Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/1Qzp5HIX5YupCes-E7knbG_fMIM.roa
File: 1Qzp5HIX5YupCes-E7knbG_fMIM.roa (raw, json)
Hash identifier: S+o3MS6aVAj0dITgzQed3ilQKHL4orZMHzar0npyuVk=
Subject key identifier: D5:0C:E9:E4:72:17:E5:8B:A9:09:EB:3E:13:B9:27:6C:6F:DF:30:83
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0756
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/1Qzp5HIX5YupCes-E7knbG_fMIM.roa
Signing time: Thu 23 Jan 2025 02:55:02 +0000
ROA not before: Thu 23 Jan 2025 02:55:02 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1878 (0x756)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 23 02:55:02 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D50CE9E47217E58BA909EB3E13B9276C6FDF3083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d5:f3:04:24:da:de:cd:28:56:95:b2:c3:fd:
da:6b:ac:d9:2b:53:88:be:4d:ba:13:ea:5f:9e:0b:
de:7e:df:dc:8b:20:85:cf:4d:06:ea:cf:95:b5:2a:
52:66:37:0d:73:91:29:0e:b7:aa:d6:7a:60:18:f3:
6c:bb:ab:94:34:05:d5:99:29:64:78:7c:37:b4:28:
fe:10:2f:0c:cc:f5:77:78:3c:82:8b:f5:a0:8f:0d:
5f:e0:97:3f:d8:3a:a1:fa:84:81:84:d3:3e:39:cf:
1b:f9:86:2a:01:92:6f:7a:4d:06:81:2c:0e:2b:c4:
1f:2c:a6:b8:02:cd:c6:57:c3:c4:45:da:77:4e:55:
d1:38:1d:63:90:12:f0:65:eb:09:99:a9:1d:76:92:
bf:36:ca:ed:38:02:fa:c2:d9:b7:e2:82:54:ab:3f:
a4:9c:f8:5b:64:e1:93:a1:ee:7b:2e:2e:c0:ca:76:
04:8d:63:07:94:7f:c6:ff:fa:8a:e6:00:53:72:15:
6a:22:26:9c:56:c8:5b:c8:7d:dc:99:75:77:db:b5:
96:6c:4e:48:bc:09:5e:4c:cd:81:ea:6f:17:b2:cc:
2d:65:c1:6c:f4:a5:b4:b2:b5:0d:f8:0c:3f:aa:3b:
d9:a6:5f:55:f3:ef:e1:c6:e8:ff:9a:1b:83:4a:e7:
06:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:0C:E9:E4:72:17:E5:8B:A9:09:EB:3E:13:B9:27:6C:6F:DF:30:83
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/1Qzp5HIX5YupCes-E7knbG_fMIM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
42:21:34:8d:43:9a:c7:cb:fc:6f:79:e3:ac:15:ca:cc:39:c0:
48:60:da:ad:58:73:84:e9:12:96:9d:df:00:e6:29:81:7e:90:
27:4e:73:31:dd:aa:74:09:52:75:29:fa:b8:ee:da:a5:97:ac:
bd:32:51:ca:bb:a8:e8:1f:52:99:d4:7f:65:d1:71:b7:18:65:
cc:2c:6a:03:b1:30:d2:cb:6b:fd:58:db:22:11:72:65:77:7b:
db:1c:ce:c8:12:6d:b3:e0:55:85:f3:20:1c:b4:31:92:40:e8:
17:5b:ba:7c:30:1c:4b:2f:18:32:7f:b2:03:1d:33:45:dd:4d:
6c:7a:5a:c2:53:75:46:9e:08:19:f4:fb:7b:06:8d:29:fb:38:
f2:09:3a:7a:64:bf:5e:eb:eb:fe:8a:a2:cc:9f:84:1d:35:ac:
c1:1a:48:92:33:63:32:f9:8c:9e:56:68:45:f5:d3:aa:f8:f7:
bb:30:2c:26:84:52:5e:52:ee:1d:df:d4:47:d2:d7:75:ba:9f:
57:97:66:6d:62:8e:e4:6b:3c:20:77:9d:02:ed:24:f8:5d:54:
62:73:85:44:f9:9c:cd:0b:d7:34:37:26:f8:c1:e7:00:fb:25:
96:5a:19:37:cc:87:ac:73:ec:30:c1:f6:e4:2f:6b:67:98:77:
b6:7a:f6:10
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB1YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjMw
MjU1MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ1MENFOUU0NzIxN0U1
OEJBOTA5RUIzRTEzQjkyNzZDNkZERjMwODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx1fMEJNrezShWlbLD/dprrNkrU4i+TboT6l+eC95+39yLIIXP
TQbqz5W1KlJmNw1zkSkOt6rWemAY82y7q5Q0BdWZKWR4fDe0KP4QLwzM9Xd4PIKL
9aCPDV/glz/YOqH6hIGE0z45zxv5hioBkm96TQaBLA4rxB8sprgCzcZXw8RF2ndO
VdE4HWOQEvBl6wmZqR12kr82yu04AvrC2bfiglSrP6Sc+Ftk4ZOh7nsuLsDKdgSN
YweUf8b/+ormAFNyFWoiJpxWyFvIfdyZdXfbtZZsTki8CV5MzYHqbxeyzC1lwWz0
pbSytQ34DD+qO9mmX1Xz7+HG6P+aG4NK5wYbAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU1Qzp5HIX5YupCes+E7knbG/fMIMwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzFRenA1SElYNVl1cENl
cy1FN2tuYkdfZk1JTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAEIhNI1DmsfL/G9546wVysw5
wEhg2q1Yc4TpEpad3wDmKYF+kCdOczHdqnQJUnUp+rju2qWXrL0yUcq7qOgfUpnU
f2XRcbcYZcwsagOxMNLLa/1Y2yIRcmV3e9sczsgSbbPgVYXzIBy0MZJA6Bdbunww
HEsvGDJ/sgMdM0XdTWx6WsJTdUaeCBn0+3sGjSn7OPIJOnpkv17r6/6KosyfhB01
rMEaSJIzYzL5jJ5WaEX106r497swLCaEUl5S7h3f1EfS13W6n1eXZm1ijuRrPCB3
nQLtJPhdVGJzhUT5nM0L1zQ3JvjB5wD7JZZaGTfMh6xz7DDB9uQva2eYd7Z69hA=
-----END CERTIFICATE-----
Generated at Thu Jan 23 08:06:58 2025 by rpki-client on console.sobornost.net