Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/JC0ibT1x9mNSohXVGfRw_0SfAhk.roa
File: JC0ibT1x9mNSohXVGfRw_0SfAhk.roa (raw, json)
Hash identifier: WgUNRhOkRWq4CDp0OfOJkKJC1zGN52d7vjSfUc5jXmI=
Subject key identifier: 24:2D:22:6D:3D:71:F6:63:52:A2:15:D5:19:F4:70:FF:44:9F:02:19
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 17FC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JC0ibT1x9mNSohXVGfRw_0SfAhk.roa
Signing time: Tue 23 Apr 2024 22:23:44 +0000
ROA not before: Tue 23 Apr 2024 22:23:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6140 (0x17fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 23 22:23:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=242D226D3D71F66352A215D519F470FF449F0219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:73:97:67:3c:ae:74:8e:56:59:33:75:a4:6d:
bb:10:f0:c3:81:fa:df:2c:be:73:1c:07:89:ac:67:
8d:4e:b2:4e:1b:30:5b:25:8d:f9:d5:94:34:af:95:
a6:6c:22:53:71:c9:d5:fc:9b:46:11:c0:01:1c:5d:
f7:0d:3e:ac:62:76:d2:f4:7d:f2:58:db:a2:d1:17:
1a:d1:4c:a4:9f:86:e9:12:01:46:07:3a:d3:85:4c:
8c:11:37:fd:2a:c3:87:d5:2a:f9:3a:a7:ea:57:fe:
31:ba:f3:e4:ad:a5:2b:84:f9:7d:c0:73:1a:01:25:
53:7e:d1:d4:26:5b:04:96:cc:1b:16:22:59:0f:fa:
3d:94:6a:d0:2d:12:f7:1d:f0:a3:6c:c6:23:d0:60:
5f:1c:f1:f2:7a:7e:af:ca:02:4e:c9:7e:b2:77:5e:
a1:6c:7e:cf:96:1f:09:05:a0:0f:7f:fa:6d:04:9d:
d6:45:36:13:fd:b2:c9:bf:89:8d:4c:61:d0:2d:87:
d7:69:8e:d4:7f:1e:61:39:54:fb:ad:6b:27:db:5a:
ee:7b:14:a8:a8:cf:aa:15:a3:a0:de:97:88:ff:da:
b0:e3:e8:75:0d:eb:94:06:5d:c7:0c:20:2d:36:17:
49:6f:b1:ab:df:f7:89:61:96:8b:51:e8:29:44:50:
11:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2D:22:6D:3D:71:F6:63:52:A2:15:D5:19:F4:70:FF:44:9F:02:19
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/JC0ibT1x9mNSohXVGfRw_0SfAhk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:ca:9a:b8:74:91:c6:24:0a:d0:8d:60:d5:26:91:cd:dd:25:
7e:fb:66:32:4a:89:0c:a7:6a:a3:1d:bb:f5:fb:1c:32:2f:cf:
50:79:1a:57:70:5f:9e:91:ec:38:e9:b8:cd:d7:95:7f:e6:fb:
71:11:b9:5a:e4:19:87:97:ce:3c:af:48:dd:45:75:0c:eb:77:
ce:c9:81:db:a9:f3:83:19:a2:54:11:df:24:1a:7f:73:31:00:
7e:c5:33:4a:79:84:a4:42:53:8f:05:96:87:28:b4:39:87:62:
d6:06:70:f9:3e:5f:3c:f1:e5:b1:99:68:8c:94:99:bf:2a:b9:
6d:80:ef:2e:a9:2d:d7:9a:68:ed:b8:19:18:ad:19:d8:04:af:
b7:84:91:cc:ef:8f:eb:d6:15:e5:e8:f5:4c:f1:17:e2:3d:55:
5f:46:bf:11:42:01:d3:7d:f7:25:26:6d:a2:7f:9d:d1:ad:85:
ec:6a:9d:8b:5f:96:0a:7a:e4:22:9a:88:b7:11:31:7d:6c:33:
ac:a0:34:0a:3f:66:a7:05:a9:a9:fd:6b:94:23:24:8f:88:70:
0b:bb:42:a9:81:cf:8d:71:84:07:07:51:3b:cc:65:6e:27:48:
36:e5:c5:3d:d5:8c:5d:58:36:77:98:03:e5:97:35:b9:99:b1:
cd:87:e0:e5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICF/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjMy
MjIzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI0MkQyMjZEM0Q3MUY2
NjM1MkEyMTVENTE5RjQ3MEZGNDQ5RjAyMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMc5dnPK50jlZZM3WkbbsQ8MOB+t8svnMcB4msZ41Osk4bMFsl
jfnVlDSvlaZsIlNxydX8m0YRwAEcXfcNPqxidtL0ffJY26LRFxrRTKSfhukSAUYH
OtOFTIwRN/0qw4fVKvk6p+pX/jG68+StpSuE+X3AcxoBJVN+0dQmWwSWzBsWIlkP
+j2UatAtEvcd8KNsxiPQYF8c8fJ6fq/KAk7JfrJ3XqFsfs+WHwkFoA9/+m0EndZF
NhP9ssm/iY1MYdAth9dpjtR/HmE5VPutayfbWu57FKioz6oVo6Del4j/2rDj6HUN
65QGXccMIC02F0lvsavf94lhlotR6ClEUBGHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJC0ibT1x9mNSohXVGfRw/0SfAhkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0pDMGliVDF4OW1OU29o
WFZHZlJ3XzBTZkFoay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEALMqauHSRxiQK0I1g1SaRzd0lfvtmMkqJ
DKdqox279fscMi/PUHkaV3BfnpHsOOm4zdeVf+b7cRG5WuQZh5fOPK9I3UV1DOt3
zsmB26nzgxmiVBHfJBp/czEAfsUzSnmEpEJTjwWWhyi0OYdi1gZw+T5fPPHlsZlo
jJSZvyq5bYDvLqkt15po7bgZGK0Z2ASvt4SRzO+P69YV5ej1TPEX4j1VX0a/EUIB
0333JSZton+d0a2F7Gqdi1+WCnrkIpqItxExfWwzrKA0Cj9mpwWpqf1rlCMkj4hw
C7tCqYHPjXGEBwdRO8xlbidINuXFPdWMXVg2d5gD5Zc1uZmxzYfg5Q==
Generated at Tue Apr 23 23:21:24 2024 by rpki-client on console-fra.rpki-client.org