Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/jkyyeCtC3Hk2nGY6Z201OZwRFmg.roa
File: jkyyeCtC3Hk2nGY6Z201OZwRFmg.roa (raw, json)
Hash identifier: 5hGg/i2U53akK2iBsycq363STPoGB39+sqd4tcd4ijU=
Subject key identifier: 8E:4C:B2:78:2B:42:DC:79:36:9C:66:3A:67:6D:35:39:9C:11:16:68
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E5C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/jkyyeCtC3Hk2nGY6Z201OZwRFmg.roa
Signing time: Fri 29 Mar 2024 06:23:20 +0000
ROA not before: Fri 29 Mar 2024 06:23:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3676 (0xe5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 06:23:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8E4CB2782B42DC79369C663A676D35399C111668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:bd:94:aa:14:9c:7f:90:d2:8b:f2:b2:b6:
ed:20:bb:a7:f4:d1:8d:4f:78:bd:83:bf:78:95:9c:
75:31:d8:cd:e2:eb:25:cb:91:b3:b5:01:c7:48:e0:
5c:b1:0e:51:35:64:56:24:73:e8:b0:01:1a:b7:c3:
93:81:20:d9:93:fe:0e:2f:21:38:27:af:fd:cc:42:
e6:86:06:26:1d:a7:b9:b3:81:a0:2f:f7:27:ff:76:
52:f3:7e:c7:1e:69:f2:dd:a7:b6:df:35:d3:10:d4:
3f:aa:cd:37:47:74:88:44:24:a3:15:99:31:e4:be:
09:cd:f5:da:23:5c:6d:44:3d:72:4d:0f:85:df:b2:
ed:42:52:88:01:87:94:b9:53:c6:7e:3a:01:81:94:
a3:0c:36:b6:8b:a1:9c:4e:9e:4d:c3:d3:c2:b6:76:
c4:1a:8a:af:a5:c3:06:1a:e2:6c:34:4a:da:07:f9:
83:6d:d7:59:47:5e:42:a4:42:13:5e:d8:94:9e:b3:
4e:c4:bf:95:9d:d8:d5:53:97:5e:63:87:55:e2:63:
4c:ee:fb:a1:37:d3:cf:f4:e6:7d:db:c7:31:d2:25:
92:eb:84:98:31:c3:3b:9f:d1:31:7d:78:f7:27:28:
bc:93:34:bb:98:5a:20:bf:56:2a:fa:fe:fb:8f:d2:
21:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4C:B2:78:2B:42:DC:79:36:9C:66:3A:67:6D:35:39:9C:11:16:68
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/jkyyeCtC3Hk2nGY6Z201OZwRFmg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:d7:43:a8:f6:61:13:f1:97:3d:81:43:53:57:2f:64:c1:bf:
22:e5:9f:78:ea:59:1b:84:ef:a5:67:6e:94:b8:da:49:eb:8c:
30:d9:ef:5e:7b:31:6f:5e:ae:47:c0:08:4f:79:05:0d:27:7a:
9c:f0:4d:b5:9b:de:a5:f4:09:5f:90:eb:bb:c1:b7:d7:a8:d6:
41:08:06:90:8d:dc:04:d3:59:3d:b6:77:1d:f9:85:bc:5e:d9:
4d:21:15:c9:c3:aa:2c:c4:d4:87:e3:ba:4d:17:1b:54:2c:37:
fd:b9:26:1a:ea:59:9b:3f:75:d7:b0:8f:8a:3b:32:78:ef:d3:
6a:e4:f0:62:16:11:2e:e4:e3:da:6a:2a:f5:50:6c:38:fc:b1:
dd:c9:4e:a8:7d:33:aa:72:33:9d:7a:44:c2:e5:43:23:b4:c1:
25:f5:35:b8:29:32:4b:d8:4c:59:4c:49:48:a7:02:7a:05:93:
7e:09:9c:5f:59:7b:67:08:59:28:64:96:3f:22:85:48:b4:66:
7d:b0:6c:e1:52:52:f2:55:ee:ba:fa:4f:4e:f8:24:99:13:20:
54:2b:47:60:10:f6:ef:ce:80:90:3e:02:9c:c7:ea:94:66:14:
08:90:65:c0:e8:01:7c:5f:2a:9b:ee:0d:70:e1:51:7f:db:d6:
da:b8:00:53
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDlwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkw
NjIzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhFNENCMjc4MkI0MkRD
NzkzNjlDNjYzQTY3NkQzNTM5OUMxMTE2NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6b72UqhScf5DSi/Kytu0gu6f00Y1PeL2Dv3iVnHUx2M3i6yXL
kbO1AcdI4FyxDlE1ZFYkc+iwARq3w5OBINmT/g4vITgnr/3MQuaGBiYdp7mzgaAv
9yf/dlLzfsceafLdp7bfNdMQ1D+qzTdHdIhEJKMVmTHkvgnN9dojXG1EPXJND4Xf
su1CUogBh5S5U8Z+OgGBlKMMNraLoZxOnk3D08K2dsQaiq+lwwYa4mw0StoH+YNt
11lHXkKkQhNe2JSes07Ev5Wd2NVTl15jh1XiY0zu+6E308/05n3bxzHSJZLrhJgx
wzuf0TF9ePcnKLyTNLuYWiC/Vir6/vuP0iFxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUjkyyeCtC3Hk2nGY6Z201OZwRFmgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2preXllQ3RDM0hrMm5H
WTZaMjAxT1p3UkZtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEArNdDqPZhE/GXPYFDU1cvZMG/IuWfeOpZ
G4TvpWdulLjaSeuMMNnvXnsxb16uR8AIT3kFDSd6nPBNtZvepfQJX5Dru8G316jW
QQgGkI3cBNNZPbZ3HfmFvF7ZTSEVycOqLMTUh+O6TRcbVCw3/bkmGupZmz9117CP
ijsyeO/TauTwYhYRLuTj2moq9VBsOPyx3clOqH0zqnIznXpEwuVDI7TBJfU1uCky
S9hMWUxJSKcCegWTfgmcX1l7ZwhZKGSWPyKFSLRmfbBs4VJS8lXuuvpPTvgkmRMg
VCtHYBD2786AkD4CnMfqlGYUCJBlwOgBfF8qm+4NcOFRf9vW2rgAUw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:12:06 2024 by rpki-client on console.sobornost.net