Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/qRLzBfW8UtZOsMxSp4zgUSGfuPU.roa
File: qRLzBfW8UtZOsMxSp4zgUSGfuPU.roa (raw, json)
Hash identifier: xuigo7lzrlRayEyUs9LMtT5uZwnZOw1DDUAL/qI1emM=
Subject key identifier: A9:12:F3:05:F5:BC:52:D6:4E:B0:CC:52:A7:8C:E0:51:21:9F:B8:F5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1574
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qRLzBfW8UtZOsMxSp4zgUSGfuPU.roa
Signing time: Wed 17 Apr 2024 04:23:21 +0000
ROA not before: Wed 17 Apr 2024 04:23:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5492 (0x1574)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 04:23:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A912F305F5BC52D64EB0CC52A78CE051219FB8F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3a:76:b0:0c:c7:5d:ef:83:54:05:b0:d4:34:
77:50:b9:19:72:b8:52:8e:c4:d8:93:31:e7:75:ad:
2f:09:92:60:b3:2e:35:45:c9:d7:ac:62:34:d7:b2:
20:7b:49:bc:7b:e9:f1:3c:3b:a3:43:11:a7:2e:14:
fd:21:85:7b:ca:a0:88:be:d1:14:0d:f1:8e:c7:2d:
74:4c:7b:ec:ba:b2:bf:c7:0c:59:5d:c3:02:ff:ac:
c1:32:e7:69:42:f7:56:15:60:4a:7c:02:60:ac:a0:
e6:91:35:84:b9:4d:cb:44:0c:73:7c:c6:96:7c:e0:
35:c0:b7:11:eb:c6:4f:d6:af:25:18:e7:c3:cf:56:
7d:48:1d:ff:b3:6f:a6:ba:09:86:77:81:18:64:ec:
d4:1c:35:7d:c3:cc:7d:95:07:58:22:40:0e:70:09:
d5:ee:b8:20:32:e9:ea:c8:04:f0:e7:f6:f8:b8:cf:
35:4c:ca:4b:32:97:c0:fb:97:d8:0b:8d:fd:7a:d4:
27:d3:57:29:ca:2d:9c:b9:b2:18:0e:b6:4f:8e:6c:
6b:85:3a:3d:20:62:53:6d:4c:23:51:6e:95:9a:df:
a6:69:24:3e:19:03:54:69:c1:bb:1e:e6:de:fb:08:
34:9c:66:26:3a:db:cf:33:86:4f:26:f1:46:78:1e:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:12:F3:05:F5:BC:52:D6:4E:B0:CC:52:A7:8C:E0:51:21:9F:B8:F5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qRLzBfW8UtZOsMxSp4zgUSGfuPU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:65:dd:9d:a1:1d:3f:0b:e2:3b:27:8b:d4:ae:5e:6d:cc:44:
2f:4b:ac:6b:f7:4b:ba:29:61:6f:e6:2d:89:00:07:58:1f:84:
4a:d0:26:51:35:ba:50:d5:c1:7f:46:87:4c:65:67:76:d2:15:
a6:f7:73:c0:86:cf:f8:d3:d0:cb:c0:65:8f:d1:33:8f:a4:8c:
85:0a:9f:01:35:6a:c1:c9:95:83:a3:a5:7f:9f:36:0c:e3:44:
11:3c:82:d6:e3:3d:36:1b:73:c8:2c:ed:80:05:8e:be:0d:3b:
7c:28:44:4c:27:2c:1b:1d:d6:41:c7:3c:48:4f:93:30:05:d8:
ea:1d:00:e4:75:ea:23:74:de:3c:98:4e:c7:c5:46:2e:3a:58:
8d:5a:69:68:37:d6:8e:1e:5d:d3:9f:29:d6:a8:2e:25:70:b7:
93:51:c3:bf:5a:49:a6:36:9b:56:07:fc:d9:72:57:2c:b1:6c:
26:68:9e:5c:91:5d:2f:68:36:57:d7:62:4b:ce:bc:ce:64:8f:
81:e8:95:77:75:6f:96:3f:6a:43:3b:98:08:6d:1c:cd:15:68:
45:21:ed:ff:d5:1a:db:3c:34:a9:67:02:e0:6f:fc:4f:82:57:
e7:00:18:a1:b4:01:47:21:9a:d5:7f:29:ac:92:3b:9c:5f:82:
ac:5c:8a:74
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcw
NDIzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE5MTJGMzA1RjVCQzUy
RDY0RUIwQ0M1MkE3OENFMDUxMjE5RkI4RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYOnawDMdd74NUBbDUNHdQuRlyuFKOxNiTMed1rS8JkmCzLjVF
ydesYjTXsiB7Sbx76fE8O6NDEacuFP0hhXvKoIi+0RQN8Y7HLXRMe+y6sr/HDFld
wwL/rMEy52lC91YVYEp8AmCsoOaRNYS5TctEDHN8xpZ84DXAtxHrxk/WryUY58PP
Vn1IHf+zb6a6CYZ3gRhk7NQcNX3DzH2VB1giQA5wCdXuuCAy6erIBPDn9vi4zzVM
yksyl8D7l9gLjf161CfTVynKLZy5shgOtk+ObGuFOj0gYlNtTCNRbpWa36ZpJD4Z
A1Rpwbse5t77CDScZiY6288zhk8m8UZ4Hv9RAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqRLzBfW8UtZOsMxSp4zgUSGfuPUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3FSTHpCZlc4VXRaT3NN
eFNwNHpnVVNHZnVQVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAjGXdnaEdPwviOyeL1K5ebcxEL0usa/dL
uilhb+YtiQAHWB+EStAmUTW6UNXBf0aHTGVndtIVpvdzwIbP+NPQy8Blj9Ezj6SM
hQqfATVqwcmVg6Olf582DONEETyC1uM9NhtzyCztgAWOvg07fChETCcsGx3WQcc8
SE+TMAXY6h0A5HXqI3TePJhOx8VGLjpYjVppaDfWjh5d058p1qguJXC3k1HDv1pJ
pjabVgf82XJXLLFsJmieXJFdL2g2V9diS868zmSPgeiVd3Vvlj9qQzuYCG0czRVo
RSHt/9Ua2zw0qWcC4G/8T4JX5wAYobQBRyGa1X8prJI7nF+CrFyKdA==
-----END CERTIFICATE-----
Generated at Wed Apr 17 06:43:04 2024 by rpki-client on console-fra.rpki-client.org