Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/leeq6NKY58KYm-X1qAq1qw4sgS8.roa
File: leeq6NKY58KYm-X1qAq1qw4sgS8.roa (raw, json)
Hash identifier: rzxmimDhAsjFdhpl3u0nqO1I1e4hgubALy/VlMqFPhM=
Subject key identifier: 95:E7:AA:E8:D2:98:E7:C2:98:9B:E5:F5:A8:0A:B5:AB:0E:2C:81:2F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10F8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/leeq6NKY58KYm-X1qAq1qw4sgS8.roa
Signing time: Fri 05 Apr 2024 05:22:48 +0000
ROA not before: Fri 05 Apr 2024 05:22:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4344 (0x10f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 5 05:22:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=95E7AAE8D298E7C2989BE5F5A80AB5AB0E2C812F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b9:05:b7:a7:f6:aa:7f:1d:2b:68:92:32:7a:
85:b6:64:bf:47:62:6f:46:56:ee:c6:75:4f:7e:06:
86:a9:fa:8d:0e:d2:b9:1d:62:de:70:1d:93:80:8e:
df:74:86:13:98:64:1b:88:6c:f6:90:f9:04:78:77:
95:55:85:8c:dc:7e:f3:d9:b1:bc:43:8c:ab:4f:ff:
bc:83:42:dc:91:d5:b4:0c:e4:6a:7a:ed:9d:d3:af:
ce:6f:55:a8:38:b2:6a:72:82:5a:08:ae:7b:42:9d:
f0:06:86:be:c8:a8:d3:ae:0d:26:71:9a:63:af:44:
fa:8b:d7:ae:24:b3:d9:df:d8:94:94:10:37:55:92:
54:f1:61:24:65:1e:31:bf:92:e2:d0:a9:5f:44:d0:
73:0b:11:c7:9e:23:f8:43:58:b5:21:d4:9f:28:03:
8b:95:ff:da:62:3c:e7:21:96:ab:67:1d:d6:81:7d:
8b:0f:ed:c7:b2:17:21:02:dc:9a:fd:e2:24:cd:76:
2b:74:46:6c:da:69:d0:dd:f4:08:2d:31:4c:8c:b5:
7f:30:1b:23:d3:fe:30:3d:bc:94:b7:67:fe:40:1f:
4c:bf:f3:26:cc:e9:1a:18:31:47:af:21:32:3b:5d:
bd:4e:2e:df:ab:cb:44:87:f7:7f:e8:68:4b:c0:d6:
31:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E7:AA:E8:D2:98:E7:C2:98:9B:E5:F5:A8:0A:B5:AB:0E:2C:81:2F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/leeq6NKY58KYm-X1qAq1qw4sgS8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:fc:72:2f:e2:1f:f8:4f:e7:ce:51:0c:f0:f8:66:60:81:e9:
55:1e:83:76:58:ac:c2:be:66:0f:9a:f8:8a:5f:55:db:e0:c4:
cf:38:e0:af:a3:ff:74:37:6f:47:16:5b:85:e7:08:ab:de:48:
73:2a:98:86:9c:28:43:b4:af:7d:db:35:28:bd:d5:fc:c3:17:
88:e7:e5:96:55:a3:ed:93:58:b7:3b:1a:80:e7:22:ad:b4:4e:
ea:ca:fc:48:78:9e:76:b7:8c:e4:79:1c:b7:80:fb:43:0c:ac:
cf:52:d2:12:41:f2:b8:dd:79:bf:e0:b2:9b:04:b3:c8:80:b0:
81:57:a8:cb:20:89:85:43:c2:f4:06:f7:ca:01:4a:87:af:6d:
46:97:0d:81:86:67:d7:a1:bc:3b:55:c2:25:34:25:6c:9b:7d:
eb:4d:b7:c8:6f:a8:e5:55:04:d4:18:95:a3:b1:70:16:96:2d:
54:f9:4d:b5:ed:df:ff:0f:ea:0f:74:29:36:18:0f:d8:f9:cc:
15:52:da:13:a6:a6:78:2a:f7:7f:65:9f:14:a2:a5:73:4c:d3:
48:3f:d6:4f:05:1f:87:3c:26:5c:da:a5:60:52:22:8f:93:a5:
ca:be:37:65:b2:02:e9:19:8a:05:d6:f2:5c:fc:68:96:de:65:
da:31:81:01
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDUw
NTIyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1RTdBQUU4RDI5OEU3
QzI5ODlCRTVGNUE4MEFCNUFCMEUyQzgxMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDuQW3p/aqfx0raJIyeoW2ZL9HYm9GVu7GdU9+Boap+o0O0rkd
Yt5wHZOAjt90hhOYZBuIbPaQ+QR4d5VVhYzcfvPZsbxDjKtP/7yDQtyR1bQM5Gp6
7Z3Tr85vVag4smpygloIrntCnfAGhr7IqNOuDSZxmmOvRPqL164ks9nf2JSUEDdV
klTxYSRlHjG/kuLQqV9E0HMLEceeI/hDWLUh1J8oA4uV/9piPOchlqtnHdaBfYsP
7ceyFyEC3Jr94iTNdit0RmzaadDd9AgtMUyMtX8wGyPT/jA9vJS3Z/5AH0y/8ybM
6RoYMUevITI7Xb1OLt+ry0SH93/oaEvA1jHnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUleeq6NKY58KYm+X1qAq1qw4sgS8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2xlZXE2TktZNThLWW0t
WDFxQXExcXc0c2dTOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEARvxyL+If+E/nzlEM8PhmYIHpVR6Ddlis
wr5mD5r4il9V2+DEzzjgr6P/dDdvRxZbhecIq95IcyqYhpwoQ7Svfds1KL3V/MMX
iOflllWj7ZNYtzsagOcirbRO6sr8SHiedreM5Hkct4D7Qwysz1LSEkHyuN15v+Cy
mwSzyICwgVeoyyCJhUPC9Ab3ygFKh69tRpcNgYZn16G8O1XCJTQlbJt96023yG+o
5VUE1BiVo7FwFpYtVPlNte3f/w/qD3QpNhgP2PnMFVLaE6ameCr3f2WfFKKlc0zT
SD/WTwUfhzwmXNqlYFIij5Olyr43ZbIC6RmKBdbyXPxolt5l2jGBAQ==
-----END CERTIFICATE-----
Generated at Fri Apr 5 12:25:50 2024 by rpki-client on console.sobornost.net