Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/rQYi9YFCW3yZ0-0vmYS6N72oMnk.roa
File: rQYi9YFCW3yZ0-0vmYS6N72oMnk.roa (raw, json)
Hash identifier: 6PTUtJKxZgidkjsA0fAC5zK7fxaxBRQJt+oyMeP4Il0=
Subject key identifier: AD:06:22:F5:81:42:5B:7C:99:D3:ED:2F:99:84:BA:37:BD:A8:32:79
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1038
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rQYi9YFCW3yZ0-0vmYS6N72oMnk.roa
Signing time: Wed 03 Apr 2024 05:22:47 +0000
ROA not before: Wed 03 Apr 2024 05:22:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4152 (0x1038)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 3 05:22:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD0622F581425B7C99D3ED2F9984BA37BDA83279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c2:bd:c3:9d:23:79:6f:9e:47:97:98:f6:b1:
b3:8f:bf:48:7b:09:f5:b8:0f:ee:95:45:df:89:0f:
f2:e8:f7:f4:e8:68:b1:c8:31:7a:38:20:b7:a0:d7:
48:78:9f:36:a2:93:ef:bd:ee:49:30:30:e4:05:51:
f7:fa:12:10:2a:45:e3:ba:fb:b1:b3:41:a6:c2:82:
0d:bb:f1:ba:52:0f:a2:ed:c1:a8:9d:0b:e1:77:31:
b7:4c:2e:b4:b5:99:c0:3b:88:7f:7f:1b:ee:a6:9b:
0e:99:e9:52:31:06:1f:15:cf:6c:82:43:56:27:2a:
f7:a3:49:31:6a:f9:08:42:83:c5:d8:93:10:5e:65:
1d:0a:6d:6f:40:74:5a:ba:bd:92:a0:a5:24:3b:e7:
cd:84:90:2d:02:17:f3:cb:74:59:c6:61:e9:96:24:
24:38:94:46:e4:88:72:b2:dc:6f:44:ab:9f:23:96:
5c:5f:40:94:78:33:5e:e5:7e:3d:d7:79:02:f2:35:
89:83:fb:68:f9:a2:6b:0d:e9:84:3c:1e:fa:48:18:
90:c1:ef:80:ea:ff:3e:cf:f0:2b:46:4e:ae:c5:43:
e5:09:1e:57:5b:66:ce:d3:13:40:78:09:24:5a:12:
db:6b:d6:d3:9a:e6:ce:b5:a2:8e:6a:da:0f:0b:e7:
71:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:06:22:F5:81:42:5B:7C:99:D3:ED:2F:99:84:BA:37:BD:A8:32:79
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/rQYi9YFCW3yZ0-0vmYS6N72oMnk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:46:40:6b:fe:13:15:68:51:7b:a4:dd:4b:91:9f:87:8b:c3:
6a:00:b8:cd:0c:b0:d8:80:fb:13:20:2f:33:74:04:cc:07:86:
69:80:29:e6:53:3d:cf:be:7e:b9:b3:78:1c:00:28:41:9a:eb:
bd:0b:88:56:a8:47:7e:70:13:4b:f3:b7:3d:41:58:1f:d5:1a:
89:cc:d7:a1:2a:a5:3f:e2:e2:99:61:e4:e4:46:ca:ff:0e:14:
43:a8:22:18:50:33:03:93:6c:85:2c:09:be:e4:9e:95:f3:98:
96:30:8f:87:a9:ae:f5:2c:2a:f3:de:aa:74:86:4d:b7:b5:e2:
4e:cd:40:3a:7d:c6:6f:39:a9:0d:2e:ba:7d:1f:ad:63:0b:7f:
54:37:44:ea:f0:7c:55:a7:99:f3:15:f5:86:0b:8b:b3:a7:74:
9e:2c:4f:e0:3d:56:a4:a4:5b:58:b1:b9:68:53:aa:d6:a2:dc:
aa:38:d1:2c:c1:d1:77:01:f1:16:50:b6:b1:28:a2:22:ed:60:
6a:54:02:2b:3f:75:dd:41:46:01:d4:e8:fc:fb:d2:66:07:a1:
d3:6d:4a:69:44:b1:41:1d:a0:3f:88:da:24:75:ef:cf:16:d4:
79:a2:bd:dc:4c:36:71:c3:8d:31:a0:a2:c6:03:19:ef:56:8a:
0d:d6:8b:24
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEDgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDMw
NTIyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFEMDYyMkY1ODE0MjVC
N0M5OUQzRUQyRjk5ODRCQTM3QkRBODMyNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTwr3DnSN5b55Hl5j2sbOPv0h7CfW4D+6VRd+JD/Lo9/ToaLHI
MXo4ILeg10h4nzaik++97kkwMOQFUff6EhAqReO6+7GzQabCgg278bpSD6Ltwaid
C+F3MbdMLrS1mcA7iH9/G+6mmw6Z6VIxBh8Vz2yCQ1YnKvejSTFq+QhCg8XYkxBe
ZR0KbW9AdFq6vZKgpSQ7582EkC0CF/PLdFnGYemWJCQ4lEbkiHKy3G9Eq58jllxf
QJR4M17lfj3XeQLyNYmD+2j5omsN6YQ8HvpIGJDB74Dq/z7P8CtGTq7FQ+UJHldb
Zs7TE0B4CSRaEttr1tOa5s61oo5q2g8L53E3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUrQYi9YFCW3yZ0+0vmYS6N72oMnkwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3JRWWk5WUZDVzN5WjAt
MHZtWVM2Tjcyb01uay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAlUZAa/4TFWhRe6TdS5Gfh4vDagC4zQyw
2ID7EyAvM3QEzAeGaYAp5lM9z75+ubN4HAAoQZrrvQuIVqhHfnATS/O3PUFYH9Ua
iczXoSqlP+LimWHk5EbK/w4UQ6giGFAzA5NshSwJvuSelfOYljCPh6mu9Swq896q
dIZNt7XiTs1AOn3GbzmpDS66fR+tYwt/VDdE6vB8VaeZ8xX1hguLs6d0nixP4D1W
pKRbWLG5aFOq1qLcqjjRLMHRdwHxFlC2sSiiIu1galQCKz913UFGAdTo/PvSZgeh
021KaUSxQR2gP4jaJHXvzxbUeaK93Ew2ccONMaCixgMZ71aKDdaLJA==
-----END CERTIFICATE-----
Generated at Wed Apr 3 06:47:48 2024 by rpki-client on console-fra.rpki-client.org