Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/57V4h3ah1JSpCFFgpQoeDnrex6Y.roa
File: 57V4h3ah1JSpCFFgpQoeDnrex6Y.roa (raw, json)
Hash identifier: JQaOG1jpz9r6FI7+SP7JKV4Cs8PSP/iS67KbXEyDcxc=
Subject key identifier: E7:B5:78:87:76:A1:D4:94:A9:08:51:60:A5:0A:1E:0E:7A:DE:C7:A6
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 074C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/57V4h3ah1JSpCFFgpQoeDnrex6Y.roa
Signing time: Thu 23 Jan 2025 00:25:03 +0000
ROA not before: Thu 23 Jan 2025 00:25:03 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1868 (0x74c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 23 00:25:03 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E7B5788776A1D494A9085160A50A1E0E7ADEC7A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7b:14:ff:4b:48:f4:ac:77:3f:a8:af:4a:4a:
e4:ef:0e:e3:64:68:bd:a5:df:06:af:66:71:1f:cc:
0f:ca:de:f9:30:a9:0f:a1:23:13:a7:c4:4a:84:3f:
d2:93:b9:58:23:e7:42:0b:ff:5a:e6:9b:49:b6:20:
b4:e1:f7:09:b1:33:a1:46:91:06:51:cb:28:c5:6e:
10:af:61:e2:e7:0f:06:68:81:5e:f3:36:4b:34:1c:
d6:d1:d2:fe:a6:4d:65:08:a0:f0:42:aa:47:02:b5:
36:0b:60:c5:95:23:9e:e4:fb:4b:73:76:0e:eb:c4:
dc:82:29:b0:1a:20:0d:99:d1:ab:0e:18:e0:2f:a9:
91:7b:f9:83:91:1c:7a:1a:b0:c0:83:51:cb:c9:58:
d2:fd:1a:b3:18:4b:80:1f:89:b7:82:ad:1b:12:bc:
08:76:ff:21:90:bb:d2:c0:96:9a:7e:40:c1:f0:8b:
4e:3d:68:00:fc:3e:cf:88:d8:83:c2:45:01:a6:76:
dc:de:8f:af:ee:50:80:3e:94:a3:db:f9:35:88:28:
2b:67:35:e6:39:df:f4:9c:d8:89:81:ef:3f:26:da:
a4:a4:44:f2:70:69:7d:21:b9:28:1c:43:2c:a9:eb:
d9:8f:d4:a8:13:d0:27:23:08:d8:84:42:85:76:a3:
44:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B5:78:87:76:A1:D4:94:A9:08:51:60:A5:0A:1E:0E:7A:DE:C7:A6
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/57V4h3ah1JSpCFFgpQoeDnrex6Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:c2:b4:8e:e7:48:8d:19:50:9c:93:b4:d3:7e:b2:b7:c2:23:
af:dd:69:8d:f0:7a:e9:2f:95:5f:4c:af:31:5d:b0:55:91:d7:
dd:e6:15:b2:25:80:38:b3:c0:01:a3:08:22:bc:ed:45:29:b6:
cc:08:57:4c:b4:b4:5c:65:51:9e:e8:d9:86:aa:21:00:1a:e8:
85:dc:66:05:c7:e0:df:e7:c2:a9:7c:1c:2e:27:cb:08:a8:0c:
25:08:60:31:9b:f6:0f:bc:6c:42:9d:d3:61:fe:60:97:05:ff:
60:d7:be:46:a4:0b:9b:4c:df:f3:8a:3b:c1:32:80:d4:a4:f9:
ca:e1:9c:41:7a:1e:54:d3:1a:0f:d4:42:f2:43:f1:bd:b7:80:
48:83:db:5c:33:45:22:5b:01:2d:3b:0a:8e:62:58:41:99:df:
78:ba:b7:a4:41:b9:2c:10:27:bb:1c:95:9f:33:23:b6:b4:61:
2d:77:b3:c8:d0:ad:64:b5:a8:7d:2e:68:c6:05:5e:46:68:58:
59:7c:35:64:32:54:e4:b4:7d:b8:cb:ef:15:1d:7e:70:4f:6e:
51:01:e5:9d:0e:66:24:f3:92:c4:21:65:47:8a:74:87:30:1b:
1f:d4:20:73:0d:98:a8:8c:ce:eb:7a:ae:3a:7f:3c:2d:89:ad:
20:25:bc:88
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB0wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjMw
MDI1MDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU3QjU3ODg3NzZBMUQ0
OTRBOTA4NTE2MEE1MEExRTBFN0FERUM3QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnexT/S0j0rHc/qK9KSuTvDuNkaL2l3wavZnEfzA/K3vkwqQ+h
IxOnxEqEP9KTuVgj50IL/1rmm0m2ILTh9wmxM6FGkQZRyyjFbhCvYeLnDwZogV7z
Nks0HNbR0v6mTWUIoPBCqkcCtTYLYMWVI57k+0tzdg7rxNyCKbAaIA2Z0asOGOAv
qZF7+YORHHoasMCDUcvJWNL9GrMYS4AfibeCrRsSvAh2/yGQu9LAlpp+QMHwi049
aAD8Ps+I2IPCRQGmdtzej6/uUIA+lKPb+TWIKCtnNeY53/Sc2ImB7z8m2qSkRPJw
aX0huSgcQyyp69mP1KgT0CcjCNiEQoV2o0SvAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU57V4h3ah1JSpCFFgpQoeDnrex6YwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzU3VjRoM2FoMUpTcENG
RmdwUW9lRG5yZXg2WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAD7CtI7nSI0ZUJyTtNN+srfC
I6/daY3weukvlV9MrzFdsFWR193mFbIlgDizwAGjCCK87UUptswIV0y0tFxlUZ7o
2YaqIQAa6IXcZgXH4N/nwql8HC4nywioDCUIYDGb9g+8bEKd02H+YJcF/2DXvkak
C5tM3/OKO8EygNSk+crhnEF6HlTTGg/UQvJD8b23gEiD21wzRSJbAS07Co5iWEGZ
33i6t6RBuSwQJ7sclZ8zI7a0YS13s8jQrWS1qH0uaMYFXkZoWFl8NWQyVOS0fbjL
7xUdfnBPblEB5Z0OZiTzksQhZUeKdIcwGx/UIHMNmKiMzut6rjp/PC2JrSAlvIg=
Generated at Thu Jan 23 04:49:19 2025 by rpki-client on console.sobornost.net