Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/5PGIkyO6pMNainjJHGTA5AEq2-Y.roa
File: 5PGIkyO6pMNainjJHGTA5AEq2-Y.roa (raw, json)
Hash identifier: yHOlsw7T24kndyKp5dxp/D3TeEoLK3WrGBa5p5WNwJ4=
Subject key identifier: E4:F1:88:93:23:BA:A4:C3:5A:8A:78:C9:1C:64:C0:E4:01:2A:DB:E6
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0A92
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/5PGIkyO6pMNainjJHGTA5AEq2-Y.roa
Signing time: Fri 31 Jan 2025 17:55:32 +0000
ROA not before: Fri 31 Jan 2025 17:55:32 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2706 (0xa92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 31 17:55:32 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E4F1889323BAA4C35A8A78C91C64C0E4012ADBE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:87:18:cd:fb:b0:1c:d2:2e:76:f5:31:cb:b9:
51:3d:6b:24:0b:34:27:7a:5f:b2:19:9d:a7:97:34:
40:cd:c4:8e:f5:c8:fa:0a:ea:79:a3:4a:f4:22:94:
b2:83:5d:33:cf:f0:5c:4b:d3:42:98:26:6f:72:ee:
86:1b:1f:72:77:d2:08:6e:3b:9a:8f:38:55:45:8b:
7b:68:2f:af:8d:f1:29:95:b9:53:aa:c8:9a:a3:fb:
42:82:64:4b:4a:76:ce:56:c2:35:49:2a:19:6d:ab:
b7:ce:df:aa:cd:b4:c5:ec:e2:eb:cd:bf:e0:46:80:
38:ab:ef:ab:1c:0a:fd:60:10:d5:74:74:20:b4:81:
5a:61:08:37:12:f5:38:4c:fd:1c:96:e5:00:8c:64:
15:c8:13:20:00:fb:f3:f3:93:61:52:af:22:39:ab:
65:b2:5a:11:d8:2e:70:cf:7e:92:d2:0a:26:52:68:
8b:d8:7b:cc:59:0e:99:2f:b7:aa:42:1f:4f:ee:a2:
c0:d7:73:63:ad:bb:ec:ba:f1:7d:de:5e:03:6f:69:
4c:6d:6a:4e:ae:16:e3:f3:33:e7:c8:43:9b:4d:2e:
ff:39:83:2b:d5:19:e1:cc:88:17:b4:df:88:7d:16:
0b:15:f7:49:f9:f1:31:a3:80:e2:08:59:73:6c:fb:
ef:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F1:88:93:23:BA:A4:C3:5A:8A:78:C9:1C:64:C0:E4:01:2A:DB:E6
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/5PGIkyO6pMNainjJHGTA5AEq2-Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
36:1d:8a:2f:6a:ec:10:cb:eb:6a:0d:11:15:71:8b:c5:6b:64:
7d:f4:7d:17:26:00:83:bd:52:1a:29:af:b3:dc:05:79:ec:74:
54:fd:92:e6:92:21:eb:1b:3c:24:93:48:0a:8c:02:25:8b:16:
73:cf:43:f8:60:cc:bc:6a:00:80:2d:fa:14:9c:20:d6:40:e2:
02:36:95:e5:4a:64:4a:7c:dd:9a:85:0b:67:4f:9b:ff:75:74:
2e:a8:1a:d5:62:3c:2d:a9:fa:ef:64:3c:9a:60:0b:ab:fa:13:
96:92:91:7a:79:7e:3a:b6:1c:1e:53:41:da:67:cf:9c:98:db:
9c:ad:8d:2c:41:5c:8e:83:7f:63:e2:1f:33:74:8a:14:f1:1d:
48:ca:db:f4:ec:bd:a6:1a:ee:53:d4:62:72:0c:98:d1:62:3c:
d3:16:36:af:5d:48:dc:2e:cb:22:f3:41:66:55:c1:15:7a:dd:
c0:b9:20:fa:a9:8b:67:11:6b:4b:de:62:e9:47:28:5e:9a:b9:
00:00:1b:30:c1:ba:68:df:d7:2b:48:31:9e:95:67:ec:e2:e3:
d1:e7:30:2c:d3:0f:da:30:57:bd:41:4f:a4:de:0f:5c:96:7a:
89:81:7d:5c:5c:0d:e9:04:05:92:80:ed:ba:bb:69:17:7c:42:
a7:a2:79:1c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzEx
NzU1MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU0RjE4ODkzMjNCQUE0
QzM1QThBNzhDOTFDNjRDMEU0MDEyQURCRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdhxjN+7Ac0i529THLuVE9ayQLNCd6X7IZnaeXNEDNxI71yPoK
6nmjSvQilLKDXTPP8FxL00KYJm9y7oYbH3J30ghuO5qPOFVFi3toL6+N8SmVuVOq
yJqj+0KCZEtKds5WwjVJKhltq7fO36rNtMXs4uvNv+BGgDir76scCv1gENV0dCC0
gVphCDcS9ThM/RyW5QCMZBXIEyAA+/Pzk2FSryI5q2WyWhHYLnDPfpLSCiZSaIvY
e8xZDpkvt6pCH0/uosDXc2Otu+y68X3eXgNvaUxtak6uFuPzM+fIQ5tNLv85gyvV
GeHMiBe034h9FgsV90n58TGjgOIIWXNs+++dAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU5PGIkyO6pMNainjJHGTA5AEq2+YwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzVQR0lreU82cE1OYWlu
akpIR1RBNUFFcTItWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADYdii9q7BDL62oNERVxi8Vr
ZH30fRcmAIO9Uhopr7PcBXnsdFT9kuaSIesbPCSTSAqMAiWLFnPPQ/hgzLxqAIAt
+hScINZA4gI2leVKZEp83ZqFC2dPm/91dC6oGtViPC2p+u9kPJpgC6v6E5aSkXp5
fjq2HB5TQdpnz5yY25ytjSxBXI6Df2PiHzN0ihTxHUjK2/TsvaYa7lPUYnIMmNFi
PNMWNq9dSNwuyyLzQWZVwRV63cC5IPqpi2cRa0veYulHKF6auQAAGzDBumjf1ytI
MZ6VZ+zi49HnMCzTD9owV71BT6TeD1yWeomBfVxcDekEBZKA7bq7aRd8QqeieRw=
Generated at Fri Jan 31 22:12:44 2025 by rpki-client on console.sobornost.net