Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/1qcpM-MlzjmSqipfb39xmGTa564.roa
File: 1qcpM-MlzjmSqipfb39xmGTa564.roa (raw, json)
Hash identifier: sNH/zm3LUaDhz8ao3BHGJGlqFy/bCiWYq5aGX8htkXk=
Subject key identifier: D6:A7:29:33:E3:25:CE:39:92:AA:2A:5F:6F:7F:71:98:64:DA:E7:AE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1172
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1qcpM-MlzjmSqipfb39xmGTa564.roa
Signing time: Sat 06 Apr 2024 11:52:51 +0000
ROA not before: Sat 06 Apr 2024 11:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4466 (0x1172)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 11:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D6A72933E325CE3992AA2A5F6F7F719864DAE7AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:5f:29:63:68:39:88:14:75:7d:80:b2:d5:
4a:57:c0:2c:92:b7:e7:25:bc:f0:33:cd:a8:a9:3b:
41:b1:1d:76:69:57:d2:e4:1a:65:ba:a1:d0:e9:74:
47:5b:5b:37:54:17:0d:aa:1f:2e:cd:24:03:be:e8:
b2:88:38:6f:24:01:dc:1b:80:59:41:a8:0c:00:36:
06:39:5c:e0:aa:f2:b2:9a:8d:fd:20:81:de:b3:54:
83:24:8e:a5:03:0d:55:ab:3a:3f:90:79:b8:d2:f5:
66:c9:9b:ae:a6:18:ea:b2:64:3a:9e:ec:bd:b4:8a:
b2:32:09:ff:0f:d7:af:59:54:71:92:a3:0e:58:24:
bf:68:d8:bf:d7:1c:bb:9e:bd:94:e8:84:64:07:65:
b6:27:13:c9:3d:85:8e:36:08:3b:f0:c1:e5:f2:05:
17:9d:55:c6:98:cd:78:a7:38:00:cc:20:08:5c:85:
62:3b:b9:5b:f5:df:6d:69:22:73:22:e3:10:b9:c0:
8f:18:61:92:3c:a6:22:82:d8:62:b7:98:fb:c3:c8:
42:75:7c:83:17:6e:98:e0:7c:8f:3a:51:47:11:eb:
d8:82:e3:fe:20:3e:0a:b6:f1:d5:a2:8e:17:13:75:
e5:f4:74:4d:ee:6e:36:f3:54:b3:95:2f:de:8e:36:
1f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A7:29:33:E3:25:CE:39:92:AA:2A:5F:6F:7F:71:98:64:DA:E7:AE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1qcpM-MlzjmSqipfb39xmGTa564.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:5f:bc:02:55:9a:31:be:9a:68:56:9e:55:0f:26:5f:b1:5c:
90:af:69:41:d4:28:4a:9f:cf:9c:8d:97:92:c2:e5:ac:df:fa:
bb:f0:6d:64:44:44:96:d1:41:ef:d9:39:b3:50:1b:2f:0a:5b:
1f:28:62:53:0b:37:79:2e:64:e5:c7:6c:65:34:56:19:4a:22:
38:32:f3:66:cf:69:ab:5b:31:ab:7d:74:89:3d:5f:0b:85:3c:
e5:53:8a:83:3f:3b:9b:40:f7:32:27:da:1a:33:2a:47:29:54:
85:c6:29:b4:f3:cd:71:a6:c9:9f:36:60:4f:01:9f:7a:c2:90:
0f:8b:cc:ca:e9:50:58:c0:91:cd:04:0a:64:7f:20:d6:e8:68:
7d:ad:5e:f7:3e:45:6f:dc:0a:55:2a:e9:0d:9d:0b:c6:e3:4d:
d5:d3:e4:57:f1:1b:fd:af:53:9b:0a:f1:10:34:4f:8e:32:24:
74:3e:4d:60:04:86:1b:c0:79:ea:e4:ea:8a:d3:43:5b:bd:24:
c3:41:0d:c6:f2:0b:67:3d:cd:65:c0:8a:6d:73:57:ae:2a:c5:
87:cb:9d:c5:52:4f:fb:ed:4d:14:4c:70:cc:aa:59:ee:6c:64:
0d:e8:ea:f9:a9:7f:b2:7c:fd:b1:a1:a2:5f:fb:d6:41:c2:2f:
e3:af:a6:68
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYx
MTUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2QTcyOTMzRTMyNUNF
Mzk5MkFBMkE1RjZGN0Y3MTk4NjREQUU3QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpkF8pY2g5iBR1fYCy1UpXwCySt+clvPAzzaipO0GxHXZpV9Lk
GmW6odDpdEdbWzdUFw2qHy7NJAO+6LKIOG8kAdwbgFlBqAwANgY5XOCq8rKajf0g
gd6zVIMkjqUDDVWrOj+QebjS9WbJm66mGOqyZDqe7L20irIyCf8P169ZVHGSow5Y
JL9o2L/XHLuevZTohGQHZbYnE8k9hY42CDvwweXyBRedVcaYzXinOADMIAhchWI7
uVv1321pInMi4xC5wI8YYZI8piKC2GK3mPvDyEJ1fIMXbpjgfI86UUcR69iC4/4g
Pgq28dWijhcTdeX0dE3ubjbzVLOVL96ONh+PAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1qcpM+MlzjmSqipfb39xmGTa564wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzFxY3BNLU1semptU3Fp
cGZiMzl4bUdUYTU2NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAd1+8AlWaMb6aaFaeVQ8mX7FckK9pQdQo
Sp/PnI2XksLlrN/6u/BtZEREltFB79k5s1AbLwpbHyhiUws3eS5k5cdsZTRWGUoi
ODLzZs9pq1sxq310iT1fC4U85VOKgz87m0D3MifaGjMqRylUhcYptPPNcabJnzZg
TwGfesKQD4vMyulQWMCRzQQKZH8g1uhofa1e9z5Fb9wKVSrpDZ0LxuNN1dPkV/Eb
/a9TmwrxEDRPjjIkdD5NYASGG8B56uTqitNDW70kw0ENxvILZz3NZcCKbXNXrirF
h8udxVJP++1NFExwzKpZ7mxkDejq+al/snz9saGiX/vWQcIv46+maA==
-----END CERTIFICATE-----
Generated at Sat Apr 6 13:15:41 2024 by rpki-client on console-ams.rpki-client.org