Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/tQDOJpsntc1vWBn1iXKVetmF92w.roa
File: tQDOJpsntc1vWBn1iXKVetmF92w.roa (raw, json)
Hash identifier: n87FBF7WDVMwid6a9H4Qm//EnR2HxSr/ym+bEYH1z1c=
Subject key identifier: B5:00:CE:26:9B:27:B5:CD:6F:58:19:F5:89:72:95:7A:D9:85:F7:6C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10F0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/tQDOJpsntc1vWBn1iXKVetmF92w.roa
Signing time: Fri 05 Apr 2024 03:22:47 +0000
ROA not before: Fri 05 Apr 2024 03:22:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4336 (0x10f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 5 03:22:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B500CE269B27B5CD6F5819F58972957AD985F76C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:04:99:e0:25:8f:0a:24:00:d8:7c:0e:17:
65:bb:f1:6e:05:6b:7c:33:c8:1a:87:ce:74:b7:0e:
62:1f:94:ef:58:54:3a:fd:02:35:c3:7b:b6:be:e4:
9c:7c:5e:65:7b:ac:a1:a2:13:0c:b8:9d:89:fb:50:
60:97:ff:df:00:05:7a:e9:47:63:d7:04:b2:84:3e:
b9:77:18:07:f9:98:42:e9:76:1c:2a:78:18:e9:6e:
0f:79:24:71:c8:14:19:62:36:f2:c0:24:af:b7:fc:
5e:5b:72:6b:2d:49:5c:1c:47:44:7d:eb:ec:0d:cc:
81:1b:e7:03:54:5b:9a:4d:a5:95:00:0d:20:66:40:
c7:72:fe:ce:52:6f:06:c7:8d:5f:f3:60:bf:e3:c1:
16:56:dd:aa:12:f9:57:8d:b2:2d:a4:ac:f3:08:aa:
8a:26:89:a7:f7:08:20:f3:ca:2f:f8:32:a4:35:3e:
55:a6:8f:dc:2d:05:21:58:c3:c6:fc:93:6e:1d:e1:
b7:ec:b1:bd:af:37:4a:13:75:4b:d7:46:f0:e6:e6:
6c:37:4f:b7:cb:a3:32:1c:4a:6c:86:ba:8b:c5:8d:
c3:ff:b5:b2:10:f2:89:c2:80:46:6c:21:ba:b1:53:
22:c5:61:27:3f:88:2f:61:4c:b2:87:fb:9e:32:cb:
a3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:00:CE:26:9B:27:B5:CD:6F:58:19:F5:89:72:95:7A:D9:85:F7:6C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/tQDOJpsntc1vWBn1iXKVetmF92w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d5:f5:6a:f2:8b:37:13:cd:9c:a2:3e:ff:fa:fe:7d:74:8a:69:
58:6d:aa:ff:56:ba:bb:9b:ca:2b:d6:e1:f6:e7:37:3d:97:c7:
50:f7:54:af:ef:47:2e:13:17:1d:09:10:40:93:f8:ae:45:95:
04:05:91:e5:5f:a9:38:09:ef:e0:a0:03:46:07:b4:29:0d:73:
81:93:07:57:8e:e8:e1:a2:cd:82:76:21:c3:09:7d:8a:e5:e8:
17:a1:02:05:92:ef:72:53:0b:b3:9e:d3:b5:b0:0e:03:8b:1f:
f7:85:72:0d:68:c9:aa:54:11:16:c4:b9:d4:6d:bd:16:60:fd:
20:c5:b5:d6:be:ba:a1:fc:cd:9c:80:4a:ad:f1:5b:27:52:83:
63:24:11:0f:29:c8:ce:b6:76:25:99:da:8e:0c:e6:9d:7f:d3:
2c:f5:ff:35:ff:d5:a4:e5:ae:c3:c2:71:4f:a4:30:6a:22:7c:
91:62:7a:87:07:07:f1:0d:c4:c0:a1:15:06:f0:51:0e:6f:52:
90:37:5c:8f:02:fc:73:fc:a3:81:a3:44:af:a4:c8:81:ed:e2:
f1:91:cf:80:81:69:02:07:0f:c6:f8:af:8d:6e:27:f0:4e:a0:
be:88:0d:bc:6b:13:85:56:05:76:a3:d0:93:5e:a0:61:5b:3d:
a4:fc:9e:48
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDUw
MzIyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1MDBDRTI2OUIyN0I1
Q0Q2RjU4MTlGNTg5NzI5NTdBRDk4NUY3NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsIwSZ4CWPCiQA2HwOF2W78W4Fa3wzyBqHznS3DmIflO9YVDr9
AjXDe7a+5Jx8XmV7rKGiEwy4nYn7UGCX/98ABXrpR2PXBLKEPrl3GAf5mELpdhwq
eBjpbg95JHHIFBliNvLAJK+3/F5bcmstSVwcR0R96+wNzIEb5wNUW5pNpZUADSBm
QMdy/s5SbwbHjV/zYL/jwRZW3aoS+VeNsi2krPMIqoomiaf3CCDzyi/4MqQ1PlWm
j9wtBSFYw8b8k24d4bfssb2vN0oTdUvXRvDm5mw3T7fLozIcSmyGuovFjcP/tbIQ
8onCgEZsIbqxUyLFYSc/iC9hTLKH+54yy6OjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtQDOJpsntc1vWBn1iXKVetmF92wwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3RRRE9KcHNudGMxdldC
bjFpWEtWZXRtRjkydy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA1fVq8os3E82coj7/+v59dIppWG2q/1a6
u5vKK9bh9uc3PZfHUPdUr+9HLhMXHQkQQJP4rkWVBAWR5V+pOAnv4KADRge0KQ1z
gZMHV47o4aLNgnYhwwl9iuXoF6ECBZLvclMLs57TtbAOA4sf94VyDWjJqlQRFsS5
1G29FmD9IMW11r66ofzNnIBKrfFbJ1KDYyQRDynIzrZ2JZnajgzmnX/TLPX/Nf/V
pOWuw8JxT6QwaiJ8kWJ6hwcH8Q3EwKEVBvBRDm9SkDdcjwL8c/yjgaNEr6TIge3i
8ZHPgIFpAgcPxvivjW4n8E6gvogNvGsThVYFdqPQk16gYVs9pPyeSA==
-----END CERTIFICATE-----
Generated at Fri Apr 5 07:24:58 2024 by rpki-client on console-ams.rpki-client.org