Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/tjyhAIC-TraWDW4d0i5mXC-Bc04.roa
File: tjyhAIC-TraWDW4d0i5mXC-Bc04.roa (raw, json)
Hash identifier: LCUBbd3peMCWsw01ph56uMSQ0ZALgrccW78kw7iEtS8=
Subject key identifier: B6:3C:A1:00:80:BE:4E:B6:96:0D:6E:1D:D2:2E:66:5C:2F:81:73:4E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 149E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/tjyhAIC-TraWDW4d0i5mXC-Bc04.roa
Signing time: Sun 14 Apr 2024 22:53:17 +0000
ROA not before: Sun 14 Apr 2024 22:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5278 (0x149e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 22:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B63CA10080BE4EB6960D6E1DD22E665C2F81734E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fc:ce:51:58:dd:88:0a:6e:55:8a:a3:06:65:
f2:16:73:2c:f6:68:2f:73:30:3b:81:36:21:0f:26:
82:e3:51:bd:fe:1e:f6:75:6e:34:00:c4:ec:e8:94:
fd:db:c8:47:1d:bc:b9:b0:ab:01:ac:d3:19:ae:01:
21:b7:a6:5e:95:97:53:1c:f8:48:55:7c:ef:9b:5d:
5a:ee:a5:1a:ba:e4:42:54:db:f7:1c:3a:8c:a2:28:
6c:2c:44:9f:15:3d:e5:5a:c0:19:47:e6:3c:de:39:
3e:e2:e8:c4:a4:97:bc:61:61:db:e8:fc:00:4b:a4:
43:f2:7d:9d:ef:b8:d8:b3:1a:9b:23:8f:f7:95:51:
c7:8b:bb:d1:46:bf:9b:ef:1e:c9:a1:04:a5:0d:1b:
3d:a6:6c:82:69:7b:0d:a2:0c:1d:ec:1a:a0:10:44:
be:b3:50:8b:bb:63:ef:1f:0a:e0:f7:78:3b:00:a6:
b3:36:5a:25:8e:20:88:10:a7:8e:ed:b1:90:55:65:
e3:a4:77:16:c6:74:d5:2d:9b:05:32:54:06:e3:91:
c7:58:ae:df:db:de:c3:59:86:b0:cb:59:7a:ce:50:
28:e9:77:da:23:c6:fd:d8:0c:b6:18:49:2c:83:64:
58:7a:e7:9c:f7:4c:85:74:70:80:a8:93:37:5f:4e:
90:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3C:A1:00:80:BE:4E:B6:96:0D:6E:1D:D2:2E:66:5C:2F:81:73:4E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/tjyhAIC-TraWDW4d0i5mXC-Bc04.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:0a:bf:28:76:5b:1f:9d:0f:02:0f:ca:c2:99:ff:82:6b:29:
5a:9f:4f:7d:b0:67:94:22:08:90:be:d9:c6:e2:fa:98:68:d4:
91:2a:af:e7:fd:01:9a:76:99:9c:e1:fc:08:a0:46:14:d9:45:
19:ed:34:15:d6:e7:f0:6c:7a:d0:aa:1c:f1:90:3e:db:04:17:
0f:0d:70:1b:9c:88:04:63:d7:c0:bf:66:c0:43:77:d1:f0:b7:
ee:39:0e:5d:2b:01:cc:02:f8:76:8f:ca:30:0f:80:a6:be:7e:
30:fe:37:be:7d:30:3e:98:1b:0c:b5:8b:da:02:6a:0b:4a:87:
fc:58:36:bf:ef:63:a4:f1:b1:4b:2a:01:d4:7c:b5:07:7f:d6:
00:4e:43:85:2e:fd:8b:ee:08:75:dd:b3:b9:4e:47:00:dc:d4:
00:a5:61:84:2e:26:89:f3:52:c6:08:02:ff:a2:28:55:a2:a5:
7a:55:d2:cd:21:db:0f:61:0d:33:ea:63:81:4c:98:e5:a5:ea:
7b:aa:f0:2b:a0:25:c7:6b:37:b0:ed:26:cd:a6:c5:ec:2f:85:
6c:3b:6e:b6:c8:e0:42:b0:08:c5:23:61:54:0d:d3:f0:be:97:
f1:d3:cc:0e:ca:c6:cd:d6:e3:f4:d5:31:14:00:14:74:00:90:
e0:2d:f4:96
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQy
MjUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2M0NBMTAwODBCRTRF
QjY5NjBENkUxREQyMkU2NjVDMkY4MTczNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6/M5RWN2ICm5ViqMGZfIWcyz2aC9zMDuBNiEPJoLjUb3+HvZ1
bjQAxOzolP3byEcdvLmwqwGs0xmuASG3pl6Vl1Mc+EhVfO+bXVrupRq65EJU2/cc
OoyiKGwsRJ8VPeVawBlH5jzeOT7i6MSkl7xhYdvo/ABLpEPyfZ3vuNizGpsjj/eV
UceLu9FGv5vvHsmhBKUNGz2mbIJpew2iDB3sGqAQRL6zUIu7Y+8fCuD3eDsAprM2
WiWOIIgQp47tsZBVZeOkdxbGdNUtmwUyVAbjkcdYrt/b3sNZhrDLWXrOUCjpd9oj
xv3YDLYYSSyDZFh655z3TIV0cICokzdfTpC3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtjyhAIC+TraWDW4d0i5mXC+Bc04wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3RqeWhBSUMtVHJhV0RX
NGQwaTVtWEMtQmMwNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAIgq/KHZbH50PAg/Kwpn/gmspWp9PfbBn
lCIIkL7ZxuL6mGjUkSqv5/0BmnaZnOH8CKBGFNlFGe00Fdbn8Gx60Koc8ZA+2wQX
Dw1wG5yIBGPXwL9mwEN30fC37jkOXSsBzAL4do/KMA+Apr5+MP43vn0wPpgbDLWL
2gJqC0qH/Fg2v+9jpPGxSyoB1Hy1B3/WAE5DhS79i+4Idd2zuU5HANzUAKVhhC4m
ifNSxggC/6IoVaKlelXSzSHbD2ENM+pjgUyY5aXqe6rwK6Alx2s3sO0mzabF7C+F
bDtutsjgQrAIxSNhVA3T8L6X8dPMDsrGzdbj9NUxFAAUdACQ4C30lg==
Generated at Mon Apr 15 00:17:58 2024 by rpki-client on console-ams.rpki-client.org