Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/QVEbOPsXyz4Cj9B4dlr89GmyDak.roa
File: QVEbOPsXyz4Cj9B4dlr89GmyDak.roa (raw, json)
Hash identifier: Cd8K/fO5ZPOU4VpmjF83INTC65Sx7OZq7jwypdDEGsM=
Subject key identifier: 41:51:1B:38:FB:17:CB:3E:02:8F:D0:78:76:5A:FC:F4:69:B2:0D:A9
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1CEC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QVEbOPsXyz4Cj9B4dlr89GmyDak.roa
Signing time: Tue 07 May 2024 02:24:21 +0000
ROA not before: Tue 07 May 2024 02:24:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7404 (0x1cec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 7 02:24:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=41511B38FB17CB3E028FD078765AFCF469B20DA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c8:1e:6e:d6:49:83:1f:ab:05:48:32:a1:f8:
bb:c2:56:ce:bc:62:be:b7:71:36:88:99:d2:c1:4d:
a3:41:c7:ff:c6:10:80:a7:28:e5:f3:5d:b9:25:19:
d8:42:d4:25:4d:4a:18:16:f9:d6:29:ec:67:ec:6c:
d5:f3:69:da:c9:74:38:1a:e5:e7:1a:df:2c:54:8a:
bc:73:9b:9c:00:f4:5e:9a:ea:c6:cd:71:b1:e4:46:
32:55:12:a1:ae:1d:c3:bb:83:55:9c:a9:df:06:0f:
4a:f6:89:0d:bd:11:11:e5:14:9f:e7:3b:65:dc:89:
a2:e6:59:89:af:7b:1f:6e:44:03:ad:f7:c9:94:90:
5f:f0:9b:54:20:45:40:cb:23:b8:0d:b8:81:27:7c:
0b:ff:51:c7:39:c7:ce:d1:c4:04:30:f8:53:46:2e:
ba:6f:f2:c9:b4:9a:fc:e9:f0:9d:f1:ea:56:8e:ce:
70:19:c6:c4:eb:95:7b:b1:d1:7c:25:1a:ce:1c:46:
77:a6:0c:84:db:56:4c:44:d2:89:f9:b0:84:98:27:
17:ce:6d:19:c6:24:ee:00:6a:10:8d:fa:45:f0:d3:
5d:dc:11:14:22:32:cb:f5:65:f8:c2:14:0a:b1:fe:
74:5b:6c:1c:f7:29:07:2f:47:8a:32:65:ea:81:aa:
5a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:51:1B:38:FB:17:CB:3E:02:8F:D0:78:76:5A:FC:F4:69:B2:0D:A9
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QVEbOPsXyz4Cj9B4dlr89GmyDak.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:51:8e:d8:92:da:b8:78:f7:aa:5c:38:a6:e5:24:c5:65:7d:
a7:8d:2b:c0:14:e3:28:8b:ec:fc:ec:e1:61:79:9a:3e:d3:68:
70:f6:e9:8d:de:36:26:63:06:33:72:52:8d:07:d1:a2:a0:1b:
56:fe:bb:dc:bc:7c:7c:4f:02:aa:25:d4:1a:23:d9:22:d2:dc:
af:71:52:9e:f6:be:2f:33:4b:0b:d2:40:85:84:9c:1f:36:ef:
4c:52:80:aa:9f:f5:f8:26:a3:be:f1:2f:b0:1e:62:49:18:f9:
fe:fd:be:e7:bf:45:a0:38:77:18:cd:64:d7:e0:e9:7b:5b:2c:
95:14:ef:f9:13:ee:cf:5e:08:62:de:c7:f8:bd:e1:c8:7c:45:
e3:62:88:2e:4f:0f:93:c8:0d:87:6b:fd:99:ea:6d:69:2d:14:
86:69:89:c7:2a:c5:26:33:4f:68:f1:b3:41:98:f5:c9:88:42:
0c:58:98:5d:85:e1:da:3a:80:87:4d:8f:fc:b6:3f:ce:39:d9:
c4:2c:08:3e:bd:c7:cd:13:f4:4a:6b:44:84:5b:77:2f:3d:f8:
fc:e1:bb:3f:7b:ed:ed:b3:e8:80:85:f9:e9:9c:f9:9d:6b:4e:
81:9c:9f:5a:b7:03:2b:71:d4:be:35:8e:71:eb:92:bc:6b:16:
41:65:95:8b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDcw
MjI0MjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxNTExQjM4RkIxN0NC
M0UwMjhGRDA3ODc2NUFGQ0Y0NjlCMjBEQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5yB5u1kmDH6sFSDKh+LvCVs68Yr63cTaImdLBTaNBx//GEICn
KOXzXbklGdhC1CVNShgW+dYp7GfsbNXzadrJdDga5eca3yxUirxzm5wA9F6a6sbN
cbHkRjJVEqGuHcO7g1Wcqd8GD0r2iQ29ERHlFJ/nO2XciaLmWYmvex9uRAOt98mU
kF/wm1QgRUDLI7gNuIEnfAv/Ucc5x87RxAQw+FNGLrpv8sm0mvzp8J3x6laOznAZ
xsTrlXux0XwlGs4cRnemDITbVkxE0on5sISYJxfObRnGJO4AahCN+kXw013cERQi
Msv1ZfjCFAqx/nRbbBz3KQcvR4oyZeqBqlofAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQVEbOPsXyz4Cj9B4dlr89GmyDakwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1FWRWJPUHNYeXo0Q2o5
QjRkbHI4OUdteURhay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAmFGO2JLauHj3qlw4puUkxWV9p40rwBTj
KIvs/OzhYXmaPtNocPbpjd42JmMGM3JSjQfRoqAbVv673Lx8fE8CqiXUGiPZItLc
r3FSnva+LzNLC9JAhYScHzbvTFKAqp/1+CajvvEvsB5iSRj5/v2+579FoDh3GM1k
1+Dpe1sslRTv+RPuz14IYt7H+L3hyHxF42KILk8Pk8gNh2v9meptaS0UhmmJxyrF
JjNPaPGzQZj1yYhCDFiYXYXh2jqAh02P/LY/zjnZxCwIPr3HzRP0SmtEhFt3Lz34
/OG7P3vt7bPogIX56Zz5nWtOgZyfWrcDK3HUvjWOceuSvGsWQWWViw==
-----END CERTIFICATE-----
Generated at Tue May 7 03:55:50 2024 by rpki-client on console-fra.rpki-client.org