Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/GQ30MMl_jvcFDKhmCwhXl9oXt_c.roa
File: GQ30MMl_jvcFDKhmCwhXl9oXt_c.roa (raw, json)
Hash identifier: c567nJl0N66aIPS6brhg7WTLThjTMFVEvmGUuA57uIQ=
Subject key identifier: 19:0D:F4:30:C9:7F:8E:F7:05:0C:A8:66:0B:08:57:97:DA:17:B7:F7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BDC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GQ30MMl_jvcFDKhmCwhXl9oXt_c.roa
Signing time: Sat 04 May 2024 06:24:15 +0000
ROA not before: Sat 04 May 2024 06:24:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7132 (0x1bdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 06:24:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=190DF430C97F8EF7050CA8660B085797DA17B7F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b3:39:18:82:c2:b2:dc:ec:20:a9:91:af:fa:
9f:9c:c0:ab:79:c5:9f:0c:b6:18:0a:38:b4:d0:9d:
9c:e4:09:89:7e:39:7a:0f:31:f3:64:02:45:b3:e2:
60:46:4c:1a:ab:d4:c1:66:0d:7f:b7:c6:96:5c:67:
76:be:b4:b8:f1:73:c0:cf:23:b1:ca:d3:b5:bd:1c:
d7:78:94:d4:8e:f7:c8:e6:b1:e9:73:6b:d5:ab:72:
69:35:b5:4b:45:6c:e0:51:ce:39:f3:45:99:87:ce:
48:5e:85:5f:60:20:f2:e8:17:71:93:26:1d:3a:60:
30:3c:4c:74:58:66:ed:b1:59:9d:f4:17:53:46:94:
34:2d:75:b9:da:82:8d:29:91:f5:44:66:36:f7:a6:
2f:87:61:ae:9f:a4:16:d4:49:e8:b2:94:d8:b9:6d:
58:6f:72:e6:28:ac:b1:bd:68:3f:39:65:86:15:1c:
22:3e:e8:96:3a:98:cc:47:03:95:ce:56:32:d1:c7:
d9:c0:e8:75:ce:4a:b5:9d:ab:5b:75:f8:e4:f9:24:
60:36:a5:39:c1:96:76:8a:1f:17:33:36:c8:16:35:
0e:cb:4a:8d:c1:22:3b:d1:0e:0f:a6:11:c2:e2:fd:
56:1b:ba:f6:6d:d1:fb:8d:bd:65:24:74:bc:c5:4d:
ec:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0D:F4:30:C9:7F:8E:F7:05:0C:A8:66:0B:08:57:97:DA:17:B7:F7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GQ30MMl_jvcFDKhmCwhXl9oXt_c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ce:74:bc:11:5c:cf:bd:24:2e:cd:2e:c8:67:b1:0a:c1:4c:a5:
55:5b:8c:94:a4:f0:af:c4:05:5a:60:9f:59:34:c9:e5:c8:f3:
32:6f:0c:9f:16:95:c4:32:46:64:a2:4b:77:13:5a:16:0b:ce:
bd:f7:c8:9a:7b:26:c5:40:14:32:41:ef:95:78:4b:49:95:ac:
6a:57:11:66:3e:9d:7c:90:4e:22:6d:3f:eb:37:e6:9f:51:87:
fa:66:67:51:b2:79:f6:ce:36:bd:f2:0e:8d:ff:54:db:87:9b:
d8:08:c5:1f:0c:d0:f8:37:93:fe:ea:78:1f:38:d8:9d:bb:c8:
c7:db:36:51:f9:7b:07:47:8f:9f:50:58:50:75:95:b5:be:e6:
1b:71:d4:aa:54:d6:0e:4a:54:32:ae:0d:3d:7e:5d:e2:17:be:
34:d1:ff:c9:f6:25:a6:db:e4:9a:86:26:18:05:cb:04:4c:e2:
2a:56:56:2c:6a:77:3f:b6:3a:ba:5e:76:d4:0c:07:6e:08:49:
84:81:5e:2f:7a:09:b0:1e:88:1c:42:62:01:51:ba:87:6b:bf:
fa:ec:c6:4f:b9:68:21:d8:c3:d1:f1:5b:79:0d:73:97:e2:03:
c8:21:06:99:0a:eb:d8:d2:41:fd:18:63:64:6f:f6:97:5e:b7:
20:cb:b4:3b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQw
NjI0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE5MERGNDMwQzk3RjhF
RjcwNTBDQTg2NjBCMDg1Nzk3REExN0I3RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzszkYgsKy3OwgqZGv+p+cwKt5xZ8MthgKOLTQnZzkCYl+OXoP
MfNkAkWz4mBGTBqr1MFmDX+3xpZcZ3a+tLjxc8DPI7HK07W9HNd4lNSO98jmselz
a9Wrcmk1tUtFbOBRzjnzRZmHzkhehV9gIPLoF3GTJh06YDA8THRYZu2xWZ30F1NG
lDQtdbnago0pkfVEZjb3pi+HYa6fpBbUSeiylNi5bVhvcuYorLG9aD85ZYYVHCI+
6JY6mMxHA5XOVjLRx9nA6HXOSrWdq1t1+OT5JGA2pTnBlnaKHxczNsgWNQ7LSo3B
IjvRDg+mEcLi/VYbuvZt0fuNvWUkdLzFTey3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGQ30MMl/jvcFDKhmCwhXl9oXt/cwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0dRMzBNTWxfanZjRkRL
aG1Dd2hYbDlvWHRfYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAznS8EVzPvSQuzS7IZ7EKwUylVVuMlKTw
r8QFWmCfWTTJ5cjzMm8MnxaVxDJGZKJLdxNaFgvOvffImnsmxUAUMkHvlXhLSZWs
alcRZj6dfJBOIm0/6zfmn1GH+mZnUbJ59s42vfIOjf9U24eb2AjFHwzQ+DeT/up4
HzjYnbvIx9s2Ufl7B0ePn1BYUHWVtb7mG3HUqlTWDkpUMq4NPX5d4he+NNH/yfYl
ptvkmoYmGAXLBEziKlZWLGp3P7Y6ul521AwHbghJhIFeL3oJsB6IHEJiAVG6h2u/
+uzGT7loIdjD0fFbeQ1zl+IDyCEGmQrr2NJB/RhjZG/2l163IMu0Ow==
-----END CERTIFICATE-----
Generated at Sat May 4 07:53:20 2024 by rpki-client on console-fra.rpki-client.org