Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/w8Iv-iLSdAk_Vu7x8Tkke8FBF8k.roa
File: w8Iv-iLSdAk_Vu7x8Tkke8FBF8k.roa (raw, json)
Hash identifier: tafVojR5+kpdOWmkAsddISb3zCPGhCv123Eyw//X+iU=
Subject key identifier: C3:C2:2F:FA:22:D2:74:09:3F:56:EE:F1:F1:39:24:7B:C1:41:17:C9
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0ED0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/w8Iv-iLSdAk_Vu7x8Tkke8FBF8k.roa
Signing time: Sat 30 Mar 2024 11:22:34 +0000
ROA not before: Sat 30 Mar 2024 11:22:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3792 (0xed0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 11:22:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C3C22FFA22D274093F56EEF1F139247BC14117C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b3:86:c4:e2:26:49:4b:c5:e6:57:05:ac:1c:
40:7c:8f:65:32:9e:cc:06:33:47:68:47:30:de:96:
df:b8:fa:ad:0b:49:96:38:a3:17:47:0e:89:ce:4d:
9b:cf:cb:81:2c:01:89:ac:da:b3:ea:9f:7f:f6:c9:
af:66:cb:f9:2d:bb:26:e6:3b:14:3a:71:8a:ba:a2:
55:71:15:41:1a:8b:cf:26:2c:d3:53:30:67:21:c7:
c7:11:00:dd:f4:6f:7f:b7:2c:3a:44:5f:13:c7:fb:
d3:43:0d:e9:31:88:13:aa:60:81:3d:09:41:69:a9:
5e:f5:39:32:45:50:62:84:56:9e:fb:41:45:81:14:
7f:48:d8:26:d6:a5:61:41:c4:e9:2a:1b:72:6d:b6:
8e:2f:fa:cd:67:68:83:21:84:6d:7f:54:08:af:d0:
61:79:7a:04:61:96:fd:4f:18:25:14:d9:2d:d1:a6:
3c:b5:85:1b:da:83:3d:64:f2:0c:ff:74:e3:01:99:
bf:6e:5e:31:20:02:6e:93:fb:ba:88:ac:89:93:22:
db:5d:e2:c9:4d:f4:db:fc:64:68:e6:83:e2:7a:e9:
28:5e:e3:cc:9f:32:fa:fd:f3:69:76:4d:3f:e7:e4:
d9:58:53:95:23:8d:b5:b9:5c:38:6c:15:8e:63:6c:
84:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C2:2F:FA:22:D2:74:09:3F:56:EE:F1:F1:39:24:7B:C1:41:17:C9
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/w8Iv-iLSdAk_Vu7x8Tkke8FBF8k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:62:ff:2d:74:6a:76:9c:6e:49:90:4a:cd:82:98:98:ab:b9:
70:36:0d:52:11:be:60:80:ff:f8:5e:ed:c8:8b:e5:a1:f4:5d:
1a:ed:ae:c7:36:a1:66:a6:80:a4:29:61:1a:d2:13:2d:ca:d5:
77:c9:57:de:f3:e1:c2:87:f8:be:11:3d:e9:54:7b:7e:b8:f8:
30:d8:24:af:ac:f1:09:d2:91:2f:82:e6:1c:58:ed:84:9c:3e:
a3:08:2a:9d:a0:01:c7:04:3a:8c:98:fc:c9:05:74:75:54:ad:
c2:94:8d:a2:ad:29:e0:23:a7:88:8e:a4:bf:44:ea:ed:a0:9b:
29:d4:be:d3:af:8e:8f:dd:67:ae:8f:09:40:b7:80:60:3d:45:
6e:5a:34:b6:20:a5:66:d1:1c:28:0b:d3:4d:a4:ba:7f:67:94:
14:4e:d5:53:32:83:dd:25:27:77:2e:da:b0:d1:7a:bf:e7:17:
2b:7a:9b:8e:ed:cc:cc:9e:ce:49:bc:4a:a9:80:2e:37:3e:5b:
83:0b:0e:f3:02:7a:fa:5c:e5:be:79:9a:c3:ca:c0:80:20:db:
e9:7a:df:0f:53:2a:f6:1d:00:ac:18:21:f5:67:d1:cf:cc:84:
a0:6b:e1:dc:b1:ed:ea:68:3d:6a:19:36:0b:13:52:68:11:c2:
aa:dc:56:b5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDtAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAx
MTIyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMzQzIyRkZBMjJEMjc0
MDkzRjU2RUVGMUYxMzkyNDdCQzE0MTE3QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIs4bE4iZJS8XmVwWsHEB8j2UynswGM0doRzDelt+4+q0LSZY4
oxdHDonOTZvPy4EsAYms2rPqn3/2ya9my/ktuybmOxQ6cYq6olVxFUEai88mLNNT
MGchx8cRAN30b3+3LDpEXxPH+9NDDekxiBOqYIE9CUFpqV71OTJFUGKEVp77QUWB
FH9I2CbWpWFBxOkqG3Jtto4v+s1naIMhhG1/VAiv0GF5egRhlv1PGCUU2S3Rpjy1
hRvagz1k8gz/dOMBmb9uXjEgAm6T+7qIrImTIttd4slN9Nv8ZGjmg+J66She48yf
Mvr982l2TT/n5NlYU5UjjbW5XDhsFY5jbISZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUw8Iv+iLSdAk/Vu7x8Tkke8FBF8kwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3c4SXYtaUxTZEFrX1Z1
N3g4VGtrZThGQkY4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEACGL/LXRqdpxuSZBKzYKYmKu5cDYNUhG+
YID/+F7tyIvlofRdGu2uxzahZqaApClhGtITLcrVd8lX3vPhwof4vhE96VR7frj4
MNgkr6zxCdKRL4LmHFjthJw+owgqnaABxwQ6jJj8yQV0dVStwpSNoq0p4COniI6k
v0Tq7aCbKdS+06+Oj91nro8JQLeAYD1Fblo0tiClZtEcKAvTTaS6f2eUFE7VUzKD
3SUndy7asNF6v+cXK3qbju3MzJ7OSbxKqYAuNz5bgwsO8wJ6+lzlvnmaw8rAgCDb
6XrfD1Mq9h0ArBgh9WfRz8yEoGvh3LHt6mg9ahk2CxNSaBHCqtxWtQ==
-----END CERTIFICATE-----
Generated at Sat Mar 30 16:32:16 2024 by rpki-client on console.sobornost.net