Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/qjw-rq8wiMgyeOtgF6pwWXs6LXw.roa
File: qjw-rq8wiMgyeOtgF6pwWXs6LXw.roa (raw, json)
Hash identifier: /APo9UgJYr0M3WIGWxbVkwPWNccXm64sAxyqOMW/KE4=
Subject key identifier: AA:3C:3E:AE:AF:30:88:C8:32:78:EB:60:17:AA:70:59:7B:3A:2D:7C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 183A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qjw-rq8wiMgyeOtgF6pwWXs6LXw.roa
Signing time: Wed 24 Apr 2024 13:53:41 +0000
ROA not before: Wed 24 Apr 2024 13:53:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6202 (0x183a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 13:53:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA3C3EAEAF3088C83278EB6017AA70597B3A2D7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:19:69:28:54:2c:13:86:2c:42:ca:ab:0a:ec:
d8:ae:63:a9:33:6d:e3:45:72:9a:91:d0:9d:c7:74:
bd:e7:e6:9a:d1:db:9e:59:33:92:61:fb:c9:5e:1b:
f8:fd:43:34:8e:f8:75:76:75:dd:91:81:a7:ff:97:
eb:7c:e1:ad:26:3e:b7:14:dc:6b:17:b2:b6:c1:42:
7a:a9:f5:ab:7e:bf:ad:a9:e8:3e:04:98:2a:cf:ad:
4c:e4:14:b5:48:54:67:9a:f5:ff:2f:0f:37:fb:64:
f4:ce:3c:7d:fe:0f:82:b7:55:e9:52:10:b8:73:d9:
f8:a7:96:6d:28:6c:77:37:8d:6e:3e:bb:fe:8c:59:
b6:67:1a:f6:53:7d:8c:77:12:0f:17:88:42:48:02:
f6:41:ae:47:ba:7e:e0:a9:24:56:59:e7:f5:19:52:
13:73:91:48:94:d6:60:fd:58:ec:d5:88:bb:3c:7d:
7d:ba:1f:49:b6:06:be:0d:9b:90:e1:eb:94:03:c3:
08:5c:a2:84:03:52:62:1e:48:66:1b:aa:f0:04:a4:
8a:b9:94:ab:e9:ed:59:39:ea:04:7f:da:5d:3a:4c:
5f:13:55:71:a8:ae:32:12:ff:fb:27:6f:61:50:06:
f5:70:6c:6b:3e:a5:7f:1a:85:c6:5d:78:84:8d:f2:
30:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:3C:3E:AE:AF:30:88:C8:32:78:EB:60:17:AA:70:59:7B:3A:2D:7C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qjw-rq8wiMgyeOtgF6pwWXs6LXw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:9d:25:83:01:4a:2e:31:3e:c7:be:06:aa:10:02:ae:8a:31:
55:76:c7:96:06:e8:89:b6:c6:48:0b:b1:bd:33:48:fd:c2:b8:
2c:56:29:e0:35:6e:7f:48:d1:70:e4:70:35:7b:b5:1a:a3:be:
5e:9a:9e:a4:6b:d6:d9:aa:dd:93:40:c2:c1:76:40:ce:59:8a:
e1:46:e1:63:90:c9:e8:01:92:fc:74:b3:fe:a9:4e:8e:b3:c6:
b2:9b:db:f2:c6:10:46:5c:67:15:7d:9b:33:d4:64:34:44:8b:
53:c6:d2:ed:a7:61:5c:bd:a5:33:7b:9c:59:7a:38:2e:fa:c1:
3e:05:3e:89:a5:77:67:93:44:a9:5c:38:3a:89:60:9b:b1:89:
eb:40:77:ce:f1:b5:19:6d:a8:93:b8:9b:20:80:86:cc:2c:77:
66:b4:fa:14:60:e1:97:cc:9c:e9:eb:22:d7:61:49:ff:a0:89:
ce:f2:8e:d9:d5:b1:72:75:18:da:0b:de:cb:30:02:03:5e:4d:
b5:ea:96:55:34:ef:f2:85:fe:f7:01:b8:0b:4b:94:db:f7:0d:
55:3a:d0:dc:36:1b:e8:94:48:f3:58:62:36:a1:8e:c0:6e:d8:
09:89:c6:0f:4d:1b:9a:50:6a:1e:d8:d6:de:18:2a:b3:7d:77:
55:32:a0:50
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQx
MzUzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBM0MzRUFFQUYzMDg4
QzgzMjc4RUI2MDE3QUE3MDU5N0IzQTJEN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/GWkoVCwThixCyqsK7NiuY6kzbeNFcpqR0J3HdL3n5prR255Z
M5Jh+8leG/j9QzSO+HV2dd2Rgaf/l+t84a0mPrcU3GsXsrbBQnqp9at+v62p6D4E
mCrPrUzkFLVIVGea9f8vDzf7ZPTOPH3+D4K3VelSELhz2finlm0obHc3jW4+u/6M
WbZnGvZTfYx3Eg8XiEJIAvZBrke6fuCpJFZZ5/UZUhNzkUiU1mD9WOzViLs8fX26
H0m2Br4Nm5Dh65QDwwhcooQDUmIeSGYbqvAEpIq5lKvp7Vk56gR/2l06TF8TVXGo
rjIS//snb2FQBvVwbGs+pX8ahcZdeISN8jDfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqjw+rq8wiMgyeOtgF6pwWXs6LXwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3Fqdy1ycTh3aU1neWVP
dGdGNnB3V1hzNkxYdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAeZ0lgwFKLjE+x74GqhACrooxVXbHlgbo
ibbGSAuxvTNI/cK4LFYp4DVuf0jRcORwNXu1GqO+XpqepGvW2ardk0DCwXZAzlmK
4UbhY5DJ6AGS/HSz/qlOjrPGspvb8sYQRlxnFX2bM9RkNESLU8bS7adhXL2lM3uc
WXo4LvrBPgU+iaV3Z5NEqVw4Oolgm7GJ60B3zvG1GW2ok7ibIICGzCx3ZrT6FGDh
l8yc6esi12FJ/6CJzvKO2dWxcnUY2gveyzACA15NteqWVTTv8oX+9wG4C0uU2/cN
VTrQ3DYb6JRI81hiNqGOwG7YCYnGD00bmlBqHtjW3hgqs313VTKgUA==
-----END CERTIFICATE-----
Generated at Wed Apr 24 17:56:41 2024 by rpki-client on console-fra.rpki-client.org