Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/QETalNpMcSC2ypVdzYzI475Ulto.roa
File: QETalNpMcSC2ypVdzYzI475Ulto.roa (raw, json)
Hash identifier: UFh33zpiB6F7qC7YU1tQpMr/pnmZU4OYZXUbiAbwK4s=
Subject key identifier: 40:44:DA:94:DA:4C:71:20:B6:CA:95:5D:CD:8C:C8:E3:BE:54:96:DA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 149A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QETalNpMcSC2ypVdzYzI475Ulto.roa
Signing time: Sun 14 Apr 2024 21:53:17 +0000
ROA not before: Sun 14 Apr 2024 21:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5274 (0x149a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 21:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4044DA94DA4C7120B6CA955DCD8CC8E3BE5496DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:93:d7:8b:73:11:3a:b1:a0:d6:7d:54:e2:da:
ef:89:22:fc:ce:d8:49:7a:9e:10:e6:bd:6f:3e:f6:
00:f0:73:5e:ac:36:e1:be:21:87:69:7b:d9:34:1a:
d2:e7:75:e5:6a:d6:3e:3f:50:4f:c9:b4:55:d6:c2:
3d:3a:a9:63:8a:6e:38:f4:70:12:ca:17:40:1e:38:
58:9b:1d:7f:92:5f:d0:d9:7f:75:2d:37:1f:51:41:
d7:90:34:92:d4:72:da:11:07:e2:98:ed:51:cf:17:
ed:67:d3:09:d8:0c:b3:ac:8e:61:2b:03:bf:89:e6:
2c:3c:0a:70:b9:b5:ad:74:d8:2e:c2:89:c4:94:fb:
2d:53:8f:95:9d:4b:d2:ac:25:73:47:96:60:87:27:
44:45:52:70:c8:49:d3:28:6d:6a:d4:84:c4:3c:da:
04:5b:c3:a6:1a:c0:89:05:e7:5b:7a:ec:9e:cd:2e:
74:a0:bb:c0:c1:76:f0:32:69:fb:49:0e:80:e8:16:
d9:18:a4:c3:a5:72:a9:e3:2e:36:2f:78:00:30:1a:
3f:55:50:98:56:bb:e8:ca:bb:34:7e:28:bb:f0:41:
4e:78:b2:91:69:b2:dd:46:cd:9d:32:c9:44:4a:68:
76:8e:95:bd:68:ed:21:ed:31:45:5d:6d:05:12:69:
59:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:44:DA:94:DA:4C:71:20:B6:CA:95:5D:CD:8C:C8:E3:BE:54:96:DA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QETalNpMcSC2ypVdzYzI475Ulto.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:92:9e:8f:a6:6a:18:f1:aa:b2:dc:99:2d:75:66:86:e5:a8:
4c:a3:f0:77:4e:08:31:75:9a:74:f6:69:b4:2d:3f:af:3e:aa:
33:cc:c3:fb:db:41:60:db:9d:0b:65:6e:b3:f7:4d:f4:0e:5c:
5d:5c:96:e2:05:42:6a:13:08:28:b2:6b:6e:df:8f:b0:40:57:
78:f0:b3:a6:e5:08:62:44:13:0e:8f:2f:d5:84:b1:14:c7:ed:
76:b8:dd:10:7f:25:0f:0b:93:46:3d:e5:e8:4d:74:a4:9e:a6:
5a:ae:0e:2c:4d:3f:a1:33:4e:6c:38:47:c8:50:f0:59:b4:ad:
43:f7:b9:09:69:46:43:ae:63:75:16:5e:8f:e4:36:6f:eb:37:
17:60:84:b1:74:41:24:2d:cf:4f:6c:f4:71:ad:71:f1:eb:47:
21:87:ef:8f:43:b0:a6:f4:7b:53:96:60:db:fd:0f:06:d6:ac:
62:ec:51:1b:79:b9:20:66:45:dc:66:ae:47:bb:c3:b2:66:34:
d2:90:46:61:9d:c8:6b:9e:c7:eb:9c:18:a9:b6:95:50:37:91:
21:d7:7f:52:df:f5:ba:36:ef:e9:25:88:16:7a:a6:b7:0c:15:
5a:7e:1f:bb:75:9c:6e:8a:9d:2c:db:44:3b:83:72:d4:ca:1a:
2b:81:e5:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQy
MTUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQwNDREQTk0REE0Qzcx
MjBCNkNBOTU1RENEOENDOEUzQkU1NDk2REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWk9eLcxE6saDWfVTi2u+JIvzO2El6nhDmvW8+9gDwc16sNuG+
IYdpe9k0GtLndeVq1j4/UE/JtFXWwj06qWOKbjj0cBLKF0AeOFibHX+SX9DZf3Ut
Nx9RQdeQNJLUctoRB+KY7VHPF+1n0wnYDLOsjmErA7+J5iw8CnC5ta102C7CicSU
+y1Tj5WdS9KsJXNHlmCHJ0RFUnDISdMobWrUhMQ82gRbw6YawIkF51t67J7NLnSg
u8DBdvAyaftJDoDoFtkYpMOlcqnjLjYveAAwGj9VUJhWu+jKuzR+KLvwQU54spFp
st1GzZ0yyURKaHaOlb1o7SHtMUVdbQUSaVnVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQETalNpMcSC2ypVdzYzI475UltowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1FFVGFsTnBNY1NDMnlw
VmR6WXpJNDc1VWx0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAHpKej6ZqGPGqstyZLXVmhuWoTKPwd04I
MXWadPZptC0/rz6qM8zD+9tBYNudC2Vus/dN9A5cXVyW4gVCahMIKLJrbt+PsEBX
ePCzpuUIYkQTDo8v1YSxFMftdrjdEH8lDwuTRj3l6E10pJ6mWq4OLE0/oTNObDhH
yFDwWbStQ/e5CWlGQ65jdRZej+Q2b+s3F2CEsXRBJC3PT2z0ca1x8etHIYfvj0Ow
pvR7U5Zg2/0PBtasYuxRG3m5IGZF3GauR7vDsmY00pBGYZ3Ia57H65wYqbaVUDeR
Idd/Ut/1ujbv6SWIFnqmtwwVWn4fu3WcboqdLNtEO4Ny1MoaK4HlFg==
-----END CERTIFICATE-----
Generated at Sun Apr 14 23:31:28 2024 by rpki-client on console-fra.rpki-client.org