Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/QuB8mqdxXNblcSFDuxBiNx3AhFc.roa
File: QuB8mqdxXNblcSFDuxBiNx3AhFc.roa (raw, json)
Hash identifier: N3qCeuFAL6V7GptAkXCS906G29nO4GnUZ8LBQhKUzk8=
Subject key identifier: 42:E0:7C:9A:A7:71:5C:D6:E5:71:21:43:BB:10:62:37:1D:C0:84:57
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1094
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QuB8mqdxXNblcSFDuxBiNx3AhFc.roa
Signing time: Thu 04 Apr 2024 04:22:44 +0000
ROA not before: Thu 04 Apr 2024 04:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4244 (0x1094)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 04:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=42E07C9AA7715CD6E5712143BB1062371DC08457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:aa:60:7d:25:56:e0:69:ad:d3:06:15:0f:30:
4e:cc:ef:ff:37:38:85:fe:8d:54:70:22:dd:10:ba:
2f:51:4a:88:0b:b4:56:dd:fe:b2:41:aa:0f:82:83:
2c:91:a7:9c:d3:17:75:73:ab:c7:3d:b4:8a:0b:9a:
9d:5c:6d:d2:fc:bb:8c:7f:42:2e:02:21:b0:0c:96:
c7:b3:d3:15:c5:c6:3a:76:08:6c:3d:8b:b7:1f:0a:
80:fb:1f:57:27:80:91:a2:6c:57:72:74:fa:56:62:
63:f4:d6:17:34:ea:ba:cc:f9:c7:7c:5d:84:00:c8:
89:37:c8:ff:66:c6:1f:29:3d:06:6b:16:ce:b6:17:
54:a8:31:c3:86:bc:33:cd:5e:1c:55:7a:d9:ec:29:
cd:86:fb:ef:36:3b:a1:ad:cd:0b:84:d9:05:3d:15:
a3:e8:34:3a:87:92:56:8b:1a:62:6f:f6:17:03:76:
b4:a2:1b:8b:5f:be:6c:f1:21:80:4e:e4:f9:98:50:
21:d0:e2:48:81:bd:96:2e:bf:2f:af:62:7d:4b:82:
96:2f:dc:34:67:63:95:fd:56:b3:37:1f:67:13:47:
1d:d1:25:0a:e5:8f:f9:50:3b:38:8a:d6:4d:8d:37:
d2:46:45:e3:c1:f6:d9:c9:a6:5d:69:04:ad:80:33:
e1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E0:7C:9A:A7:71:5C:D6:E5:71:21:43:BB:10:62:37:1D:C0:84:57
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QuB8mqdxXNblcSFDuxBiNx3AhFc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:74:b1:ee:38:77:26:eb:8e:07:d2:0c:17:3a:f0:5a:5e:1e:
5c:ab:7e:ff:8f:36:af:9e:19:c9:32:49:e7:d2:62:f7:2d:c9:
6b:0e:dd:ff:0e:aa:5f:a9:2d:25:9c:b3:02:fc:02:87:6f:5f:
5d:76:ec:cc:93:b5:d9:0d:4d:cd:90:35:da:f0:18:c7:ad:f0:
d4:be:5e:a5:e6:94:a5:da:0a:82:0e:6a:13:45:7e:d2:32:82:
b2:0e:29:cc:a0:bc:d2:43:73:1a:0e:fd:00:ce:a4:f0:2a:1a:
9e:af:55:b2:14:3f:44:45:07:58:65:6f:b6:51:f1:01:b6:7a:
e0:92:2f:ce:e2:de:f0:04:4d:c1:6c:f0:fb:10:3f:f5:7b:b6:
24:57:50:02:cd:9b:95:3c:7f:92:d4:0e:5b:c6:3b:a1:e5:94:
c1:a3:98:6a:a1:bb:0d:f1:ea:0e:b2:59:80:18:b9:9d:af:dd:
c4:f7:10:90:e1:22:43:02:67:07:53:8d:c6:2b:bb:ce:62:08:
da:59:fd:b9:95:99:08:cc:55:d7:04:a6:7e:ea:5e:71:35:ca:
54:2b:b4:bc:a2:0e:62:40:91:bf:85:76:3a:26:4e:25:b1:3f:
70:34:84:c0:b8:60:63:77:ed:d8:31:92:fc:5a:ae:4c:1f:0b:
2f:0e:bc:03
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQw
NDIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyRTA3QzlBQTc3MTVD
RDZFNTcxMjE0M0JCMTA2MjM3MURDMDg0NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvqmB9JVbgaa3TBhUPME7M7/83OIX+jVRwIt0Qui9RSogLtFbd
/rJBqg+CgyyRp5zTF3Vzq8c9tIoLmp1cbdL8u4x/Qi4CIbAMlsez0xXFxjp2CGw9
i7cfCoD7H1cngJGibFdydPpWYmP01hc06rrM+cd8XYQAyIk3yP9mxh8pPQZrFs62
F1SoMcOGvDPNXhxVetnsKc2G++82O6GtzQuE2QU9FaPoNDqHklaLGmJv9hcDdrSi
G4tfvmzxIYBO5PmYUCHQ4kiBvZYuvy+vYn1LgpYv3DRnY5X9VrM3H2cTRx3RJQrl
j/lQOziK1k2NN9JGRePB9tnJpl1pBK2AM+HpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQuB8mqdxXNblcSFDuxBiNx3AhFcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1F1QjhtcWR4WE5ibGNT
RkR1eEJpTngzQWhGYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAd3Sx7jh3JuuOB9IMFzrwWl4eXKt+/482
r54ZyTJJ59Ji9y3Jaw7d/w6qX6ktJZyzAvwCh29fXXbszJO12Q1NzZA12vAYx63w
1L5epeaUpdoKgg5qE0V+0jKCsg4pzKC80kNzGg79AM6k8Coanq9VshQ/REUHWGVv
tlHxAbZ64JIvzuLe8ARNwWzw+xA/9Xu2JFdQAs2blTx/ktQOW8Y7oeWUwaOYaqG7
DfHqDrJZgBi5na/dxPcQkOEiQwJnB1ONxiu7zmII2ln9uZWZCMxV1wSmfupecTXK
VCu0vKIOYkCRv4V2OiZOJbE/cDSEwLhgY3ft2DGS/FquTB8LLw68Aw==
-----END CERTIFICATE-----
Generated at Thu Apr 4 09:24:12 2024 by rpki-client on console-ams.rpki-client.org