Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/wsku8LWmabXqJHZpDnm7cBZeWs0.roa
File: wsku8LWmabXqJHZpDnm7cBZeWs0.roa (raw, json)
Hash identifier: lxHMmsic91LBnHk4bNlU+lMriAu7/dPamhyqqhHaW6k=
Subject key identifier: C2:C9:2E:F0:B5:A6:69:B5:EA:24:76:69:0E:79:BB:70:16:5E:5A:CD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 185E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wsku8LWmabXqJHZpDnm7cBZeWs0.roa
Signing time: Wed 24 Apr 2024 22:53:42 +0000
ROA not before: Wed 24 Apr 2024 22:53:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6238 (0x185e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 22:53:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C2C92EF0B5A669B5EA2476690E79BB70165E5ACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:cb:5b:7b:d7:83:c6:03:ac:85:c4:b7:f4:bc:
0a:40:84:32:35:8d:69:fd:68:93:06:e5:65:09:04:
63:3d:59:b6:f3:03:fd:29:65:48:a8:4a:08:ef:b5:
e9:a5:79:b1:c9:5f:7a:42:b3:86:1a:ea:f2:44:b3:
ca:05:ef:8c:5f:5d:58:c5:de:a9:55:60:d2:6b:37:
5c:e0:e4:a7:1d:d7:33:ef:65:5a:d0:fb:f1:3d:f9:
98:3e:81:54:b6:d5:35:35:d1:79:14:cc:3b:17:58:
61:f1:ee:ce:96:31:ca:10:6c:58:87:b6:ad:de:39:
d7:a1:4e:a3:07:56:2a:4a:1f:43:74:d1:ba:20:8f:
a0:62:06:4d:94:7f:01:41:bb:97:76:a1:80:93:e6:
d6:f8:29:40:4a:fb:85:7f:3c:bb:1e:1a:ac:5a:50:
5b:9c:7e:a0:e1:d4:3b:48:0a:88:81:50:96:a1:18:
40:ae:3e:af:35:49:30:95:0d:1a:32:4f:11:ee:75:
ba:01:44:82:06:87:84:36:0d:16:1e:0a:0e:69:92:
3f:11:66:d3:6c:5d:87:02:32:f9:d6:7a:5b:fe:f5:
01:5d:eb:74:54:be:27:9d:38:60:9c:b0:8a:de:d0:
83:c1:ba:b4:99:32:5b:95:94:a6:ac:ad:15:f9:91:
d0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C9:2E:F0:B5:A6:69:B5:EA:24:76:69:0E:79:BB:70:16:5E:5A:CD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/wsku8LWmabXqJHZpDnm7cBZeWs0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:be:53:02:24:fa:f2:9c:76:59:b0:98:24:70:c6:91:fa:3c:
20:58:fe:89:19:c4:e1:ad:2f:ca:85:8e:af:96:74:b6:2b:6d:
0e:fb:84:ff:dc:ca:18:d1:a9:96:06:17:e5:08:91:5f:aa:29:
15:11:d5:9d:d0:5e:92:b7:ca:3a:43:cb:b6:c7:d2:9d:a7:30:
f0:78:f8:a3:88:75:61:c8:a8:c4:dc:64:99:02:46:86:f0:1b:
c1:24:af:90:d7:62:e5:11:d5:ee:19:07:ae:4b:df:45:72:89:
ad:7a:a3:67:f7:01:04:01:a7:20:a5:a0:c8:1c:1b:5e:4d:c6:
d2:c9:8e:8f:c3:72:0b:43:47:90:81:81:e1:47:95:77:21:9e:
b9:5a:26:d1:28:b5:97:6b:1d:cf:84:61:7f:ba:58:37:ab:d4:
14:79:01:17:7f:44:c6:88:ca:71:f1:72:c1:d8:0a:24:54:a7:
5d:34:80:66:9f:74:15:4e:32:43:16:ad:cf:84:41:c7:e6:b9:
b5:f9:5f:2e:b8:c2:7e:57:4a:9f:db:18:0b:1f:5e:db:87:42:
c1:46:90:cb:e8:15:3b:5b:94:89:cd:28:5e:a0:95:1e:d4:07:
bc:c6:af:f8:72:c5:5d:18:7c:75:e4:bf:fd:d4:a9:46:7f:8e:
e7:c0:ac:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQy
MjUzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyQzkyRUYwQjVBNjY5
QjVFQTI0NzY2OTBFNzlCQjcwMTY1RTVBQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsy1t714PGA6yFxLf0vApAhDI1jWn9aJMG5WUJBGM9WbbzA/0p
ZUioSgjvtemlebHJX3pCs4Ya6vJEs8oF74xfXVjF3qlVYNJrN1zg5Kcd1zPvZVrQ
+/E9+Zg+gVS21TU10XkUzDsXWGHx7s6WMcoQbFiHtq3eOdehTqMHVipKH0N00bog
j6BiBk2UfwFBu5d2oYCT5tb4KUBK+4V/PLseGqxaUFucfqDh1DtICoiBUJahGECu
Pq81STCVDRoyTxHudboBRIIGh4Q2DRYeCg5pkj8RZtNsXYcCMvnWelv+9QFd63RU
viedOGCcsIre0IPBurSZMluVlKasrRX5kdB3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwsku8LWmabXqJHZpDnm7cBZeWs0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3dza3U4TFdtYWJYcUpI
WnBEbm03Y0JaZVdzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAp75TAiT68px2WbCYJHDGkfo8IFj+iRnE
4a0vyoWOr5Z0tittDvuE/9zKGNGplgYX5QiRX6opFRHVndBekrfKOkPLtsfSnacw
8Hj4o4h1YcioxNxkmQJGhvAbwSSvkNdi5RHV7hkHrkvfRXKJrXqjZ/cBBAGnIKWg
yBwbXk3G0smOj8NyC0NHkIGB4UeVdyGeuVom0Si1l2sdz4Rhf7pYN6vUFHkBF39E
xojKcfFywdgKJFSnXTSAZp90FU4yQxatz4RBx+a5tflfLrjCfldKn9sYCx9e24dC
wUaQy+gVO1uUic0oXqCVHtQHvMav+HLFXRh8deS//dSpRn+O58Csxg==
-----END CERTIFICATE-----
Generated at Fri Apr 26 03:43:41 2024 by rpki-client on console.sobornost.net