y2NDM2MDIwNTBGRUVGOUFBQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk1oIJDsZ8NdFEXtVVtwV1GW8iv8VU+B6TrzyNbu92Uj5qf92+
pjNzxnlpcaMNIHhFeCW9ZzfWmWJqYfkuKiTN1A0xL4QNzsX5hjbMfU9zOVtYX//z
7FcFqVGFFQKqYjaoQgzwLneHuW3/vF/ai4NRu4zmqNtgwoO2sIKHKoxBiyF8XCUZ
GgH4Ein4TvZuoGqptAqD3EfO8t2aufNjOsPpSCh8dA7+uDAK/vl3Kiwnrcr/aqe4
HjpME4DwNosr7jJaab2vML1I1pFnTgwii5vbqLmyeTtE71l3QFcLM0EjaSjOvOpT
08pEH6OMUbHj4mavJtNRjNVFbEe5ZOhLNyQHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFwJlWfD5OD3Sic9kNgIFD+75qrgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0Z3SmxXZkQ1T0QzU2lj
OWtOZ0lGRC03NXFyZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEATMl1gwIzTUNBLvXF7Qr2ck6EOhBwTxYO
NpkQTmOC7V7pI5C+OtmElBKcdAFz6xGufQvRJNFYggSzqi08jtQFQoFWLRW7Nh/m
3TJc2QHg2Xd1wBpYFDaKrQsPXy6COlxwTuuy1uwjzDfqNetnRtQcX7V8+iAM2lD8
r0BU2DC2YSbRphYCWE2hpQJ5KFjASAyMZDfXNp2vOX/q1Ov18IOAVS2q7AX7acMj
MBN72WgJJuYo/T25A5UOLeBLSUauXWuvXhICUyVBfEqsWVNqQJfdhOrRabHCJP34
FTRbfLmmPVXpMD7KJsIOdK4jT07fZ6cYm5tW2Zr/CDnCkMRtD2EbTw==
-----END CERTIFICATE-----
Generated at Mon Apr 29 22:52:33 2024 by rpki-client on console.sobornost.net