Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/lUSTcHaspOAS6V4DKQljekGwALU.roa
File: lUSTcHaspOAS6V4DKQljekGwALU.roa (raw, json)
Hash identifier: 79Wrw3QsXB8152szAr/BYP0Rci0ShwGQdophQp46vfE=
Subject key identifier: 95:44:93:70:76:AC:A4:E0:12:E9:5E:03:29:09:63:7A:41:B0:00:B5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1204
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/lUSTcHaspOAS6V4DKQljekGwALU.roa
Signing time: Mon 08 Apr 2024 00:23:45 +0000
ROA not before: Mon 08 Apr 2024 00:23:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4612 (0x1204)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 00:23:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9544937076ACA4E012E95E032909637A41B000B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f7:74:97:92:de:29:2b:49:b7:b2:42:78:3b:
a9:b6:29:b4:d9:f1:ff:07:37:1a:5d:5e:02:5a:b6:
d9:45:ca:49:fb:4b:60:0e:ec:f6:36:ba:f3:7c:c8:
19:43:b1:01:29:91:49:c0:70:5f:a1:46:ef:1b:0f:
61:bc:40:28:88:e2:ba:f1:12:29:12:ad:d0:32:14:
fc:e8:cb:2c:60:d8:11:7a:ec:4c:70:54:54:b7:51:
6d:59:e6:22:9f:f7:d7:4c:f6:6b:ec:dc:b2:94:0a:
81:4c:27:00:61:77:2e:72:17:09:88:f1:5f:41:a9:
12:80:2c:38:33:cc:ae:e7:63:3d:35:82:d7:32:b5:
05:9e:d5:bc:93:15:b6:25:48:30:81:c7:06:b7:41:
5f:91:f3:63:9e:44:a5:97:67:40:2d:49:aa:79:5b:
38:64:a7:fb:d5:9c:0d:ed:9c:66:a5:66:15:41:1a:
83:d6:c3:0e:d6:34:4d:b9:f0:1b:39:dc:b4:9f:d4:
1a:8c:e2:b1:5d:64:73:22:e7:3e:1a:de:34:d1:63:
5a:64:7c:f1:27:92:ab:b2:48:16:71:ec:74:d4:bb:
6c:6e:6d:f9:6b:aa:dd:e0:59:77:b3:b4:e6:d9:e4:
ff:bd:3e:f1:97:ae:46:61:fc:73:f2:bc:88:5a:4f:
58:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:44:93:70:76:AC:A4:E0:12:E9:5E:03:29:09:63:7A:41:B0:00:B5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/lUSTcHaspOAS6V4DKQljekGwALU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
be:62:8b:46:19:fe:31:50:ae:d4:a9:2a:4a:ae:47:05:e9:1a:
cd:e8:01:06:25:8a:ef:0f:c7:e8:d5:c8:a6:86:e0:fe:8a:6b:
fc:4d:3f:1e:12:b1:40:84:83:6c:16:c5:da:54:cc:b6:32:6d:
30:7e:0d:b9:ae:a9:87:83:74:1e:72:3f:a1:8f:e8:21:b5:77:
0f:73:89:20:7f:5a:50:4f:e8:4a:d4:d2:88:5f:b5:6f:43:80:
d1:da:40:ec:bc:b6:0d:2e:e3:6a:10:b3:46:7f:50:a5:08:9b:
52:0a:70:51:c0:a6:43:df:ab:bb:07:6b:a9:25:48:f4:53:26:
e0:67:64:ea:bc:13:20:01:9e:71:1a:0a:dd:c7:be:fe:a3:bf:
23:44:6f:2e:8b:12:e1:b6:63:c3:08:2d:c7:63:70:6e:3a:b5:
74:b2:e6:96:c6:65:b0:8f:f2:39:be:03:c4:93:79:c1:f1:e7:
a4:d8:88:d9:fe:2c:de:c8:f1:ee:63:ad:ad:db:1a:45:cb:53:
51:83:29:fb:d1:76:b8:39:36:ee:20:e2:c3:15:4a:15:a1:d2:
d2:ef:7c:c0:b4:40:3d:30:5a:04:0e:5d:a6:63:8e:f2:a9:73:
e3:4c:74:a8:99:17:f0:d2:ee:5b:ab:70:8f:74:a9:42:ae:03:
7b:36:16:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEgQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgw
MDIzNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1NDQ5MzcwNzZBQ0E0
RTAxMkU5NUUwMzI5MDk2MzdBNDFCMDAwQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ93SXkt4pK0m3skJ4O6m2KbTZ8f8HNxpdXgJattlFykn7S2AO
7PY2uvN8yBlDsQEpkUnAcF+hRu8bD2G8QCiI4rrxEikSrdAyFPzoyyxg2BF67Exw
VFS3UW1Z5iKf99dM9mvs3LKUCoFMJwBhdy5yFwmI8V9BqRKALDgzzK7nYz01gtcy
tQWe1byTFbYlSDCBxwa3QV+R82OeRKWXZ0AtSap5Wzhkp/vVnA3tnGalZhVBGoPW
ww7WNE258Bs53LSf1BqM4rFdZHMi5z4a3jTRY1pkfPEnkquySBZx7HTUu2xubflr
qt3gWXeztObZ5P+9PvGXrkZh/HPyvIhaT1jTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUlUSTcHaspOAS6V4DKQljekGwALUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2xVU1RjSGFzcE9BUzZW
NERLUWxqZWtHd0FMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAvmKLRhn+MVCu1KkqSq5HBekazegBBiWK
7w/H6NXIpobg/opr/E0/HhKxQISDbBbF2lTMtjJtMH4Nua6ph4N0HnI/oY/oIbV3
D3OJIH9aUE/oStTSiF+1b0OA0dpA7Ly2DS7jahCzRn9QpQibUgpwUcCmQ9+ruwdr
qSVI9FMm4Gdk6rwTIAGecRoK3ce+/qO/I0RvLosS4bZjwwgtx2Nwbjq1dLLmlsZl
sI/yOb4DxJN5wfHnpNiI2f4s3sjx7mOtrdsaRctTUYMp+9F2uDk27iDiwxVKFaHS
0u98wLRAPTBaBA5dpmOO8qlz40x0qJkX8NLuW6twj3SpQq4DezYWpQ==
-----END CERTIFICATE-----
Generated at Mon Apr 8 01:58:01 2024 by rpki-client on console-fra.rpki-client.org