Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/6GS9r6eQPXGFFeL-rIcKd8_P5rs.roa
File: 6GS9r6eQPXGFFeL-rIcKd8_P5rs.roa (raw, json)
Hash identifier: NsqD0ngGu1A2ZlLjVOxBh+sRYA6pH5Tp3WAyB3LJNKA=
Subject key identifier: E8:64:BD:AF:A7:90:3D:71:85:15:E2:FE:AC:87:0A:77:CF:CF:E6:BB
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 04D2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/6GS9r6eQPXGFFeL-rIcKd8_P5rs.roa
Signing time: Thu 16 Jan 2025 09:54:40 +0000
ROA not before: Thu 16 Jan 2025 09:54:40 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1234 (0x4d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 16 09:54:40 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E864BDAFA7903D718515E2FEAC870A77CFCFE6BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b0:30:32:21:85:0b:c5:33:d5:a9:4d:68:c8:
a2:bc:48:82:78:d9:7d:8c:4b:be:de:28:28:6d:35:
4c:f9:fa:f0:ae:db:c6:18:d8:9a:cf:21:37:1b:f7:
23:42:98:1c:c1:5d:7b:01:dd:69:96:53:d4:d8:f0:
d8:76:2a:30:fa:d3:e9:55:f2:84:60:6e:21:8e:6b:
11:03:22:64:34:d3:9b:0c:1c:a5:1b:7a:86:00:9a:
16:31:67:24:01:ab:3e:24:b7:47:3b:64:20:d8:81:
cd:18:ea:32:66:b2:94:13:fe:13:e6:f9:00:97:19:
62:f8:3c:29:eb:00:ea:6e:4a:88:50:74:cd:b9:70:
83:c1:8a:e3:ad:04:c7:13:22:7e:71:4c:4a:a7:c8:
2b:ce:01:60:cf:de:32:1b:b6:c0:54:ab:68:15:2d:
ef:e8:36:ca:6a:b3:15:5f:24:1d:c6:0c:6c:43:6f:
a4:fc:4a:b3:c5:18:cc:c3:c3:dd:a4:d8:7b:0e:cc:
47:89:59:8f:ce:3c:40:6f:3b:6f:fa:21:e1:e1:a6:
28:10:d0:34:59:71:f3:6e:d3:42:10:7d:5c:5a:7e:
5e:37:4f:d0:a4:92:4d:53:82:54:80:68:00:a1:33:
56:a4:52:47:89:26:ab:e1:83:59:f9:bb:06:33:9d:
41:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:64:BD:AF:A7:90:3D:71:85:15:E2:FE:AC:87:0A:77:CF:CF:E6:BB
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/6GS9r6eQPXGFFeL-rIcKd8_P5rs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b3:bc:d9:14:3c:ce:9c:c6:60:92:42:42:76:d8:d5:82:ba:64:
93:61:b3:20:12:f7:ab:03:c6:9b:bb:58:e8:f3:aa:bc:81:f8:
3d:8c:88:f7:75:29:05:76:a5:56:ca:af:ac:e5:ab:96:84:33:
d3:1f:54:54:73:22:bf:e3:b8:1c:0e:4e:5e:93:85:3d:7b:1f:
70:0b:45:32:0a:02:f3:3f:09:a3:fb:12:e9:ad:39:91:43:2e:
47:a5:ba:92:0f:34:40:55:8c:8f:78:f2:86:62:4d:18:f6:cb:
7b:d7:55:c4:72:94:a5:22:13:90:5f:e0:57:5d:29:be:5b:e0:
e1:94:40:76:a7:1d:6e:7e:b5:20:b3:db:ba:0f:28:ee:27:41:
6f:30:04:95:d9:bd:cc:27:4c:c6:61:c3:2c:23:d9:45:11:16:
82:fa:32:f8:99:fe:f0:6c:d8:05:e3:1e:84:c5:80:78:5c:ab:
20:b0:82:ac:76:4d:70:69:cb:9a:a7:c0:00:ca:61:6b:05:15:
cf:53:f2:35:6e:13:3c:7b:80:da:10:5d:e7:55:96:5f:f5:75:
e8:20:f8:5f:f7:ec:de:d7:a5:82:df:6e:c0:6a:95:30:a8:33:
bd:47:b8:d5:57:3f:21:81:15:82:bc:2a:62:15:74:df:89:cd:
41:b2:c5:77
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTYw
OTU0NDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU4NjRCREFGQTc5MDNE
NzE4NTE1RTJGRUFDODcwQTc3Q0ZDRkU2QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvsDAyIYULxTPVqU1oyKK8SIJ42X2MS77eKChtNUz5+vCu28YY
2JrPITcb9yNCmBzBXXsB3WmWU9TY8Nh2KjD60+lV8oRgbiGOaxEDImQ005sMHKUb
eoYAmhYxZyQBqz4kt0c7ZCDYgc0Y6jJmspQT/hPm+QCXGWL4PCnrAOpuSohQdM25
cIPBiuOtBMcTIn5xTEqnyCvOAWDP3jIbtsBUq2gVLe/oNspqsxVfJB3GDGxDb6T8
SrPFGMzDw92k2HsOzEeJWY/OPEBvO2/6IeHhpigQ0DRZcfNu00IQfVxafl43T9Ck
kk1TglSAaAChM1akUkeJJqvhg1n5uwYznUHDAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU6GS9r6eQPXGFFeL+rIcKd8/P5rswHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzZHUzlyNmVRUFhHRkZl
TC1ySWNLZDhfUDVycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBALO82RQ8zpzGYJJCQnbY1YK6
ZJNhsyAS96sDxpu7WOjzqryB+D2MiPd1KQV2pVbKr6zlq5aEM9MfVFRzIr/juBwO
Tl6ThT17H3ALRTIKAvM/CaP7EumtOZFDLkelupIPNEBVjI948oZiTRj2y3vXVcRy
lKUiE5Bf4FddKb5b4OGUQHanHW5+tSCz27oPKO4nQW8wBJXZvcwnTMZhwywj2UUR
FoL6MviZ/vBs2AXjHoTFgHhcqyCwgqx2TXBpy5qnwADKYWsFFc9T8jVuEzx7gNoQ
XedVll/1degg+F/37N7XpYLfbsBqlTCoM71HuNVXPyGBFYK8KmIVdN+JzUGyxXc=
Generated at Thu Jan 16 13:49:21 2025 by rpki-client on console.sobornost.net