Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/O5RaQ0_7ZhKVjOeCrSxjcMHsbe0.roa
File: O5RaQ0_7ZhKVjOeCrSxjcMHsbe0.roa (raw, json)
Hash identifier: hCHs+I1dawTkn31C+okGwBat3s1V/C/eggPHSARqNgM=
Subject key identifier: 3B:94:5A:43:4F:FB:66:12:95:8C:E7:82:AD:2C:63:70:C1:EC:6D:ED
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 18CA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/O5RaQ0_7ZhKVjOeCrSxjcMHsbe0.roa
Signing time: Fri 26 Apr 2024 01:53:47 +0000
ROA not before: Fri 26 Apr 2024 01:53:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6346 (0x18ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 26 01:53:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3B945A434FFB6612958CE782AD2C6370C1EC6DED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:aa:81:dc:c6:53:95:4c:ca:43:a1:39:2c:23:
f5:8d:4a:81:e8:63:84:0c:10:0b:bd:96:91:d9:bd:
86:7b:2f:bc:cd:aa:72:f1:36:c7:93:41:2a:f6:0d:
35:e8:0a:aa:38:68:4c:45:a1:ec:37:20:a3:7a:9c:
1e:e5:d5:7d:da:d3:a5:8e:58:18:c7:ff:1b:4c:8f:
a7:c7:2a:06:22:6e:fa:e3:e9:24:7b:6d:24:45:49:
88:83:33:21:70:99:4c:45:47:9e:6f:78:3e:cf:de:
85:9d:c4:88:55:86:b6:64:a7:46:68:af:58:a6:ed:
8d:ee:89:b4:af:26:94:60:c8:3d:25:e1:ff:95:07:
ed:f2:8a:ff:3b:5a:38:ca:c8:cf:5a:6c:f8:d5:bc:
25:47:d5:4e:31:72:a5:c7:d6:5e:d7:97:ba:0e:9d:
a5:aa:5c:20:1a:5f:c3:8f:f0:bc:93:2f:43:19:73:
f2:76:ff:01:45:da:c0:bf:51:49:73:47:c6:ce:19:
a7:ae:ef:53:d0:91:ee:be:4e:93:e1:1a:20:40:33:
74:8f:67:a3:24:0c:8a:35:5c:56:a4:d3:2f:99:f9:
73:2c:01:fa:64:93:d5:71:da:33:1b:bf:10:00:c5:
a7:da:06:a3:b8:55:6c:0f:86:0b:5d:3e:4e:bc:61:
63:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:94:5A:43:4F:FB:66:12:95:8C:E7:82:AD:2C:63:70:C1:EC:6D:ED
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/O5RaQ0_7ZhKVjOeCrSxjcMHsbe0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:f0:8e:81:6e:8f:65:97:50:8e:82:81:31:c2:a9:be:a2:bd:
04:6b:36:8a:03:b7:91:c9:72:70:fe:da:af:41:96:74:ce:62:
75:79:69:a5:a5:e0:5a:b6:05:b1:d5:e1:63:55:b9:1a:2a:e7:
e9:f4:af:3d:f3:00:15:84:75:a0:c5:8d:94:6e:17:34:4e:30:
dc:38:10:ff:b0:37:25:53:b6:c4:db:b9:40:fd:d2:af:86:ee:
c4:44:f6:a6:3a:e2:25:83:7c:87:ce:0c:fe:1a:37:df:23:5e:
7a:cb:f5:56:9f:7a:a2:d9:37:f9:ee:1a:00:65:d5:18:c6:b4:
85:a5:9f:eb:15:09:a5:4c:af:e9:a6:83:7a:32:f9:4c:b8:ef:
4b:3b:8e:ae:36:82:e6:d6:db:e9:ee:7a:4b:f3:a6:3a:11:05:
8c:f3:97:d9:58:60:ce:82:92:d7:65:cb:cd:f8:cd:20:8a:41:
6e:94:61:96:ba:64:0b:e6:62:40:8c:20:1d:a0:5a:f0:f0:ea:
a2:0b:fe:b1:2d:b9:41:0a:95:ad:aa:3c:82:76:02:8d:61:12:
d0:e4:ad:25:15:f1:c4:db:b8:68:d7:01:a7:6e:a2:92:f6:8b:
18:cd:0d:80:75:7f:e3:47:3b:f2:ca:1b:95:29:93:e1:cf:3b:
6a:47:e8:92
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjYw
MTUzNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCOTQ1QTQzNEZGQjY2
MTI5NThDRTc4MkFEMkM2MzcwQzFFQzZERUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCqoHcxlOVTMpDoTksI/WNSoHoY4QMEAu9lpHZvYZ7L7zNqnLx
NseTQSr2DTXoCqo4aExFoew3IKN6nB7l1X3a06WOWBjH/xtMj6fHKgYibvrj6SR7
bSRFSYiDMyFwmUxFR55veD7P3oWdxIhVhrZkp0Zor1im7Y3uibSvJpRgyD0l4f+V
B+3yiv87WjjKyM9abPjVvCVH1U4xcqXH1l7Xl7oOnaWqXCAaX8OP8LyTL0MZc/J2
/wFF2sC/UUlzR8bOGaeu71PQke6+TpPhGiBAM3SPZ6MkDIo1XFak0y+Z+XMsAfpk
k9Vx2jMbvxAAxafaBqO4VWwPhgtdPk68YWPRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUO5RaQ0/7ZhKVjOeCrSxjcMHsbe0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL081UmFRMF83WmhLVmpP
ZUNyU3hqY01Ic2JlMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAuPCOgW6PZZdQjoKBMcKpvqK9BGs2igO3
kclycP7ar0GWdM5idXlppaXgWrYFsdXhY1W5Girn6fSvPfMAFYR1oMWNlG4XNE4w
3DgQ/7A3JVO2xNu5QP3Sr4buxET2pjriJYN8h84M/ho33yNeesv1Vp96otk3+e4a
AGXVGMa0haWf6xUJpUyv6aaDejL5TLjvSzuOrjaC5tbb6e56S/OmOhEFjPOX2Vhg
zoKS12XLzfjNIIpBbpRhlrpkC+ZiQIwgHaBa8PDqogv+sS25QQqVrao8gnYCjWES
0OStJRXxxNu4aNcBp26ikvaLGM0NgHV/40c78soblSmT4c87akfokg==
-----END CERTIFICATE-----
Generated at Fri Apr 26 07:41:44 2024 by rpki-client on console.sobornost.net