Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/qymw-D7lgyGVHKaQujwUJmWX0cg.roa
File: qymw-D7lgyGVHKaQujwUJmWX0cg.roa (raw, json)
Hash identifier: 2UrwZ6Cfbq1B9b5OHkd0OOLHtXxdr1mN6ujljmhlDNE=
Subject key identifier: AB:29:B0:F8:3E:E5:83:21:95:1C:A6:90:BA:3C:14:26:65:97:D1:C8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 150C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qymw-D7lgyGVHKaQujwUJmWX0cg.roa
Signing time: Tue 16 Apr 2024 02:24:17 +0000
ROA not before: Tue 16 Apr 2024 02:24:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5388 (0x150c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 16 02:24:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AB29B0F83EE58321951CA690BA3C14266597D1C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8a:f7:5b:02:ad:b1:6b:db:d0:9e:9c:a6:2a:
2e:97:ec:7d:0e:c7:9e:4e:28:ab:81:13:f1:6d:29:
d6:7a:a7:9f:3e:08:10:b3:94:85:ba:ab:43:88:8e:
3c:00:6e:02:9f:6c:cf:6b:7a:08:db:0e:05:8d:42:
3c:2c:78:61:0b:7c:12:1c:b2:f8:95:0a:c9:2a:5d:
18:71:3a:1d:27:79:2d:ec:59:99:a6:c2:5f:e9:a9:
f2:66:21:78:18:30:f7:c2:a2:71:f4:f0:25:d7:78:
3b:e7:9b:36:ed:e0:18:47:72:09:ca:31:ae:70:e6:
28:63:10:14:06:1a:81:eb:ae:41:47:ba:b9:ce:7c:
8e:c9:37:23:c4:66:0d:9d:bb:5f:95:91:be:5c:a9:
f1:8d:c5:24:59:cb:65:59:b3:92:d1:19:1e:fd:87:
40:80:62:03:a7:3d:28:f7:93:12:8a:8a:f2:27:31:
da:c1:9d:38:92:85:3b:6f:99:31:12:04:66:ed:87:
5a:8b:c9:86:cb:84:26:67:b0:70:b4:67:aa:bb:7c:
68:9f:43:68:9b:06:a6:2c:8c:d0:9e:61:fe:3e:2b:
a2:33:06:ee:05:1e:1d:73:38:0b:55:ba:c1:fb:73:
3a:05:f7:f6:fb:2c:bd:8b:fd:07:77:33:1a:2b:b4:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:29:B0:F8:3E:E5:83:21:95:1C:A6:90:BA:3C:14:26:65:97:D1:C8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qymw-D7lgyGVHKaQujwUJmWX0cg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:6e:1f:e8:8d:ec:7d:b7:2e:1d:a9:22:cc:f4:3c:b0:ef:2a:
3e:d7:38:cb:22:69:4d:68:61:e1:3f:89:6b:80:24:2a:1b:88:
ef:b9:1b:34:c9:75:93:76:d7:6b:ac:d6:0c:74:96:f3:66:e6:
4c:48:2f:6b:1f:be:be:4b:42:4a:6f:32:77:44:3f:ce:3a:63:
75:57:f5:dd:ab:12:75:09:79:fb:82:36:96:36:9d:c7:b5:c6:
f1:0f:06:7c:1b:4c:4e:81:82:16:74:f7:07:e5:b2:db:6e:29:
96:58:c8:43:e8:3e:a1:61:f3:a5:24:42:1d:c5:91:2e:86:d4:
bb:63:74:a2:b2:40:e7:a6:84:10:2f:0f:17:21:f1:1d:a0:7a:
59:a3:90:87:45:87:be:2b:6d:6c:c8:3f:98:fc:3a:81:57:37:
2d:a3:31:92:f3:f5:b3:27:16:bc:2c:91:86:20:78:5c:dc:76:
17:bc:37:f0:ee:27:d2:90:66:ce:09:2a:68:6f:1d:3c:8f:68:
97:70:c6:7c:ee:27:69:31:c2:55:87:14:c9:49:ef:92:c4:81:
84:5a:50:91:5b:98:8d:b4:e1:36:c8:78:ac:e8:32:f3:ed:11:
9e:8c:80:75:e7:3f:08:92:44:35:ed:dc:57:c9:07:03:e1:ab:
89:4c:38:08
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFQwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTYw
MjI0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCMjlCMEY4M0VFNTgz
MjE5NTFDQTY5MEJBM0MxNDI2NjU5N0QxQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSivdbAq2xa9vQnpymKi6X7H0Ox55OKKuBE/FtKdZ6p58+CBCz
lIW6q0OIjjwAbgKfbM9regjbDgWNQjwseGELfBIcsviVCskqXRhxOh0neS3sWZmm
wl/pqfJmIXgYMPfConH08CXXeDvnmzbt4BhHcgnKMa5w5ihjEBQGGoHrrkFHurnO
fI7JNyPEZg2du1+Vkb5cqfGNxSRZy2VZs5LRGR79h0CAYgOnPSj3kxKKivInMdrB
nTiShTtvmTESBGbth1qLyYbLhCZnsHC0Z6q7fGifQ2ibBqYsjNCeYf4+K6IzBu4F
Hh1zOAtVusH7czoF9/b7LL2L/Qd3MxortE8lAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqymw+D7lgyGVHKaQujwUJmWX0cgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3F5bXctRDdsZ3lHVkhL
YVF1andVSm1XWDBjZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEATW4f6I3sfbcuHakizPQ8sO8qPtc4yyJp
TWhh4T+Ja4AkKhuI77kbNMl1k3bXa6zWDHSW82bmTEgvax++vktCSm8yd0Q/zjpj
dVf13asSdQl5+4I2ljadx7XG8Q8GfBtMToGCFnT3B+Wy224plljIQ+g+oWHzpSRC
HcWRLobUu2N0orJA56aEEC8PFyHxHaB6WaOQh0WHvittbMg/mPw6gVc3LaMxkvP1
sycWvCyRhiB4XNx2F7w38O4n0pBmzgkqaG8dPI9ol3DGfO4naTHCVYcUyUnvksSB
hFpQkVuYjbThNsh4rOgy8+0RnoyAdec/CJJENe3cV8kHA+GriUw4CA==
-----END CERTIFICATE-----
Generated at Tue Apr 16 03:17:46 2024 by rpki-client on console-fra.rpki-client.org