Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/83V00SjddizyMD9fH4bBtCaccyY.roa
File: 83V00SjddizyMD9fH4bBtCaccyY.roa (raw, json)
Hash identifier: bbpDRc+TYRPXBl+freDSo61537M8w9KxEB/ISB1DcQc=
Subject key identifier: F3:75:74:D1:28:DD:76:2C:F2:30:3F:5F:1F:86:C1:B4:26:9C:73:26
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 053A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/83V00SjddizyMD9fH4bBtCaccyY.roa
Signing time: Fri 17 Jan 2025 11:54:42 +0000
ROA not before: Fri 17 Jan 2025 11:54:42 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1338 (0x53a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 17 11:54:42 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F37574D128DD762CF2303F5F1F86C1B4269C7326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:6b:4a:24:b6:ea:e6:62:d5:d2:bb:1f:cf:
6b:f7:35:7a:67:5f:80:eb:76:51:61:54:ba:55:0f:
fe:c4:c3:3c:f7:e2:1f:ad:d2:86:47:02:24:a5:cd:
c4:57:2c:48:46:cd:3c:94:87:40:ed:32:e7:be:8b:
c5:e1:a5:1c:a4:27:dd:c5:9e:1e:fa:4d:13:d6:89:
c3:6d:cc:1e:f8:3e:49:b5:01:de:dc:9b:3b:92:84:
b1:c6:4d:13:f1:35:73:e5:80:b5:ba:e9:1b:25:ae:
3e:fd:44:2d:8f:d9:2a:16:b3:d3:97:a0:78:ee:04:
18:7a:88:72:65:ea:10:73:dc:b4:52:ef:fd:71:f7:
fd:31:5a:05:43:e6:c3:18:29:97:6a:15:f0:48:91:
b4:76:70:a1:ae:a7:24:fa:a0:b6:dd:91:3a:4c:13:
e8:d0:10:09:f8:48:77:02:cd:51:bb:cc:df:d2:88:
c8:32:6d:60:d9:eb:1f:8c:22:58:e0:c2:15:51:f2:
8c:0c:2c:38:96:14:61:a2:d2:93:a5:a8:01:28:58:
fe:01:6d:98:b9:c9:a5:b6:88:21:da:1e:dd:4d:99:
83:7a:18:6e:0e:e0:84:0c:04:5e:82:32:e8:5a:87:
9a:06:39:7b:2d:be:7c:81:24:05:33:ea:33:3b:cf:
95:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:75:74:D1:28:DD:76:2C:F2:30:3F:5F:1F:86:C1:B4:26:9C:73:26
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/83V00SjddizyMD9fH4bBtCaccyY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
79:85:67:3a:d9:a1:92:14:26:92:c0:df:0b:89:56:49:ff:62:
60:6a:38:be:9a:ae:32:dc:ce:e8:fb:26:4c:e8:ec:5a:72:47:
1c:66:7e:c6:32:30:9f:5e:99:33:02:73:05:c3:ab:e5:02:5f:
25:fb:0b:04:c5:60:78:81:0e:fd:fb:0b:ab:85:d9:80:37:23:
b3:07:9b:ad:0b:20:e2:08:62:3b:4d:8d:64:aa:dc:7c:63:5e:
1e:9e:03:f2:af:6a:19:67:f5:62:87:d6:7e:bb:a2:ef:f5:da:
4e:b6:10:ef:a3:a2:6c:24:c2:42:d2:84:43:95:38:99:1b:30:
d0:7a:7d:68:1e:05:b2:fe:ff:10:5c:4b:07:6e:cf:bb:c0:51:
81:c4:74:f6:25:e6:e0:fb:2c:fb:95:69:36:bc:b5:8a:72:a9:
db:8c:53:28:59:92:cc:75:a8:a7:c3:52:0c:cf:d2:b3:3d:f9:
cc:47:9e:92:aa:b7:1c:67:1b:9c:a1:24:52:71:98:de:66:dc:
7c:b6:07:b6:77:a0:ed:af:b0:13:eb:a0:fd:50:fe:fb:f5:ba:
ff:b7:69:1f:54:8b:8c:9f:e1:32:2e:a4:6b:7d:2d:a8:07:bd:
18:c3:fa:ac:8f:f2:20:f5:ac:20:d1:89:bf:69:64:d4:8d:37:
a1:59:5a:4f
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTcx
MTU0NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEYzNzU3NEQxMjhERDc2
MkNGMjMwM0Y1RjFGODZDMUI0MjY5QzczMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCu2tKJLbq5mLV0rsfz2v3NXpnX4DrdlFhVLpVD/7Ewzz34h+t
0oZHAiSlzcRXLEhGzTyUh0DtMue+i8XhpRykJ93Fnh76TRPWicNtzB74Pkm1Ad7c
mzuShLHGTRPxNXPlgLW66Rslrj79RC2P2SoWs9OXoHjuBBh6iHJl6hBz3LRS7/1x
9/0xWgVD5sMYKZdqFfBIkbR2cKGupyT6oLbdkTpME+jQEAn4SHcCzVG7zN/SiMgy
bWDZ6x+MIljgwhVR8owMLDiWFGGi0pOlqAEoWP4BbZi5yaW2iCHaHt1NmYN6GG4O
4IQMBF6CMuhah5oGOXstvnyBJAUz6jM7z5WDAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU83V00SjddizyMD9fH4bBtCaccyYwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzgzVjAwU2pkZGl6eU1E
OWZINGJCdENhY2N5WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHmFZzrZoZIUJpLA3wuJVkn/
YmBqOL6arjLczuj7Jkzo7FpyRxxmfsYyMJ9emTMCcwXDq+UCXyX7CwTFYHiBDv37
C6uF2YA3I7MHm60LIOIIYjtNjWSq3HxjXh6eA/Kvahln9WKH1n67ou/12k62EO+j
omwkwkLShEOVOJkbMNB6fWgeBbL+/xBcSwduz7vAUYHEdPYl5uD7LPuVaTa8tYpy
qduMUyhZksx1qKfDUgzP0rM9+cxHnpKqtxxnG5yhJFJxmN5m3Hy2B7Z3oO2vsBPr
oP1Q/vv1uv+3aR9Ui4yf4TIupGt9LagHvRjD+qyP8iD1rCDRib9pZNSNN6FZWk8=
-----END CERTIFICATE-----
Generated at Fri Jan 17 15:19:09 2025 by rpki-client on console.sobornost.net