Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/JYr8b1EB4g5SDb_gjpoBrXuNfrU.roa
File: JYr8b1EB4g5SDb_gjpoBrXuNfrU.roa (raw, json)
Hash identifier: XgmGQlfD9YOLgnGpBMu4ug4rEWrix9FwKJQnXw5LHjk=
Subject key identifier: 25:8A:FC:6F:51:01:E2:0E:52:0D:BF:E0:8E:9A:01:AD:7B:8D:7E:B5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B36
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JYr8b1EB4g5SDb_gjpoBrXuNfrU.roa
Signing time: Thu 02 May 2024 12:54:06 +0000
ROA not before: Thu 02 May 2024 12:54:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6966 (0x1b36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 2 12:54:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=258AFC6F5101E20E520DBFE08E9A01AD7B8D7EB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9b:0c:d4:01:c9:1f:fb:56:e7:d8:14:df:b7:
d6:81:9b:33:f5:94:4d:db:c3:c5:e5:3e:73:20:3d:
57:6d:ed:ec:ca:75:d6:8b:0c:fe:83:fc:7d:fa:21:
12:fa:1c:d3:3a:93:13:b6:56:51:0a:a9:09:86:ee:
3d:52:ca:d5:4f:e4:b3:4f:f0:22:d5:3c:17:43:d9:
c3:d2:c0:fd:47:59:23:77:63:e3:19:b1:7f:31:fd:
f2:81:78:94:bf:b4:ba:da:4c:63:b5:e1:51:1b:14:
d5:73:d6:e3:6e:d8:d7:5a:29:1e:79:7e:dc:80:7b:
e9:56:5e:86:0f:17:f5:f3:e4:52:f4:9e:fc:94:34:
90:22:c0:37:e7:f5:27:7e:b8:38:91:c9:be:06:57:
45:38:26:32:61:db:83:ea:fc:21:44:bb:35:58:58:
d0:e8:b6:c0:63:95:1a:75:51:32:cf:58:67:c2:4e:
7f:14:cb:42:bd:ef:09:5f:f1:3e:f7:d4:c4:8c:26:
f4:fa:88:f3:74:61:db:37:cf:48:cc:f3:9d:48:ff:
cc:0e:dd:02:7f:73:94:c6:a4:2a:bc:b5:22:31:d1:
26:83:47:da:73:71:67:19:bf:2b:65:af:34:0f:2f:
c0:64:df:31:bc:5a:07:4a:b2:c4:b8:21:0f:4b:80:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:8A:FC:6F:51:01:E2:0E:52:0D:BF:E0:8E:9A:01:AD:7B:8D:7E:B5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JYr8b1EB4g5SDb_gjpoBrXuNfrU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:9a:38:4b:99:ff:40:1c:f0:a8:4c:3a:d6:2d:52:b5:1d:77:
e3:cc:28:6c:96:ae:cf:4f:90:a1:fd:e7:88:85:f6:11:cf:75:
f7:12:c4:a1:2a:01:f8:b5:69:1f:3a:5a:5c:bc:4f:18:5e:19:
f8:71:de:04:43:8a:d5:53:b2:65:14:4d:cc:19:b0:e8:b8:2d:
91:ec:2d:d0:50:b6:2b:ab:3e:b9:ed:17:d3:d4:16:4e:fa:0c:
d9:59:af:98:72:ab:95:13:90:47:b1:60:35:cf:97:d9:d7:07:
aa:6c:47:d6:e3:32:b5:f9:ab:a6:5c:77:6b:f1:62:c6:43:6b:
bd:53:b1:8b:86:ff:0e:f4:f7:e6:34:90:88:02:4b:03:e0:2f:
c6:07:06:9e:b4:fb:51:3d:38:28:50:03:49:7e:2e:39:dc:5b:
93:af:3c:13:31:0d:43:d8:11:28:55:34:ba:73:5d:84:d7:d6:
ff:20:2f:45:94:36:ba:62:85:22:fd:30:52:37:c9:14:79:c0:
08:58:1e:89:61:26:83:35:91:81:cd:a2:d8:1d:cb:af:b2:83:
12:f5:40:fd:4d:74:4f:97:4e:5d:1d:cd:23:68:54:75:4b:52:
81:7a:bf:cf:f2:bc:84:93:66:74:b1:9c:e2:22:f2:b4:cb:f9:
ae:38:1d:32
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDIx
MjU0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1OEFGQzZGNTEwMUUy
MEU1MjBEQkZFMDhFOUEwMUFEN0I4RDdFQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRmwzUAckf+1bn2BTft9aBmzP1lE3bw8XlPnMgPVdt7ezKddaL
DP6D/H36IRL6HNM6kxO2VlEKqQmG7j1SytVP5LNP8CLVPBdD2cPSwP1HWSN3Y+MZ
sX8x/fKBeJS/tLraTGO14VEbFNVz1uNu2NdaKR55ftyAe+lWXoYPF/Xz5FL0nvyU
NJAiwDfn9Sd+uDiRyb4GV0U4JjJh24Pq/CFEuzVYWNDotsBjlRp1UTLPWGfCTn8U
y0K97wlf8T731MSMJvT6iPN0Yds3z0jM851I/8wO3QJ/c5TGpCq8tSIx0SaDR9pz
cWcZvytlrzQPL8Bk3zG8WgdKssS4IQ9LgN8TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJYr8b1EB4g5SDb/gjpoBrXuNfrUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0pZcjhiMUVCNGc1U0Ri
X2dqcG9Cclh1TmZyVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAT5o4S5n/QBzwqEw61i1StR1348wobJau
z0+Qof3niIX2Ec919xLEoSoB+LVpHzpaXLxPGF4Z+HHeBEOK1VOyZRRNzBmw6Lgt
kewt0FC2K6s+ue0X09QWTvoM2VmvmHKrlROQR7FgNc+X2dcHqmxH1uMytfmrplx3
a/FixkNrvVOxi4b/DvT35jSQiAJLA+AvxgcGnrT7UT04KFADSX4uOdxbk688EzEN
Q9gRKFU0unNdhNfW/yAvRZQ2umKFIv0wUjfJFHnACFgeiWEmgzWRgc2i2B3Lr7KD
EvVA/U10T5dOXR3NI2hUdUtSgXq/z/K8hJNmdLGc4iLytMv5rjgdMg==
-----END CERTIFICATE-----
Generated at Thu May 2 16:08:50 2024 by rpki-client on console.sobornost.net