Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Q4WL4_MaJRjkAdBbdAC2Cjv--qQ.roa
File: Q4WL4_MaJRjkAdBbdAC2Cjv--qQ.roa (raw, json)
Hash identifier: yzpWM13Vk/0Ehcwp+7VPn+D5xdlUSPZ7TkZhhENdjqE=
Subject key identifier: 43:85:8B:E3:F3:1A:25:18:E4:01:D0:5B:74:00:B6:0A:3B:FE:FA:A4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A9C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Q4WL4_MaJRjkAdBbdAC2Cjv--qQ.roa
Signing time: Tue 30 Apr 2024 22:24:00 +0000
ROA not before: Tue 30 Apr 2024 22:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6812 (0x1a9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 22:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=43858BE3F31A2518E401D05B7400B60A3BFEFAA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:da:9f:73:e3:1a:cc:10:0d:b7:76:d1:44:dc:
50:88:9b:27:81:5f:60:a2:4d:52:1a:78:9f:89:4c:
d8:84:f4:41:14:8d:0a:db:08:c6:68:03:6b:d8:92:
6e:3c:af:f3:b5:b4:99:15:25:c2:c9:4f:d5:11:a7:
4a:3b:9c:3c:da:5a:f2:be:01:05:4a:42:c1:6c:aa:
5b:6c:fc:48:2f:49:ed:7b:29:24:3d:16:7b:23:66:
24:fc:36:19:76:ff:de:c8:ff:3f:33:9d:fe:cb:cc:
49:a2:f6:d6:69:d2:43:59:60:08:02:bd:c7:10:9f:
b7:64:57:97:10:c2:c7:2e:62:15:25:a3:12:ea:b6:
bc:e8:4a:74:8a:9c:df:c4:be:84:24:a0:8a:9d:d7:
98:35:61:f9:e3:05:39:a0:03:1a:52:44:70:90:e7:
d4:27:00:8c:7d:54:a5:97:14:95:8f:c0:c4:d5:17:
31:7c:73:26:ba:b0:36:d7:7c:e6:45:23:59:a6:e6:
75:84:97:ad:b6:35:00:a3:cc:40:c8:75:bd:87:02:
b7:cf:15:88:ef:3c:dd:e8:3b:30:46:a0:8c:3b:bf:
e2:f1:d1:d7:74:2f:ee:9d:8e:25:77:6b:6e:23:44:
c3:72:3b:43:f7:f0:60:d6:8e:b3:6d:9e:65:68:dc:
6b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:85:8B:E3:F3:1A:25:18:E4:01:D0:5B:74:00:B6:0A:3B:FE:FA:A4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Q4WL4_MaJRjkAdBbdAC2Cjv--qQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:45:f4:69:03:14:70:a2:5f:37:a8:b9:49:0f:c7:56:79:08:
46:f7:b4:24:9b:3a:89:df:3d:65:64:cc:2b:b5:4c:50:1d:4a:
30:08:f7:e1:23:29:5d:40:e0:02:e1:ea:56:c5:b5:02:77:e6:
df:3e:31:9b:7c:45:29:49:a5:4f:11:83:2d:b9:af:f9:b2:78:
be:d0:b8:f9:f2:05:11:4f:66:01:8f:ca:fa:2d:70:2a:30:5c:
37:b8:c6:80:06:6c:e7:0f:c2:86:9d:df:58:91:e3:b1:7d:83:
d2:49:a1:23:b2:6a:3c:5e:68:be:68:5e:4e:f1:3f:ac:2c:04:
9b:85:c3:08:d2:ad:c5:e5:73:19:9b:14:0a:17:b4:6d:65:2a:
a6:bf:4e:74:38:2b:b6:5a:ff:f2:3c:d5:51:22:53:4e:8c:15:
4d:7e:59:36:12:12:1f:c8:ea:cf:23:26:bc:e2:f3:a6:a4:f9:
92:97:1b:45:4d:b0:2b:84:bb:21:95:7d:24:52:40:31:1f:6e:
94:ad:48:30:8b:c9:c6:80:0b:66:2d:98:09:04:30:cb:97:79:
05:c6:3b:a8:a0:7d:7a:2f:f9:d0:5d:b9:4b:e0:6b:6d:78:34:
d6:ef:db:67:7f:fc:14:53:d4:cd:e8:80:f7:f6:1c:45:e1:fe:
0b:c3:25:46
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGpwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAy
MjI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzODU4QkUzRjMxQTI1
MThFNDAxRDA1Qjc0MDBCNjBBM0JGRUZBQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC02p9z4xrMEA23dtFE3FCImyeBX2CiTVIaeJ+JTNiE9EEUjQrb
CMZoA2vYkm48r/O1tJkVJcLJT9URp0o7nDzaWvK+AQVKQsFsqlts/EgvSe17KSQ9
FnsjZiT8Nhl2/97I/z8znf7LzEmi9tZp0kNZYAgCvccQn7dkV5cQwscuYhUloxLq
trzoSnSKnN/EvoQkoIqd15g1YfnjBTmgAxpSRHCQ59QnAIx9VKWXFJWPwMTVFzF8
cya6sDbXfOZFI1mm5nWEl622NQCjzEDIdb2HArfPFYjvPN3oOzBGoIw7v+Lx0dd0
L+6djiV3a24jRMNyO0P38GDWjrNtnmVo3GsNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQ4WL4/MaJRjkAdBbdAC2Cjv++qQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1E0V0w0X01hSlJqa0Fk
QmJkQUMyQ2p2LS1xUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA1EX0aQMUcKJfN6i5SQ/HVnkIRve0JJs6
id89ZWTMK7VMUB1KMAj34SMpXUDgAuHqVsW1Anfm3z4xm3xFKUmlTxGDLbmv+bJ4
vtC4+fIFEU9mAY/K+i1wKjBcN7jGgAZs5w/Chp3fWJHjsX2D0kmhI7JqPF5ovmhe
TvE/rCwEm4XDCNKtxeVzGZsUChe0bWUqpr9OdDgrtlr/8jzVUSJTTowVTX5ZNhIS
H8jqzyMmvOLzpqT5kpcbRU2wK4S7IZV9JFJAMR9ulK1IMIvJxoALZi2YCQQwy5d5
BcY7qKB9ei/50F25S+BrbXg01u/bZ3/8FFPUzeiA9/YcReH+C8MlRg==
-----END CERTIFICATE-----
Generated at Tue Apr 30 23:57:58 2024 by rpki-client on console-ams.rpki-client.org