Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/WFM5FLgqlLW3fZlS5oZEmYmHDF8.roa
File: WFM5FLgqlLW3fZlS5oZEmYmHDF8.roa (raw, json)
Hash identifier: nRoOYyod682GgkVot6Fp+plrzwsucI/Jz8apQ5RXDSY=
Subject key identifier: 58:53:39:14:B8:2A:94:B5:B7:7D:99:52:E6:86:44:99:89:87:0C:5F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 18F0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/WFM5FLgqlLW3fZlS5oZEmYmHDF8.roa
Signing time: Fri 26 Apr 2024 11:23:47 +0000
ROA not before: Fri 26 Apr 2024 11:23:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6384 (0x18f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 26 11:23:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=58533914B82A94B5B77D9952E686449989870C5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1e:d1:9d:14:7e:da:92:91:39:ff:7f:f7:ea:
55:c3:88:2a:4b:6c:a6:f2:85:90:16:f2:e4:d1:d3:
b0:e9:c7:54:74:bc:ad:0f:8f:db:25:38:cd:cd:7a:
7d:6a:83:81:e3:ec:2e:48:44:b6:fc:19:56:e9:0c:
df:f0:97:9c:b4:ee:5c:a3:7a:d4:b2:3f:3d:a6:f7:
b5:fe:7f:9b:92:63:35:3d:50:b4:8e:53:48:d6:4f:
f2:8a:d6:db:3c:bf:26:38:85:fe:c7:de:d5:ca:63:
60:7e:b3:3f:f9:29:07:d6:eb:3f:f4:f3:ab:c6:d0:
f6:7f:61:9c:58:ab:09:56:e2:7c:44:39:07:56:36:
66:c6:69:c2:a5:95:bf:d2:88:8c:88:40:b6:1f:0d:
9f:44:a9:a6:2a:b6:4c:f2:78:b6:d4:0e:88:89:6b:
50:66:a7:56:0f:bd:46:73:7f:a8:eb:4f:21:db:6c:
ff:36:08:45:f1:15:02:13:01:10:ca:f9:23:d6:ed:
61:3a:37:02:f1:50:cf:1e:e2:cb:ae:6c:ae:d5:74:
e2:4e:ec:3a:61:db:65:f1:e2:91:b7:c6:3b:d0:0c:
50:41:d5:8b:be:71:41:d9:61:7f:f1:8b:93:8b:34:
53:c4:f7:6e:bc:ac:91:f2:49:92:d5:36:a6:5e:9a:
2d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:53:39:14:B8:2A:94:B5:B7:7D:99:52:E6:86:44:99:89:87:0C:5F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/WFM5FLgqlLW3fZlS5oZEmYmHDF8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:8d:12:9e:e5:c1:05:10:1f:2d:6b:eb:ef:85:c8:c1:1a:04:
29:34:f9:f9:90:f1:00:97:a6:f6:e8:6e:ff:db:b3:2b:32:0c:
78:d6:62:c3:5f:40:14:59:99:95:e2:a9:f9:8d:90:4f:55:c7:
a3:9b:04:bd:13:35:cf:e9:c9:b3:f5:69:50:1b:44:a7:b6:19:
a0:32:d7:2d:99:de:c3:1a:ce:2f:f9:d5:45:30:a5:d6:82:db:
47:de:89:c6:1f:82:62:66:bb:cc:c5:0e:60:a4:41:43:e9:68:
df:92:89:ae:94:9d:05:6e:30:2d:19:45:b8:36:df:c9:b9:0d:
bb:cc:14:d7:64:4a:cc:ee:4c:ef:73:94:70:9e:77:d8:ed:70:
f1:77:98:e1:a0:0c:fe:96:e0:f0:fb:31:80:cb:08:ad:b6:95:
a7:66:f9:da:5d:81:15:59:c2:be:6f:dd:ca:5e:7c:2f:87:d5:
37:32:e5:bc:b9:3b:41:d0:19:89:b9:b4:c9:9a:45:c9:6b:fa:
0e:9e:9e:92:5b:06:2d:2c:22:c5:a0:e0:1b:b0:53:40:b2:ca:
e3:32:04:0b:06:6e:ed:a0:26:df:9a:bb:ce:c9:ab:d6:6b:42:
9e:93:b7:92:05:19:48:d2:60:98:7c:6b:e0:f2:90:05:4b:0d:
c3:1a:d6:57
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjYx
MTIzNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4NTMzOTE0QjgyQTk0
QjVCNzdEOTk1MkU2ODY0NDk5ODk4NzBDNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7HtGdFH7akpE5/3/36lXDiCpLbKbyhZAW8uTR07Dpx1R0vK0P
j9slOM3Nen1qg4Hj7C5IRLb8GVbpDN/wl5y07lyjetSyPz2m97X+f5uSYzU9ULSO
U0jWT/KK1ts8vyY4hf7H3tXKY2B+sz/5KQfW6z/086vG0PZ/YZxYqwlW4nxEOQdW
NmbGacKllb/SiIyIQLYfDZ9EqaYqtkzyeLbUDoiJa1Bmp1YPvUZzf6jrTyHbbP82
CEXxFQITARDK+SPW7WE6NwLxUM8e4suubK7VdOJO7Dph22Xx4pG3xjvQDFBB1Yu+
cUHZYX/xi5OLNFPE9268rJHySZLVNqZemi3/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUWFM5FLgqlLW3fZlS5oZEmYmHDF8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1dGTTVGTGdxbExXM2Za
bFM1b1pFbVltSERGOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAfo0SnuXBBRAfLWvr74XIwRoEKTT5+ZDx
AJem9uhu/9uzKzIMeNZiw19AFFmZleKp+Y2QT1XHo5sEvRM1z+nJs/VpUBtEp7YZ
oDLXLZnewxrOL/nVRTCl1oLbR96Jxh+CYma7zMUOYKRBQ+lo35KJrpSdBW4wLRlF
uDbfybkNu8wU12RKzO5M73OUcJ532O1w8XeY4aAM/pbg8PsxgMsIrbaVp2b52l2B
FVnCvm/dyl58L4fVNzLlvLk7QdAZibm0yZpFyWv6Dp6eklsGLSwixaDgG7BTQLLK
4zIECwZu7aAm35q7zsmr1mtCnpO3kgUZSNJgmHxr4PKQBUsNwxrWVw==
-----END CERTIFICATE-----
Generated at Fri Apr 26 18:27:24 2024 by rpki-client on console.sobornost.net