Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/SV2Z8emoLoBauSYO8Okntju_DE4.roa
File: SV2Z8emoLoBauSYO8Okntju_DE4.roa (raw, json)
Hash identifier: DWpg8Cl4zXGYExJjaY4VeNKZXGifKJeuvo1pgaseiiY=
Subject key identifier: 49:5D:99:F1:E9:A8:2E:80:5A:B9:26:0E:F0:E9:27:B6:3B:BF:0C:4E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1408
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/SV2Z8emoLoBauSYO8Okntju_DE4.roa
Signing time: Sat 13 Apr 2024 09:23:17 +0000
ROA not before: Sat 13 Apr 2024 09:23:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5128 (0x1408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 09:23:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=495D99F1E9A82E805AB9260EF0E927B63BBF0C4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5e:05:ac:6b:42:6c:32:af:ed:ce:45:b7:ff:
80:ca:ab:1f:d0:38:32:6c:9a:fe:52:72:cd:cc:b4:
11:5c:5d:ac:35:4a:f0:50:09:ff:9a:2c:f0:a3:85:
2e:db:8d:8c:ac:2b:68:15:4f:c7:7d:1e:a9:a8:f6:
59:5f:02:d7:01:24:2e:7a:12:5e:3d:1c:28:38:67:
1e:39:6a:30:41:a1:99:e3:9b:e6:82:0c:46:ba:68:
a9:30:c7:9a:10:7c:51:fa:d5:01:db:a3:17:5a:48:
d7:4b:da:a6:6a:28:1d:9c:3b:10:73:4a:e7:78:1b:
59:60:77:b0:0b:6e:5e:b0:cc:24:a2:67:c4:30:03:
ac:51:bd:6a:6e:65:0d:85:41:da:3b:11:66:0e:f3:
96:fa:e6:0d:f7:3e:6c:79:1f:4e:96:0d:76:51:ce:
31:f9:af:8c:8c:ed:66:58:8f:a5:eb:cb:f8:52:47:
13:49:ac:7f:5e:1c:83:e0:ba:b8:84:1f:76:4e:c5:
2b:65:c8:1e:b3:e8:59:28:9f:53:83:bb:c1:db:13:
5a:9d:b1:26:dc:d0:a6:ee:f5:a0:4a:0d:cf:1c:34:
7e:a8:4c:d7:a7:7a:e2:59:26:a5:f5:77:54:23:0f:
81:59:96:b6:dc:64:08:fd:e5:6e:98:60:06:d7:d2:
6c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5D:99:F1:E9:A8:2E:80:5A:B9:26:0E:F0:E9:27:B6:3B:BF:0C:4E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/SV2Z8emoLoBauSYO8Okntju_DE4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:0d:8c:91:a3:3b:3e:63:b1:84:a5:49:03:21:d3:1d:a9:45:
f8:7e:28:b8:90:a3:16:ed:83:89:1a:44:44:16:32:c4:bb:93:
b1:8b:7f:35:0f:ae:80:86:15:da:a6:c4:ff:7c:52:e3:62:6a:
b8:33:51:74:6d:ad:17:fa:ad:a5:f9:bd:06:7d:ae:55:41:1f:
21:d6:06:b7:c1:ec:95:4f:11:bb:67:b3:4b:ec:52:e6:e7:65:
d8:43:09:28:9a:ab:5e:cf:1b:48:fc:e3:26:b2:b0:71:5e:e5:
27:5c:ab:9b:c9:af:23:6c:b7:35:73:26:2f:17:d8:66:c0:2a:
71:08:4f:77:5a:da:b9:a5:bc:ff:74:89:1d:94:f5:e9:f9:6b:
58:fb:5f:12:51:df:f4:8c:69:9d:c5:d9:0f:2b:23:cf:69:02:
82:07:02:43:a6:b5:26:cf:cb:37:67:11:07:35:67:12:0b:35:
1e:00:60:85:ef:36:56:3e:be:fa:b5:49:44:b7:ae:45:3a:47:
28:bc:ae:3c:5a:bd:e5:0f:fb:22:a9:a6:34:88:b2:c5:84:c9:
b1:93:0d:05:fe:01:c3:fc:b6:7e:46:61:39:7e:0e:07:26:2e:
80:e1:07:cc:6b:63:37:41:3c:86:c5:9c:14:0a:e8:db:4c:94:
c2:21:43:c9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMw
OTIzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ5NUQ5OUYxRTlBODJF
ODA1QUI5MjYwRUYwRTkyN0I2M0JCRjBDNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSXgWsa0JsMq/tzkW3/4DKqx/QODJsmv5Scs3MtBFcXaw1SvBQ
Cf+aLPCjhS7bjYysK2gVT8d9Hqmo9llfAtcBJC56El49HCg4Zx45ajBBoZnjm+aC
DEa6aKkwx5oQfFH61QHboxdaSNdL2qZqKB2cOxBzSud4G1lgd7ALbl6wzCSiZ8Qw
A6xRvWpuZQ2FQdo7EWYO85b65g33Pmx5H06WDXZRzjH5r4yM7WZYj6Xry/hSRxNJ
rH9eHIPguriEH3ZOxStlyB6z6Fkon1ODu8HbE1qdsSbc0Kbu9aBKDc8cNH6oTNen
euJZJqX1d1QjD4FZlrbcZAj95W6YYAbX0mwvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSV2Z8emoLoBauSYO8Okntju/DE4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1NWMlo4ZW1vTG9CYXVT
WU84T2tudGp1X0RFNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAoQ2MkaM7PmOxhKVJAyHTHalF+H4ouJCj
Fu2DiRpERBYyxLuTsYt/NQ+ugIYV2qbE/3xS42JquDNRdG2tF/qtpfm9Bn2uVUEf
IdYGt8HslU8Ru2ezS+xS5udl2EMJKJqrXs8bSPzjJrKwcV7lJ1yrm8mvI2y3NXMm
LxfYZsAqcQhPd1rauaW8/3SJHZT16flrWPtfElHf9IxpncXZDysjz2kCggcCQ6a1
Js/LN2cRBzVnEgs1HgBghe82Vj6++rVJRLeuRTpHKLyuPFq95Q/7IqmmNIiyxYTJ
sZMNBf4Bw/y2fkZhOX4OByYugOEHzGtjN0E8hsWcFAro20yUwiFDyQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 11:04:57 2024 by rpki-client on console-fra.rpki-client.org