Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/2eQOhmLqF4LBjDAXzaUPCmjozoo.roa
File: 2eQOhmLqF4LBjDAXzaUPCmjozoo.roa (raw, json)
Hash identifier: MjK/Y8OnTD96GUvJVMRcaAeMxSn3tiWWc3S/B7WmeqA=
Subject key identifier: D9:E4:0E:86:62:EA:17:82:C1:8C:30:17:CD:A5:0F:0A:68:E8:CE:8A
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0ADC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2eQOhmLqF4LBjDAXzaUPCmjozoo.roa
Signing time: Sat 01 Feb 2025 12:25:33 +0000
ROA not before: Sat 01 Feb 2025 12:25:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2780 (0xadc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 12:25:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D9E40E8662EA1782C18C3017CDA50F0A68E8CE8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:69:75:29:72:51:9d:6b:fe:90:66:bc:09:2e:
26:28:23:73:66:87:00:5a:d8:70:8e:50:73:c1:9f:
35:da:9c:a2:30:5a:d9:39:a1:20:db:07:8c:95:e3:
16:f7:59:d2:b3:08:30:e4:3c:5c:92:07:3b:85:3f:
c9:49:e2:b8:8b:a2:3a:d5:0e:57:bd:8d:07:85:6f:
61:b1:c5:0b:bd:13:eb:ac:f4:0b:3e:ae:83:a2:b5:
7c:1e:42:b4:8b:74:f1:7e:ea:a8:5f:53:5c:04:2b:
1e:06:d6:3c:79:b3:e5:6e:3e:61:65:d8:2f:a2:35:
0e:74:85:38:20:65:61:b4:8f:30:d7:fd:61:20:66:
ae:8a:c3:a6:2b:19:95:69:0f:49:1f:66:7e:50:7a:
70:30:fe:03:86:94:3d:95:67:6e:d7:c0:30:e7:76:
dc:ca:86:e0:f4:f2:db:74:c0:e8:1a:ab:84:bf:14:
23:74:f9:c6:1c:41:d3:98:19:09:d3:e7:6e:84:03:
ba:09:87:f0:87:41:88:c3:06:06:de:ff:a6:fd:df:
4b:a9:85:00:6c:e8:d5:1c:86:a6:c2:fb:86:10:e4:
a4:89:2f:ae:57:00:69:83:40:aa:4b:43:d3:38:11:
80:38:59:20:80:20:e6:a8:96:f3:4a:45:bc:fd:fd:
5f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E4:0E:86:62:EA:17:82:C1:8C:30:17:CD:A5:0F:0A:68:E8:CE:8A
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2eQOhmLqF4LBjDAXzaUPCmjozoo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
84:7d:6e:5f:ff:68:a2:0d:ea:e7:05:2f:ac:01:7e:18:d6:23:
14:07:83:25:8b:98:b3:e9:7e:a1:b5:9a:6b:7f:a4:6e:7f:84:
31:1d:30:34:ec:7f:e6:08:d4:cb:67:ed:10:cd:c2:01:b9:6b:
c5:5a:85:bb:20:8a:b6:c4:fa:a1:80:e5:6b:e2:40:7b:e9:b6:
6b:f3:51:2f:8a:86:a9:f7:59:4a:e8:29:f1:cd:a3:57:cf:06:
1e:88:98:35:91:21:34:58:3d:4d:ee:d4:2b:62:1d:3b:12:19:
e0:2d:55:54:fd:03:fc:b9:d4:5c:f2:aa:27:92:15:d9:b0:01:
ea:30:89:43:dc:17:10:35:20:a1:72:24:22:25:9f:ab:2e:6a:
5c:80:4e:72:98:4c:68:e1:52:6d:87:72:0b:b9:c8:71:d1:f6:
fa:43:26:19:13:28:39:2a:b9:0e:28:f4:f6:0b:be:50:02:0b:
4d:a9:73:d9:63:52:ad:2e:8b:f0:5f:95:54:3d:c4:fc:78:39:
ab:00:ad:37:22:13:da:37:4e:55:7b:0d:57:0f:91:67:a4:80:
71:e4:cb:69:ad:41:51:28:06:9a:eb:84:ed:2c:b8:a1:29:8b:
f2:2d:d8:38:ea:af:d3:2f:e8:9a:ca:8f:49:32:0d:90:22:f2:
cb:bf:58:94
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEx
MjI1MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ5RTQwRTg2NjJFQTE3
ODJDMThDMzAxN0NEQTUwRjBBNjhFOENFOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpaXUpclGda/6QZrwJLiYoI3NmhwBa2HCOUHPBnzXanKIwWtk5
oSDbB4yV4xb3WdKzCDDkPFySBzuFP8lJ4riLojrVDle9jQeFb2GxxQu9E+us9As+
roOitXweQrSLdPF+6qhfU1wEKx4G1jx5s+VuPmFl2C+iNQ50hTggZWG0jzDX/WEg
Zq6Kw6YrGZVpD0kfZn5QenAw/gOGlD2VZ27XwDDndtzKhuD08tt0wOgaq4S/FCN0
+cYcQdOYGQnT526EA7oJh/CHQYjDBgbe/6b930uphQBs6NUchqbC+4YQ5KSJL65X
AGmDQKpLQ9M4EYA4WSCAIOaolvNKRbz9/V9jAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU2eQOhmLqF4LBjDAXzaUPCmjozoowHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzJlUU9obUxxRjRMQmpE
QVh6YVVQQ21qb3pvby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIR9bl//aKIN6ucFL6wBfhjW
IxQHgyWLmLPpfqG1mmt/pG5/hDEdMDTsf+YI1Mtn7RDNwgG5a8VahbsgirbE+qGA
5WviQHvptmvzUS+Khqn3WUroKfHNo1fPBh6ImDWRITRYPU3u1CtiHTsSGeAtVVT9
A/y51FzyqieSFdmwAeowiUPcFxA1IKFyJCIln6sualyATnKYTGjhUm2Hcgu5yHHR
9vpDJhkTKDkquQ4o9PYLvlACC02pc9ljUq0ui/BflVQ9xPx4OasArTciE9o3TlV7
DVcPkWekgHHky2mtQVEoBprrhO0suKEpi/It2Djqr9Mv6JrKj0kyDZAi8su/WJQ=
Generated at Sat Feb 1 16:34:34 2025 by rpki-client on console.sobornost.net