Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/J0legHM-eovwaVFvLF_YByGRNgA.roa
File: J0legHM-eovwaVFvLF_YByGRNgA.roa (raw, json)
Hash identifier: fnHvrq/2Gz4dbRlqJxiebnNvplmhc0AGAZPvZx/ju6Q=
Subject key identifier: 27:49:5E:80:73:3E:7A:8B:F0:69:51:6F:2C:5F:D8:07:21:91:36:00
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D40
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/J0legHM-eovwaVFvLF_YByGRNgA.roa
Signing time: Tue 07 May 2024 23:24:20 +0000
ROA not before: Tue 07 May 2024 23:24:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7488 (0x1d40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 7 23:24:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=27495E80733E7A8BF069516F2C5FD80721913600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:92:ee:9e:b5:97:51:8a:ba:50:b4:01:4d:
c5:e9:a6:56:ec:36:c7:cf:3c:7a:15:34:7c:c7:d2:
04:a4:cb:9b:bf:bb:64:09:1c:dc:47:0c:d2:52:3f:
d5:b2:b3:99:38:a7:4c:84:5b:bd:22:65:bf:84:6e:
93:14:2b:22:ac:7b:7d:fb:c5:40:fb:4f:fb:5e:fd:
0a:0c:84:db:d7:1d:6e:db:d1:58:5b:2c:e6:8a:b0:
fd:ea:23:40:36:5f:f1:bf:9a:ba:75:95:6f:a2:8e:
6b:84:f2:78:d5:c7:e4:60:eb:11:bf:60:a5:e9:66:
46:0e:2d:9e:f9:d2:ba:7d:e7:ff:b2:8a:02:7e:2b:
89:ba:d6:22:24:92:db:d4:98:c8:a5:f4:55:54:90:
81:38:be:04:f5:af:08:c6:c4:e5:c5:90:91:1a:60:
69:3f:fd:60:3d:6d:b4:9b:6b:5f:cf:6e:c5:dd:ba:
66:a6:83:c7:09:42:1d:ec:27:09:2c:60:c3:58:db:
4a:2b:b4:ee:ae:67:dd:33:d1:92:b6:77:41:8d:8c:
e6:91:a2:71:c9:cc:0f:c6:66:b3:b9:5e:88:5f:da:
f3:5c:7b:90:67:14:f4:89:a2:44:54:58:bd:e5:12:
50:ab:64:f5:e7:35:d6:2a:17:1c:31:39:5b:57:d1:
3d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:49:5E:80:73:3E:7A:8B:F0:69:51:6F:2C:5F:D8:07:21:91:36:00
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/J0legHM-eovwaVFvLF_YByGRNgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:55:a9:e7:6a:26:54:4f:73:24:cd:24:05:c0:ab:ba:20:87:
c2:09:0a:a6:99:a7:11:46:3d:6f:9b:60:c0:a5:67:cb:82:f2:
e1:29:f1:00:56:56:ce:65:aa:45:fb:cc:b0:78:fb:6a:fa:e9:
91:38:bf:76:da:89:eb:ba:87:27:32:75:fe:b6:62:63:90:27:
5f:81:36:ac:89:e3:f6:99:9d:b6:73:9e:ec:42:b1:d6:36:4a:
c7:c4:f8:d9:36:77:eb:cc:9d:cb:0d:91:18:10:9f:1a:33:2b:
7c:f0:07:a8:3b:5e:83:a2:6a:cd:6f:6f:69:99:c6:db:ef:a7:
0c:74:e7:58:6f:f2:4b:db:ad:7e:5b:d2:aa:c1:0a:b8:91:67:
d1:73:60:eb:14:b2:02:36:bd:47:91:95:f0:b4:65:4f:8b:2c:
dd:07:66:69:18:b2:a4:37:84:16:b9:93:48:f5:d9:6b:ad:37:
2a:15:0a:a3:e1:4f:62:07:b3:f7:04:8b:59:49:3d:c0:41:66:
8a:2c:b0:60:11:51:4c:67:d1:4a:2c:4f:99:4b:c1:1c:bc:18:
6a:6d:da:f2:bf:68:de:bb:8f:94:ed:62:14:7b:b5:a9:0d:41:
5a:9c:d0:db:2c:13:da:d3:76:50:39:79:13:81:d7:5e:9d:fa:
a6:a2:4b:e1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHUAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDcy
MzI0MjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI3NDk1RTgwNzMzRTdB
OEJGMDY5NTE2RjJDNUZEODA3MjE5MTM2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3ypLunrWXUYq6ULQBTcXpplbsNsfPPHoVNHzH0gSky5u/u2QJ
HNxHDNJSP9Wys5k4p0yEW70iZb+EbpMUKyKse337xUD7T/te/QoMhNvXHW7b0Vhb
LOaKsP3qI0A2X/G/mrp1lW+ijmuE8njVx+Rg6xG/YKXpZkYOLZ750rp95/+yigJ+
K4m61iIkktvUmMil9FVUkIE4vgT1rwjGxOXFkJEaYGk//WA9bbSba1/PbsXdumam
g8cJQh3sJwksYMNY20ortO6uZ90z0ZK2d0GNjOaRonHJzA/GZrO5Xohf2vNce5Bn
FPSJokRUWL3lElCrZPXnNdYqFxwxOVtX0T3DAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJ0legHM+eovwaVFvLF/YByGRNgAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0owbGVnSE0tZW92d2FW
RnZMRl9ZQnlHUk5nQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAelWp52omVE9zJM0kBcCruiCHwgkKppmn
EUY9b5tgwKVny4Ly4SnxAFZWzmWqRfvMsHj7avrpkTi/dtqJ67qHJzJ1/rZiY5An
X4E2rInj9pmdtnOe7EKx1jZKx8T42TZ368ydyw2RGBCfGjMrfPAHqDteg6JqzW9v
aZnG2++nDHTnWG/yS9utflvSqsEKuJFn0XNg6xSyAja9R5GV8LRlT4ss3QdmaRiy
pDeEFrmTSPXZa603KhUKo+FPYgez9wSLWUk9wEFmiiywYBFRTGfRSixPmUvBHLwY
am3a8r9o3ruPlO1iFHu1qQ1BWpzQ2ywT2tN2UDl5E4HXXp36pqJL4Q==
-----END CERTIFICATE-----
Generated at Wed May 8 01:09:03 2024 by rpki-client on console-fra.rpki-client.org