Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/1NTEx5OsYJ1ZVsq7F1ftejRylWs.roa
File: 1NTEx5OsYJ1ZVsq7F1ftejRylWs.roa (raw, json)
Hash identifier: SXm4WIJVnhOXvmy+gqW/n7InQcJcVx6n9jq4KqF0p/8=
Subject key identifier: D4:D4:C4:C7:93:AC:60:9D:59:56:CA:BB:17:57:ED:7A:34:72:95:6B
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B32
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/1NTEx5OsYJ1ZVsq7F1ftejRylWs.roa
Signing time: Sun 02 Feb 2025 09:55:32 +0000
ROA not before: Sun 02 Feb 2025 09:55:32 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2866 (0xb32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 09:55:32 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D4D4C4C793AC609D5956CABB1757ED7A3472956B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9a:39:71:1e:b2:86:9a:32:81:53:d1:85:aa:
3a:96:a3:39:55:6b:b6:5e:47:06:f8:1c:07:3b:bd:
41:6c:6f:88:40:f2:9a:90:54:38:27:a1:0d:da:98:
a5:12:98:90:c6:0c:77:7e:42:d5:cc:f3:8c:a3:73:
14:5a:4e:6f:b0:ee:d2:c3:4d:6e:71:aa:1c:25:fc:
13:0c:a7:18:b8:3b:9b:6b:4f:a0:cf:a8:7e:b4:a5:
41:54:a2:c1:2e:c9:28:d6:7d:ec:ba:65:34:38:66:
8f:0a:fe:57:04:77:97:54:d8:8f:3e:a7:60:14:21:
0d:96:71:b2:9c:05:c0:f3:7b:9d:da:7f:17:a2:e4:
bc:82:18:cd:4e:7d:1a:97:6e:1e:26:0d:c6:4f:b8:
7f:26:1e:ed:2b:c0:1d:2d:b2:0c:3a:c7:3e:69:d1:
83:0a:f9:28:6b:c5:92:3b:b9:3c:04:d6:4d:30:07:
ed:39:9e:4d:1b:f6:39:34:18:33:c5:be:b9:8e:41:
d6:75:b6:a8:52:f1:2f:e9:28:4a:cc:db:87:94:5d:
e3:56:4c:c7:70:86:0d:c0:1d:c5:07:db:a6:1e:dc:
a6:6a:c0:f1:ce:3d:f6:02:31:d7:5f:2f:bf:3a:93:
71:04:4f:14:28:6e:99:f5:85:a7:fd:7a:41:a8:02:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D4:C4:C7:93:AC:60:9D:59:56:CA:BB:17:57:ED:7A:34:72:95:6B
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/1NTEx5OsYJ1ZVsq7F1ftejRylWs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:a6:34:3a:2c:17:17:4b:f1:5c:65:5b:a8:92:0f:cd:27:67:
25:3f:1e:52:23:c3:68:70:55:e8:9c:66:1b:05:37:6b:19:fc:
ad:84:dc:58:f4:29:e7:fb:e7:30:e0:79:23:0e:a9:78:5c:d2:
a2:54:22:28:b4:0a:ae:5b:fd:7e:50:54:3b:37:72:6e:d5:f8:
07:b2:55:e6:29:25:71:a8:3d:de:7b:18:b7:de:15:85:32:b1:
d0:a4:c9:5b:31:e0:73:66:a8:82:b5:36:83:a0:ca:db:22:5f:
e7:64:ec:88:82:59:6c:e9:3d:4f:29:97:11:40:da:22:19:68:
cf:6a:66:b0:d0:55:a3:dc:19:3a:2a:91:36:cc:80:b9:6c:8f:
c5:b0:cf:88:bc:36:26:53:60:59:b8:7b:c9:08:ac:2d:94:9c:
f3:aa:02:0f:47:15:f3:cb:85:03:ff:14:a9:f4:a5:7a:d9:4f:
f2:ad:a1:f1:df:cc:64:71:64:f5:12:a3:f2:97:4a:1e:11:26:
e9:4e:b3:21:69:31:23:ca:bb:1e:58:69:1b:6d:95:90:d3:e2:
89:6f:a6:32:a1:8a:8f:cf:83:03:31:f6:64:a3:18:91:0d:fd:
23:10:39:f1:53:c1:d3:9b:d8:a0:72:cb:31:20:63:5a:0a:be:
87:a1:15:3a
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIw
OTU1MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ0RDRDNEM3OTNBQzYw
OUQ1OTU2Q0FCQjE3NTdFRDdBMzQ3Mjk1NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQComjlxHrKGmjKBU9GFqjqWozlVa7ZeRwb4HAc7vUFsb4hA8pqQ
VDgnoQ3amKUSmJDGDHd+QtXM84yjcxRaTm+w7tLDTW5xqhwl/BMMpxi4O5trT6DP
qH60pUFUosEuySjWfey6ZTQ4Zo8K/lcEd5dU2I8+p2AUIQ2WcbKcBcDze53afxei
5LyCGM1OfRqXbh4mDcZPuH8mHu0rwB0tsgw6xz5p0YMK+ShrxZI7uTwE1k0wB+05
nk0b9jk0GDPFvrmOQdZ1tqhS8S/pKErM24eUXeNWTMdwhg3AHcUH26Ye3KZqwPHO
PfYCMddfL786k3EETxQobpn1haf9ekGoAoWvAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU1NTEx5OsYJ1ZVsq7F1ftejRylWswHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzFOVEV4NU9zWUoxWlZz
cTdGMWZ0ZWpSeWxXcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGymNDosFxdL8VxlW6iSD80n
ZyU/HlIjw2hwVeicZhsFN2sZ/K2E3Fj0Kef75zDgeSMOqXhc0qJUIii0Cq5b/X5Q
VDs3cm7V+AeyVeYpJXGoPd57GLfeFYUysdCkyVsx4HNmqIK1NoOgytsiX+dk7IiC
WWzpPU8plxFA2iIZaM9qZrDQVaPcGToqkTbMgLlsj8Wwz4i8NiZTYFm4e8kIrC2U
nPOqAg9HFfPLhQP/FKn0pXrZT/KtofHfzGRxZPUSo/KXSh4RJulOsyFpMSPKux5Y
aRttlZDT4olvpjKhio/PgwMx9mSjGJEN/SMQOfFTwdOb2KByyzEgY1oKvoehFTo=
Generated at Sun Feb 2 14:11:20 2025 by rpki-client on console.sobornost.net