Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/QMrC8mCFIvbr4IV3iVCvW5KgEYs.roa
File: QMrC8mCFIvbr4IV3iVCvW5KgEYs.roa (raw, json)
Hash identifier: DSVlsUMAs1bICU7Zg3SShk9lr6nFixHeuy8Ja9/Zv0w=
Subject key identifier: 40:CA:C2:F2:60:85:22:F6:EB:E0:85:77:89:50:AF:5B:92:A0:11:8B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1332
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QMrC8mCFIvbr4IV3iVCvW5KgEYs.roa
Signing time: Thu 11 Apr 2024 03:53:12 +0000
ROA not before: Thu 11 Apr 2024 03:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4914 (0x1332)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 11 03:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=40CAC2F2608522F6EBE085778950AF5B92A0118B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8d:f2:bf:dc:94:f9:2b:65:04:3c:9b:74:49:
da:aa:cf:5a:ea:a3:00:ac:48:26:ae:06:2d:4a:d3:
07:19:4f:3b:23:9f:de:cf:26:44:03:8b:10:e9:28:
c7:ef:ea:5c:f9:c5:ea:f5:5e:92:be:7d:ab:b6:c5:
dd:02:8e:6f:7c:51:22:77:c3:f9:ca:7f:02:50:64:
dc:fd:31:22:e0:61:bf:06:10:3b:76:03:97:0f:84:
b1:e7:db:3f:fa:a1:4b:e6:48:7c:93:75:e3:a2:bf:
81:49:88:58:89:a7:72:5c:b1:18:b8:dd:aa:0a:af:
3b:eb:ce:12:d0:07:a2:78:9f:3d:2c:93:58:21:05:
54:97:26:79:f4:fe:5c:58:0b:47:c0:a3:7d:43:b5:
8a:5b:4f:c1:1c:79:b6:56:df:dc:d0:12:69:aa:ea:
b8:09:2a:eb:97:38:58:4f:05:19:f8:e8:1b:07:ba:
a1:de:63:6e:16:1d:22:83:cf:96:5c:c9:9b:fd:fb:
bb:8e:55:87:cb:ab:06:ed:7f:9b:dd:a0:a0:5a:a2:
f5:22:da:96:0e:ed:b0:54:1b:c5:ad:ce:f9:83:71:
d7:9a:5f:97:03:00:35:ea:75:d0:1f:7b:7e:ec:c7:
29:c6:38:cf:a7:72:ab:57:ef:98:ca:fe:76:4e:80:
0f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CA:C2:F2:60:85:22:F6:EB:E0:85:77:89:50:AF:5B:92:A0:11:8B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QMrC8mCFIvbr4IV3iVCvW5KgEYs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:c0:40:25:36:9e:f1:7d:a9:9e:c4:52:9f:86:88:6c:10:21:
9e:8a:4a:5c:f3:a3:d0:ca:d0:00:f2:8b:ef:f2:2e:99:78:b5:
62:82:18:3f:6c:5b:4a:25:a5:2d:19:37:bc:6c:b9:78:a2:80:
e9:49:2c:0d:e5:02:16:f5:56:3a:72:b4:ea:4e:01:a7:a4:a4:
58:dc:89:21:97:2d:ac:90:58:38:c6:40:ef:38:83:b9:78:a1:
d5:34:25:93:d1:c9:85:40:f6:df:d6:38:a4:b5:00:fb:4f:dc:
d1:4b:5f:b4:f2:82:bb:98:09:f8:c9:45:99:54:36:f0:de:fb:
50:f7:37:40:c7:56:ae:2d:82:6d:c4:99:b4:f5:7e:0a:6c:31:
de:7d:a8:8d:7b:df:2d:b8:68:db:4a:17:08:3b:7d:60:74:3d:
c0:d1:d8:ae:38:b3:c1:84:2b:db:95:75:5f:dd:bc:60:fc:3c:
57:cb:66:ca:66:f3:56:e6:ee:20:cd:b0:3d:b0:97:7e:e6:1d:
53:06:73:90:ad:4b:4f:dc:39:55:ec:da:a4:1a:4e:0d:13:c3:
b2:b3:db:53:ae:27:91:52:b6:38:59:86:a9:3a:4d:06:c8:c3:
d9:82:e0:43:fe:60:2a:21:87:9f:1e:62:17:92:7a:38:2c:93:
27:56:2f:0f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTEw
MzUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQwQ0FDMkYyNjA4NTIy
RjZFQkUwODU3Nzg5NTBBRjVCOTJBMDExOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCjfK/3JT5K2UEPJt0Sdqqz1rqowCsSCauBi1K0wcZTzsjn97P
JkQDixDpKMfv6lz5xer1XpK+fau2xd0Cjm98USJ3w/nKfwJQZNz9MSLgYb8GEDt2
A5cPhLHn2z/6oUvmSHyTdeOiv4FJiFiJp3JcsRi43aoKrzvrzhLQB6J4nz0sk1gh
BVSXJnn0/lxYC0fAo31DtYpbT8EcebZW39zQEmmq6rgJKuuXOFhPBRn46BsHuqHe
Y24WHSKDz5ZcyZv9+7uOVYfLqwbtf5vdoKBaovUi2pYO7bBUG8WtzvmDcdeaX5cD
ADXqddAfe37sxynGOM+ncqtX75jK/nZOgA/VAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQMrC8mCFIvbr4IV3iVCvW5KgEYswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1FNckM4bUNGSXZicjRJ
VjNpVkN2VzVLZ0VZcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAn8BAJTae8X2pnsRSn4aIbBAhnopKXPOj
0MrQAPKL7/IumXi1YoIYP2xbSiWlLRk3vGy5eKKA6UksDeUCFvVWOnK06k4Bp6Sk
WNyJIZctrJBYOMZA7ziDuXih1TQlk9HJhUD239Y4pLUA+0/c0UtftPKCu5gJ+MlF
mVQ28N77UPc3QMdWri2CbcSZtPV+Cmwx3n2ojXvfLbho20oXCDt9YHQ9wNHYrjiz
wYQr25V1X928YPw8V8tmymbzVubuIM2wPbCXfuYdUwZzkK1LT9w5VezapBpODRPD
srPbU64nkVK2OFmGqTpNBsjD2YLgQ/5gKiGHnx5iF5J6OCyTJ1YvDw==
-----END CERTIFICATE-----
Generated at Thu Apr 11 05:20:16 2024 by rpki-client on console-ams.rpki-client.org