Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/qxPWl-5o3B6DQYPbl8f9MzLEV6g.roa
File: qxPWl-5o3B6DQYPbl8f9MzLEV6g.roa (raw, json)
Hash identifier: 8R87pvItW2VvlLk9Vy282buAoSmE/+KnQKjo9vfI6ts=
Subject key identifier: AB:13:D6:97:EE:68:DC:1E:83:41:83:DB:97:C7:FD:33:32:C4:57:A8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 184A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qxPWl-5o3B6DQYPbl8f9MzLEV6g.roa
Signing time: Wed 24 Apr 2024 17:53:39 +0000
ROA not before: Wed 24 Apr 2024 17:53:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6218 (0x184a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 17:53:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AB13D697EE68DC1E834183DB97C7FD3332C457A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4b:b3:38:bf:f7:2b:63:61:35:36:e9:5b:02:
a3:7e:42:82:33:56:28:c5:03:50:4f:0e:a4:5e:eb:
dd:a7:41:93:7e:48:e6:3e:f5:b2:b0:d8:2f:3b:c2:
59:52:27:bd:bd:fd:5e:b1:90:07:e2:58:54:27:cc:
0c:f2:a0:0e:11:4c:b4:c4:0b:1f:6f:8e:d7:3c:c2:
fe:bd:38:99:27:50:21:74:f1:ad:34:5b:e2:cd:20:
46:60:6f:3d:6c:76:65:8f:2f:a4:94:64:97:29:07:
0f:f7:89:ed:67:81:66:45:18:1c:03:e7:91:d0:b2:
b7:34:8f:1a:99:41:29:55:f0:4a:4c:bf:6c:43:0d:
2f:35:f3:88:9c:13:02:ae:38:d5:36:4e:18:71:78:
e2:58:ae:41:1c:fb:eb:50:02:bc:7b:81:29:c1:52:
24:a6:cd:33:40:86:e4:8e:82:f1:89:32:e1:88:bc:
8b:c0:d3:36:8d:7c:ac:f6:21:77:b5:0f:6e:d3:f5:
38:5a:41:29:a9:c5:cf:68:0f:35:2b:58:0b:db:ec:
4c:98:50:17:9c:0b:4b:f7:24:a5:3b:36:75:57:da:
8e:65:86:31:cd:00:c6:97:c3:15:4d:c5:21:be:2d:
66:25:fa:23:28:76:bd:b9:bb:09:32:48:f0:48:e3:
89:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:13:D6:97:EE:68:DC:1E:83:41:83:DB:97:C7:FD:33:32:C4:57:A8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qxPWl-5o3B6DQYPbl8f9MzLEV6g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c3:f7:f8:3e:20:b2:e4:69:4d:5a:28:1a:b3:fa:23:ae:15:74:
3f:8d:40:42:b3:26:c3:0d:0d:51:c0:21:6c:85:e5:c8:27:01:
84:e3:4f:3b:56:c5:4f:0e:b7:57:4b:4b:fc:32:7f:dc:13:84:
d4:ad:d9:af:5c:7d:bd:7b:88:79:e9:8a:5f:fe:d4:3b:de:17:
d2:54:60:c6:21:85:e7:4a:f9:76:6a:6b:f2:d6:5c:04:ce:0b:
42:36:48:d0:b6:e2:dc:30:cf:b4:95:95:ad:f1:e4:31:3f:63:
6e:ad:c0:26:6c:4d:c8:59:89:6e:28:43:a4:27:1b:21:ab:ab:
ae:e0:e2:c8:dc:e9:18:8d:7b:1e:4a:66:15:2f:33:37:4d:14:
97:90:22:77:86:83:34:77:a7:1f:6b:54:92:1f:86:ff:06:3b:
9c:70:a7:0c:a3:9d:8d:89:60:16:e7:43:68:9d:70:c2:e4:14:
e9:a3:46:0c:5a:1b:33:c4:f3:80:3d:af:96:c0:0f:b2:ca:fb:
b1:0f:86:d7:74:41:56:a6:22:75:54:a0:90:75:63:e9:db:c7:
0d:86:22:36:a0:21:79:13:11:5c:a2:a7:29:e3:03:5c:14:74:
b2:8e:a7:c8:73:53:90:9d:bc:c3:7c:3b:e2:26:f7:fa:14:11:
55:b8:f1:70
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQx
NzUzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCMTNENjk3RUU2OERD
MUU4MzQxODNEQjk3QzdGRDMzMzJDNDU3QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdS7M4v/crY2E1NulbAqN+QoIzVijFA1BPDqRe692nQZN+SOY+
9bKw2C87wllSJ729/V6xkAfiWFQnzAzyoA4RTLTECx9vjtc8wv69OJknUCF08a00
W+LNIEZgbz1sdmWPL6SUZJcpBw/3ie1ngWZFGBwD55HQsrc0jxqZQSlV8EpMv2xD
DS8184icEwKuONU2ThhxeOJYrkEc++tQArx7gSnBUiSmzTNAhuSOgvGJMuGIvIvA
0zaNfKz2IXe1D27T9ThaQSmpxc9oDzUrWAvb7EyYUBecC0v3JKU7NnVX2o5lhjHN
AMaXwxVNxSG+LWYl+iModr25uwkySPBI44nLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqxPWl+5o3B6DQYPbl8f9MzLEV6gwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3F4UFdsLTVvM0I2RFFZ
UGJsOGY5TXpMRVY2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAw/f4PiCy5GlNWigas/ojrhV0P41AQrMm
ww0NUcAhbIXlyCcBhONPO1bFTw63V0tL/DJ/3BOE1K3Zr1x9vXuIeemKX/7UO94X
0lRgxiGF50r5dmpr8tZcBM4LQjZI0Lbi3DDPtJWVrfHkMT9jbq3AJmxNyFmJbihD
pCcbIaurruDiyNzpGI17HkpmFS8zN00Ul5Aid4aDNHenH2tUkh+G/wY7nHCnDKOd
jYlgFudDaJ1wwuQU6aNGDFobM8TzgD2vlsAPssr7sQ+G13RBVqYidVSgkHVj6dvH
DYYiNqAheRMRXKKnKeMDXBR0so6nyHNTkJ28w3w74ib3+hQRVbjxcA==
-----END CERTIFICATE-----
Generated at Wed Apr 24 22:48:46 2024 by rpki-client on console-ams.rpki-client.org