Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/SHOY-BE3CZdKtpf8JtbOfv8LbuY.roa
File: SHOY-BE3CZdKtpf8JtbOfv8LbuY.roa (raw, json)
Hash identifier: IBLLleooMyAkizbKURqlFsRP7MzNpsE3/akf+oz9TQ0=
Subject key identifier: 48:73:98:F8:11:37:09:97:4A:B6:97:FC:26:D6:CE:7E:FF:0B:6E:E6
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 129A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/SHOY-BE3CZdKtpf8JtbOfv8LbuY.roa
Signing time: Tue 09 Apr 2024 13:53:06 +0000
ROA not before: Tue 09 Apr 2024 13:53:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4762 (0x129a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 9 13:53:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=487398F8113709974AB697FC26D6CE7EFF0B6EE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1d:b9:2a:e5:cf:fd:96:4f:7d:1d:f8:04:9a:
fb:fa:7c:f2:09:70:07:93:50:f9:79:7e:1e:29:26:
10:ff:53:3d:ec:41:f6:f2:a7:d9:be:a7:e5:bc:6d:
ca:5a:3d:d3:37:23:73:07:d7:46:aa:c5:37:a2:42:
fc:66:a7:9c:47:fb:e6:58:fd:d7:f5:df:f0:c3:ce:
a4:f4:00:4e:aa:70:15:50:cb:76:29:44:b8:e4:54:
6b:33:e1:28:4d:39:83:2e:c4:bc:ca:3c:7d:0e:eb:
8a:4a:ca:cc:11:c2:ea:11:db:a6:09:6b:f5:eb:be:
cf:05:1c:6f:1c:06:1a:04:a0:3b:74:4c:1d:3f:b3:
85:74:ab:a9:00:35:f0:42:ec:13:b2:c3:f7:9c:40:
89:b2:0e:ac:40:12:5b:98:47:c2:53:e0:d8:18:a9:
e3:68:ca:b3:af:67:0d:8f:f4:de:b4:39:e1:b0:7a:
45:f8:24:f3:9c:d2:53:40:6e:21:16:e2:3d:7b:ff:
d5:31:4c:58:f4:fb:e0:e7:bc:4f:0c:8a:fc:42:90:
d5:89:ed:a7:a0:05:d1:a4:c3:6d:ec:a5:93:e3:d7:
56:1b:99:32:7c:cf:ef:6b:61:04:f6:89:0c:61:88:
0e:99:40:2b:db:7b:d9:7d:26:c4:63:64:da:85:f9:
c2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:73:98:F8:11:37:09:97:4A:B6:97:FC:26:D6:CE:7E:FF:0B:6E:E6
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/SHOY-BE3CZdKtpf8JtbOfv8LbuY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:79:64:64:bb:5b:8a:7b:a8:09:4a:df:54:bb:39:67:66:17:
26:d8:2c:6f:13:27:dc:11:e5:43:a7:f2:82:89:d3:87:7b:af:
01:96:d5:96:62:6f:1d:a9:1f:cd:01:d0:2f:fd:bb:c8:33:0d:
a3:86:f8:6d:14:25:60:29:ca:24:f8:5f:4b:81:b4:d5:50:96:
f7:e9:c9:32:f5:3e:dd:69:cd:ae:a2:6d:3a:a7:87:48:b1:9d:
23:04:01:7c:3c:1a:59:06:ef:fa:81:3e:19:0b:ad:3a:0f:62:
fc:52:25:b3:81:3b:17:10:e2:9f:53:36:3f:61:24:17:cf:58:
d1:5c:3e:26:8c:57:4d:a7:25:49:50:47:58:0b:79:2a:fd:57:
56:0a:13:4d:c8:d8:6b:b9:5e:ca:bb:7a:db:0b:02:f2:da:04:
7d:e3:6b:b5:89:7c:cc:f2:e1:32:29:6a:70:6a:0d:41:74:17:
5d:b8:fd:df:4d:eb:0d:ed:fc:41:dd:1c:92:ea:d2:88:2c:d1:
62:39:97:c9:f4:30:b7:db:49:ed:c3:5c:e8:43:ec:96:27:a9:
25:e7:95:54:6d:bf:db:f7:48:12:ad:63:d9:c3:56:e0:33:10:
f0:01:33:66:16:74:ba:60:58:12:9b:54:28:a6:60:23:ab:62:
0b:72:8f:ea
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDkx
MzUzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4NzM5OEY4MTEzNzA5
OTc0QUI2OTdGQzI2RDZDRTdFRkYwQjZFRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDHbkq5c/9lk99HfgEmvv6fPIJcAeTUPl5fh4pJhD/Uz3sQfby
p9m+p+W8bcpaPdM3I3MH10aqxTeiQvxmp5xH++ZY/df13/DDzqT0AE6qcBVQy3Yp
RLjkVGsz4ShNOYMuxLzKPH0O64pKyswRwuoR26YJa/Xrvs8FHG8cBhoEoDt0TB0/
s4V0q6kANfBC7BOyw/ecQImyDqxAEluYR8JT4NgYqeNoyrOvZw2P9N60OeGwekX4
JPOc0lNAbiEW4j17/9UxTFj0++DnvE8MivxCkNWJ7aegBdGkw23spZPj11YbmTJ8
z+9rYQT2iQxhiA6ZQCvbe9l9JsRjZNqF+cKRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSHOY+BE3CZdKtpf8JtbOfv8LbuYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1NIT1ktQkUzQ1pkS3Rw
ZjhKdGJPZnY4TGJ1WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAWXlkZLtbinuoCUrfVLs5Z2YXJtgsbxMn
3BHlQ6fygonTh3uvAZbVlmJvHakfzQHQL/27yDMNo4b4bRQlYCnKJPhfS4G01VCW
9+nJMvU+3WnNrqJtOqeHSLGdIwQBfDwaWQbv+oE+GQutOg9i/FIls4E7FxDin1M2
P2EkF89Y0Vw+JoxXTaclSVBHWAt5Kv1XVgoTTcjYa7leyrt62wsC8toEfeNrtYl8
zPLhMilqcGoNQXQXXbj9303rDe38Qd0ckurSiCzRYjmXyfQwt9tJ7cNc6EPsliep
JeeVVG2/2/dIEq1j2cNW4DMQ8AEzZhZ0umBYEptUKKZgI6tiC3KP6g==
-----END CERTIFICATE-----
Generated at Tue Apr 9 20:29:13 2024 by rpki-client on console.sobornost.net