Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/WHaPoHRCTyaAP2bVrzxBCyIsvqM.roa
File: WHaPoHRCTyaAP2bVrzxBCyIsvqM.roa (raw, json)
Hash identifier: 3p/62rtvq0qtMEDYDc4zQApjPRhwUEGFZbAMoFlGVK4=
Subject key identifier: 58:76:8F:A0:74:42:4F:26:80:3F:66:D5:AF:3C:41:0B:22:2C:BE:A3
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A76
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/WHaPoHRCTyaAP2bVrzxBCyIsvqM.roa
Signing time: Tue 30 Apr 2024 12:53:59 +0000
ROA not before: Tue 30 Apr 2024 12:53:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6774 (0x1a76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 12:53:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=58768FA074424F26803F66D5AF3C410B222CBEA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c8:34:55:5f:e3:a3:16:05:28:e4:54:10:21:
01:21:b0:05:c3:09:e1:21:2b:54:62:b9:4d:d5:e9:
1f:c0:a8:18:5a:84:1e:f6:4e:c1:9d:d7:c8:fb:1f:
70:24:3f:c1:94:06:a8:01:74:91:bc:27:3b:ff:be:
0f:01:13:f6:5a:7f:64:da:96:c7:56:45:7c:cf:fa:
7a:5e:05:63:7b:e1:6c:52:14:3c:7f:fc:c8:8a:ac:
9c:53:57:8c:eb:f3:2a:ff:31:17:d8:a3:ec:ad:7a:
5c:3e:16:fc:7f:ff:c3:18:89:83:e1:8b:a9:8c:52:
6e:e6:af:e6:92:16:c2:13:b1:1d:3a:d2:dd:2c:a4:
67:19:38:b2:4b:18:f7:60:ff:1e:ae:dc:2f:b1:6a:
26:02:08:ae:1f:45:a7:e7:03:0d:0c:21:65:23:37:
6d:ff:31:1e:d8:2b:b1:81:ff:43:9b:b3:c9:bf:6b:
6a:ac:94:27:82:56:2a:d4:ef:f2:e3:05:cf:99:9a:
da:a1:a4:e3:b0:d6:7a:39:f4:96:30:0a:ed:ab:fb:
8f:65:85:d7:49:17:0f:bb:d8:46:35:41:16:4f:c6:
6a:d8:f4:99:93:95:f2:05:0d:25:e7:f3:ba:90:ed:
74:c2:3e:25:49:5f:2b:57:dc:e2:3e:73:08:ba:d7:
0e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:76:8F:A0:74:42:4F:26:80:3F:66:D5:AF:3C:41:0B:22:2C:BE:A3
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/WHaPoHRCTyaAP2bVrzxBCyIsvqM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:05:17:e3:b9:3e:e4:f3:18:49:f0:1a:04:41:15:81:c6:37:
0b:b6:53:9a:c9:1f:72:81:64:35:22:29:5a:90:6a:5b:91:ab:
fb:47:17:73:9e:0b:a1:2e:fa:ac:f4:03:87:75:5f:c4:1d:c9:
20:28:9c:ad:8d:34:fb:14:03:c2:35:44:c8:72:54:bf:ef:ea:
9f:38:36:da:f2:3e:91:60:72:1c:2a:de:ab:b5:a4:9e:27:ef:
ce:7d:2b:af:9d:c0:67:05:3f:91:05:19:58:c3:f7:db:53:41:
a7:ca:90:89:ca:ce:09:43:f0:c5:d8:df:00:fb:5d:e6:ba:99:
d0:6f:b4:d6:f6:af:66:82:b5:45:ff:02:a8:31:b3:84:9c:78:
99:2f:09:76:cc:ed:24:2c:b2:de:cc:92:c3:77:8a:94:08:eb:
08:32:57:c1:d5:4d:db:6a:58:c7:22:f2:b7:31:60:c4:d0:51:
ed:77:2c:2a:b3:d4:ac:7b:eb:4e:65:16:db:31:fa:ef:9b:c0:
4c:da:ff:ed:d8:a3:35:6c:6a:00:ad:a6:cb:13:b8:67:13:8d:
a8:83:5d:f0:77:9b:08:f2:8b:2c:9a:38:1c:9a:1d:79:eb:4b:
ce:d8:38:4c:f8:75:20:1a:24:e1:4f:2d:81:52:23:c7:2e:4c:
73:4d:e5:49
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAx
MjUzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4NzY4RkEwNzQ0MjRG
MjY4MDNGNjZENUFGM0M0MTBCMjIyQ0JFQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUyDRVX+OjFgUo5FQQIQEhsAXDCeEhK1RiuU3V6R/AqBhahB72
TsGd18j7H3AkP8GUBqgBdJG8Jzv/vg8BE/Zaf2TalsdWRXzP+npeBWN74WxSFDx/
/MiKrJxTV4zr8yr/MRfYo+ytelw+Fvx//8MYiYPhi6mMUm7mr+aSFsITsR060t0s
pGcZOLJLGPdg/x6u3C+xaiYCCK4fRafnAw0MIWUjN23/MR7YK7GB/0Obs8m/a2qs
lCeCVirU7/LjBc+ZmtqhpOOw1no59JYwCu2r+49lhddJFw+72EY1QRZPxmrY9JmT
lfIFDSXn87qQ7XTCPiVJXytX3OI+cwi61w6tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUWHaPoHRCTyaAP2bVrzxBCyIsvqMwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1dIYVBvSFJDVHlhQVAy
YlZyenhCQ3lJc3ZxTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAlAUX47k+5PMYSfAaBEEVgcY3C7ZTmskf
coFkNSIpWpBqW5Gr+0cXc54LoS76rPQDh3VfxB3JICicrY00+xQDwjVEyHJUv+/q
nzg22vI+kWByHCreq7Wknifvzn0rr53AZwU/kQUZWMP321NBp8qQicrOCUPwxdjf
APtd5rqZ0G+01vavZoK1Rf8CqDGzhJx4mS8JdsztJCyy3sySw3eKlAjrCDJXwdVN
22pYxyLytzFgxNBR7XcsKrPUrHvrTmUW2zH675vATNr/7dijNWxqAK2myxO4ZxON
qINd8HebCPKLLJo4HJodeetLztg4TPh1IBok4U8tgVIjxy5Mc03lSQ==
-----END CERTIFICATE-----
Generated at Tue Apr 30 16:38:54 2024 by rpki-client on console.sobornost.net