Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/JesJ67LE60mFy5B-iBEHRG2C5mU.roa
File: JesJ67LE60mFy5B-iBEHRG2C5mU.roa (raw, json)
Hash identifier: /eQ6WvUYwPwyKRzC7MCBoF8PW1TtEcsDrh8DvsStSKE=
Subject key identifier: 25:EB:09:EB:B2:C4:EB:49:85:CB:90:7E:88:11:07:44:6D:82:E6:65
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1470
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JesJ67LE60mFy5B-iBEHRG2C5mU.roa
Signing time: Sun 14 Apr 2024 11:23:14 +0000
ROA not before: Sun 14 Apr 2024 11:23:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5232 (0x1470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 11:23:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=25EB09EBB2C4EB4985CB907E881107446D82E665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:02:d2:76:8a:f1:1a:ac:ac:4f:90:e8:1f:58:
58:d2:8e:a2:8b:82:2a:b3:50:5b:6e:3b:6a:82:78:
b0:94:05:cf:25:60:89:e2:1a:12:44:b5:45:3b:06:
7b:8c:b9:05:58:49:f2:c3:45:5a:61:f9:d3:30:1d:
c9:b4:74:4c:dc:30:7e:ac:14:83:bd:1e:ca:67:32:
a7:59:d5:7b:cc:c7:dd:c8:a6:90:0d:ae:7c:5f:18:
29:2e:03:59:04:b3:0e:1d:80:3c:a8:b9:c9:41:f2:
e5:83:a8:ba:14:5b:58:19:06:63:27:2a:c2:82:af:
57:8b:a6:d7:0e:5e:30:6c:3c:a9:9e:46:15:f7:b5:
28:a8:60:52:61:33:70:4a:d3:c5:ce:08:0a:95:d1:
73:c6:29:fa:b6:83:b2:fd:28:7f:9d:a8:57:9f:19:
c4:08:87:15:8d:77:60:78:90:d1:69:19:57:e2:2f:
98:8b:75:86:91:ad:e7:ed:7c:f5:0a:1d:bc:ee:a3:
5a:16:44:18:8b:e8:62:60:d3:85:9a:7d:ee:58:94:
84:96:df:b3:e5:e7:a7:86:b8:f8:ab:0d:eb:2c:70:
d7:3e:8d:90:48:cf:98:29:af:b1:3f:5a:82:cf:2e:
f3:7f:97:3c:dd:ed:b4:3d:43:4a:bb:87:a4:2d:dc:
89:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EB:09:EB:B2:C4:EB:49:85:CB:90:7E:88:11:07:44:6D:82:E6:65
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JesJ67LE60mFy5B-iBEHRG2C5mU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:7b:82:99:d6:63:b8:27:55:cd:16:c0:15:dd:0b:9d:b2:b8:
a3:92:18:4b:de:3f:8f:c6:b9:96:fe:42:10:39:9d:18:0a:2c:
25:d0:f5:b3:81:23:df:f9:79:fd:e3:54:0d:7e:7c:f1:ac:35:
cc:2f:9b:a9:92:6f:30:e5:1f:fe:ac:44:21:1b:81:8f:ab:c2:
fd:c2:9f:a3:36:69:83:e6:40:20:c5:4a:bb:e9:24:71:b8:6f:
4a:ca:61:f2:5a:20:18:47:59:e7:e0:f1:23:45:11:ae:ab:df:
e5:fc:61:ce:a6:f9:75:20:eb:a8:2c:81:65:3c:4d:72:c2:ad:
e3:f5:0e:e9:99:35:93:99:48:b6:6e:21:de:10:dc:30:65:4f:
e2:aa:63:6d:f2:bb:61:4e:55:f9:7c:44:0e:36:76:e1:7f:9d:
b1:53:a9:eb:c6:2d:75:fd:68:a0:d2:f9:c4:80:1e:99:83:91:
5f:e1:d9:d5:64:7b:94:7f:06:61:bf:b1:ca:35:f2:f4:e2:c7:
a5:a5:02:06:a3:90:ba:40:2e:85:fd:48:96:a2:df:6f:8a:91:
a1:51:2d:a9:32:fd:a1:88:98:2b:9d:c7:6a:3a:1f:dc:63:68:
8f:2f:ae:51:53:31:a1:f6:97:ac:77:97:53:b2:39:12:be:02:
9c:e3:c3:9f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQx
MTIzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1RUIwOUVCQjJDNEVC
NDk4NUNCOTA3RTg4MTEwNzQ0NkQ4MkU2NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoAtJ2ivEarKxPkOgfWFjSjqKLgiqzUFtuO2qCeLCUBc8lYIni
GhJEtUU7BnuMuQVYSfLDRVph+dMwHcm0dEzcMH6sFIO9HspnMqdZ1XvMx93IppAN
rnxfGCkuA1kEsw4dgDyouclB8uWDqLoUW1gZBmMnKsKCr1eLptcOXjBsPKmeRhX3
tSioYFJhM3BK08XOCAqV0XPGKfq2g7L9KH+dqFefGcQIhxWNd2B4kNFpGVfiL5iL
dYaRreftfPUKHbzuo1oWRBiL6GJg04Wafe5YlISW37Pl56eGuPirDesscNc+jZBI
z5gpr7E/WoLPLvN/lzzd7bQ9Q0q7h6Qt3InfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJesJ67LE60mFy5B+iBEHRG2C5mUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0plc0o2N0xFNjBtRnk1
Qi1pQkVIUkcyQzVtVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAwXuCmdZjuCdVzRbAFd0LnbK4o5IYS94/
j8a5lv5CEDmdGAosJdD1s4Ej3/l5/eNUDX588aw1zC+bqZJvMOUf/qxEIRuBj6vC
/cKfozZpg+ZAIMVKu+kkcbhvSsph8logGEdZ5+DxI0URrqvf5fxhzqb5dSDrqCyB
ZTxNcsKt4/UO6Zk1k5lItm4h3hDcMGVP4qpjbfK7YU5V+XxEDjZ24X+dsVOp68Yt
df1ooNL5xIAemYORX+HZ1WR7lH8GYb+xyjXy9OLHpaUCBqOQukAuhf1IlqLfb4qR
oVEtqTL9oYiYK53Hajof3GNojy+uUVMxofaXrHeXU7I5Er4CnOPDnw==
-----END CERTIFICATE-----
Generated at Sun Apr 14 16:37:35 2024 by rpki-client on console.sobornost.net