Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2qeQToV-s1C3Hjb9GLkRPAbWVpE.roa
File: 2qeQToV-s1C3Hjb9GLkRPAbWVpE.roa (raw, json)
Hash identifier: BJXB0D6iiWeLt3W5AOxUcdlV7izC/XvW6PH+st9tmPM=
Subject key identifier: DA:A7:90:4E:85:7E:B3:50:B7:1E:36:FD:18:B9:11:3C:06:D6:56:91
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1ABC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2qeQToV-s1C3Hjb9GLkRPAbWVpE.roa
Signing time: Wed 01 May 2024 06:24:02 +0000
ROA not before: Wed 01 May 2024 06:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6844 (0x1abc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 06:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAA7904E857EB350B71E36FD18B9113C06D65691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:c4:ce:05:e8:87:a0:b7:db:89:06:28:a5:
c6:cb:be:13:65:83:c3:df:86:c5:37:32:97:6c:c8:
aa:d8:0b:43:e3:a8:21:ed:40:bd:5e:61:26:57:da:
08:9b:27:12:b1:74:69:36:8a:26:26:4f:88:8f:ba:
0d:2f:65:bb:be:75:2d:7a:e2:83:42:cb:90:a1:e2:
40:93:2f:8f:06:46:2a:64:43:8f:ce:35:ef:e5:de:
d5:c3:1f:e2:b3:b2:a5:97:82:77:7a:19:8d:30:0d:
9f:20:36:41:c3:0b:23:63:9d:75:ed:91:f6:e2:84:
02:3f:da:e4:35:57:a2:0a:79:de:25:ae:b8:86:c3:
2a:34:13:28:03:6a:4c:b7:58:f3:63:36:6a:93:c2:
9d:71:d9:19:11:6a:52:e8:3d:a2:82:eb:4b:f5:66:
55:35:d4:ff:26:6b:80:3b:50:0f:78:7a:56:ac:c3:
14:0c:d8:15:7d:6f:e2:7b:bc:a5:3a:c5:45:a1:3a:
d0:ca:8a:b8:ab:41:f7:18:f8:38:5e:5e:b0:90:ff:
1d:e6:4b:23:c4:fc:33:62:29:0b:c0:44:61:78:9f:
7b:29:e8:9a:bc:58:7b:44:70:7b:2b:1d:45:3d:69:
da:8c:ae:fd:db:80:31:bb:24:44:f0:1b:54:26:11:
5f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A7:90:4E:85:7E:B3:50:B7:1E:36:FD:18:B9:11:3C:06:D6:56:91
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2qeQToV-s1C3Hjb9GLkRPAbWVpE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:b8:26:a6:00:0e:de:22:e1:17:2b:75:4f:23:6a:c5:e9:02:
ad:27:33:cb:43:7f:13:5a:35:b2:4b:49:5a:f3:3d:b5:c8:75:
97:5c:d7:cc:4d:76:b9:1f:ee:e8:ab:b9:47:76:30:f7:21:08:
6d:fd:a6:dc:14:c3:d4:ab:ed:b5:57:de:27:e3:42:fc:15:50:
a5:aa:97:48:69:2c:92:ad:62:b2:15:5f:b0:35:59:4a:8d:75:
a2:ad:6a:d3:7e:59:cb:c7:51:94:c7:97:cc:ae:3b:b4:14:cb:
8d:87:66:74:f3:0d:9a:a8:c8:53:9e:43:93:c0:49:30:ab:54:
63:92:0d:44:01:6a:3f:11:36:fb:00:e4:b2:86:a5:3a:ad:b9:
6a:1e:01:b7:13:e5:b3:16:e5:f2:24:42:95:c2:90:d1:b8:df:
95:83:f6:2d:54:8f:c1:44:1c:6a:8b:65:97:f9:9c:8e:71:06:
6f:88:c4:ab:75:6a:ac:21:28:13:eb:45:00:b6:f8:31:66:4a:
5e:d8:65:77:7c:63:f1:97:f4:b5:54:4d:a2:09:bc:6b:1d:cd:
ae:87:00:2e:e9:f0:ed:e4:be:d6:f6:40:6b:80:ce:2f:f4:9a:
3e:76:55:e2:f6:74:e9:7d:fb:5f:a7:25:1e:b1:c1:fe:c8:3a:
a8:4b:4f:4d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGrwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEw
NjI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQTc5MDRFODU3RUIz
NTBCNzFFMzZGRDE4QjkxMTNDMDZENjU2OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjL8TOBeiHoLfbiQYopcbLvhNlg8PfhsU3MpdsyKrYC0PjqCHt
QL1eYSZX2gibJxKxdGk2iiYmT4iPug0vZbu+dS164oNCy5Ch4kCTL48GRipkQ4/O
Ne/l3tXDH+KzsqWXgnd6GY0wDZ8gNkHDCyNjnXXtkfbihAI/2uQ1V6IKed4lrriG
wyo0EygDaky3WPNjNmqTwp1x2RkRalLoPaKC60v1ZlU11P8ma4A7UA94elaswxQM
2BV9b+J7vKU6xUWhOtDKirirQfcY+DheXrCQ/x3mSyPE/DNiKQvARGF4n3sp6Jq8
WHtEcHsrHUU9adqMrv3bgDG7JETwG1QmEV9lAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2qeQToV+s1C3Hjb9GLkRPAbWVpEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJxZVFUb1YtczFDM0hq
YjlHTGtSUEFiV1ZwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAgbgmpgAO3iLhFyt1TyNqxekCrSczy0N/
E1o1sktJWvM9tch1l1zXzE12uR/u6Ku5R3Yw9yEIbf2m3BTD1KvttVfeJ+NC/BVQ
paqXSGkskq1ishVfsDVZSo11oq1q035Zy8dRlMeXzK47tBTLjYdmdPMNmqjIU55D
k8BJMKtUY5INRAFqPxE2+wDksoalOq25ah4BtxPlsxbl8iRClcKQ0bjflYP2LVSP
wUQcaotll/mcjnEGb4jEq3VqrCEoE+tFALb4MWZKXthld3xj8Zf0tVRNogm8ax3N
rocALunw7eS+1vZAa4DOL/SaPnZV4vZ06X37X6clHrHB/sg6qEtPTQ==
-----END CERTIFICATE-----
Generated at Wed May 1 09:52:56 2024 by rpki-client on console-fra.rpki-client.org