Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/QHGDewvbObKlRwX1Y_A3fEt_8uQ.roa
File: QHGDewvbObKlRwX1Y_A3fEt_8uQ.roa (raw, json)
Hash identifier: XCV8GeH/zmA2HdMk6uUxOi1z3uNkSbAIAc8ycZ2H/Xw=
Subject key identifier: 40:71:83:7B:0B:DB:39:B2:A5:47:05:F5:63:F0:37:7C:4B:7F:F2:E4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1206
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QHGDewvbObKlRwX1Y_A3fEt_8uQ.roa
Signing time: Mon 08 Apr 2024 00:52:56 +0000
ROA not before: Mon 08 Apr 2024 00:52:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4614 (0x1206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 00:52:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4071837B0BDB39B2A54705F563F0377C4B7FF2E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4a:81:4c:76:dd:c4:52:0b:65:4a:29:1d:77:
88:1e:96:88:af:e5:8c:53:88:0b:fe:e8:40:63:37:
86:5b:4d:4d:c9:5c:27:cc:9f:a2:f6:5d:4a:0e:ed:
12:49:08:56:83:44:6d:88:fc:4b:57:0b:ca:3b:93:
dd:e5:04:52:28:87:8e:d3:05:af:c3:e9:1d:f8:3b:
1a:79:5b:69:ec:19:45:62:85:64:6d:05:8b:02:a4:
64:77:c6:3c:5b:d1:d7:ab:d3:88:1b:a4:7e:60:77:
08:e8:84:09:41:a4:a8:17:dc:c2:66:3c:0f:db:17:
e3:18:46:d6:26:97:00:29:11:c5:1f:06:c4:4a:2f:
1d:3f:09:02:e6:26:a5:cd:0d:b8:28:c9:c7:ed:42:
f2:c9:fa:7b:33:ab:6a:9b:e6:c3:77:38:c1:fa:d5:
20:87:98:37:02:05:d0:ce:b3:5c:08:0b:18:9e:67:
9c:99:d7:12:c1:b9:6c:3e:f0:c1:b5:ed:87:8f:59:
4c:ad:00:95:a3:53:e6:2d:eb:0a:da:9f:08:03:a4:
e1:9a:6b:ae:cc:cb:57:4e:61:77:f9:30:f0:a9:ed:
e0:b5:d8:cf:d9:86:d5:fd:fe:06:25:36:f0:26:97:
a0:95:8a:66:22:ba:2e:f7:94:81:47:76:77:cf:72:
95:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:71:83:7B:0B:DB:39:B2:A5:47:05:F5:63:F0:37:7C:4B:7F:F2:E4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QHGDewvbObKlRwX1Y_A3fEt_8uQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:bd:39:ab:d9:20:41:66:e6:53:01:64:5c:39:90:ff:00:17:
bf:23:c2:b2:01:39:71:20:ef:6d:80:55:66:a1:1c:d1:64:6e:
d3:96:77:ef:16:c3:94:37:06:7c:a3:0b:a0:ca:a2:a5:dc:d2:
8a:9c:c8:a6:5c:ab:01:6a:ef:19:57:03:8d:16:50:47:88:af:
a0:96:0b:42:47:b6:2f:53:2f:0e:22:26:ed:4b:18:8f:15:a7:
a8:24:1f:0f:48:01:0f:9d:4f:5d:33:71:5f:91:5b:57:83:8f:
e8:a7:ba:32:d6:90:eb:77:91:35:73:83:60:7a:d0:d9:38:3f:
8f:39:73:13:ac:33:86:af:90:76:f4:11:31:9a:81:fa:20:a7:
dc:cf:2b:13:6c:6e:a7:a3:c9:c4:ff:66:73:13:dd:fe:4f:ad:
63:3f:c4:6c:ac:4f:b5:91:fe:0e:ab:11:dc:f4:7d:da:e0:f0:
83:86:8f:bf:3f:2a:1f:6c:e8:d5:54:94:8f:a5:f0:a7:9a:bf:
ab:b2:d8:34:c8:ce:d0:49:05:1f:d4:88:26:b9:78:f6:c8:00:
51:39:b6:b0:f6:46:d3:41:52:d3:7c:ab:7d:c7:69:8d:f8:d7:
8c:61:18:48:88:23:ed:7e:42:7b:f1:db:4e:e5:c4:ef:0e:4a:
05:5b:1d:1c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEgYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgw
MDUyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQwNzE4MzdCMEJEQjM5
QjJBNTQ3MDVGNTYzRjAzNzdDNEI3RkYyRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMSoFMdt3EUgtlSikdd4geloiv5YxTiAv+6EBjN4ZbTU3JXCfM
n6L2XUoO7RJJCFaDRG2I/EtXC8o7k93lBFIoh47TBa/D6R34Oxp5W2nsGUVihWRt
BYsCpGR3xjxb0der04gbpH5gdwjohAlBpKgX3MJmPA/bF+MYRtYmlwApEcUfBsRK
Lx0/CQLmJqXNDbgoycftQvLJ+nszq2qb5sN3OMH61SCHmDcCBdDOs1wICxieZ5yZ
1xLBuWw+8MG17YePWUytAJWjU+Yt6wranwgDpOGaa67My1dOYXf5MPCp7eC12M/Z
htX9/gYlNvAml6CVimYiui73lIFHdnfPcpW1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQHGDewvbObKlRwX1Y/A3fEt/8uQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1FIR0Rld3ZiT2JLbFJ3
WDFZX0EzZkV0Xzh1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEApL05q9kgQWbmUwFkXDmQ/wAXvyPCsgE5
cSDvbYBVZqEc0WRu05Z37xbDlDcGfKMLoMqipdzSipzIplyrAWrvGVcDjRZQR4iv
oJYLQke2L1MvDiIm7UsYjxWnqCQfD0gBD51PXTNxX5FbV4OP6Ke6MtaQ63eRNXOD
YHrQ2Tg/jzlzE6wzhq+QdvQRMZqB+iCn3M8rE2xup6PJxP9mcxPd/k+tYz/EbKxP
tZH+DqsR3PR92uDwg4aPvz8qH2zo1VSUj6Xwp5q/q7LYNMjO0EkFH9SIJrl49sgA
UTm2sPZG00FS03yrfcdpjfjXjGEYSIgj7X5Ce/HbTuXE7w5KBVsdHA==
-----END CERTIFICATE-----
Generated at Mon Apr 8 02:42:29 2024 by rpki-client on console-fra.rpki-client.org