Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/9-sS9oBudXEu2IgdfBXVz_DunlA.roa
File: 9-sS9oBudXEu2IgdfBXVz_DunlA.roa (raw, json)
Hash identifier: xmUkep7RW5nXhw3zsmZNknNKQ3fJLDNHJtyQpZxm5Ss=
Subject key identifier: F7:EB:12:F6:80:6E:75:71:2E:D8:88:1D:7C:15:D5:CF:F0:EE:9E:50
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 054A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/9-sS9oBudXEu2IgdfBXVz_DunlA.roa
Signing time: Fri 17 Jan 2025 15:54:47 +0000
ROA not before: Fri 17 Jan 2025 15:54:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1354 (0x54a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 17 15:54:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F7EB12F6806E75712ED8881D7C15D5CFF0EE9E50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:d3:2e:d9:75:a4:f9:0f:17:7b:5b:37:7a:
f1:25:70:86:f3:16:67:2f:f5:04:cd:e5:f0:4d:0f:
e9:bf:04:b6:56:35:b5:e6:13:53:b4:0a:62:30:c3:
6d:05:5b:38:d8:1b:4d:91:9d:a9:46:19:fa:b2:cb:
48:a3:07:13:f3:16:bb:55:c7:ee:58:d9:77:52:ee:
c8:91:2c:5a:35:f0:66:f3:a4:5a:75:4b:36:fd:96:
01:7f:aa:da:95:f2:93:0e:69:84:48:38:22:4e:61:
22:ab:f9:e5:e3:09:1b:fa:ed:d8:25:dd:93:dd:f1:
08:38:65:45:aa:ad:e0:4f:97:70:0d:3c:33:5e:22:
d8:12:da:e2:be:f5:01:cf:19:14:48:46:a8:2c:c8:
79:71:33:8b:4e:70:03:ab:1e:20:82:7a:58:32:8f:
10:08:b0:12:8d:89:a2:a9:47:6b:a0:da:c2:c4:9c:
f1:16:52:09:4c:8a:26:bf:e4:f4:2a:dd:14:30:b0:
f0:24:40:45:3c:4d:a3:bb:90:34:18:83:d3:48:54:
21:e3:40:1e:cf:f9:fd:61:ce:5a:7f:66:6e:31:8d:
9f:ba:0b:c9:2d:31:11:27:01:3d:34:0f:bd:08:3f:
28:dc:f3:51:55:fe:b9:88:5e:8b:b4:a2:c8:00:e5:
bc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:EB:12:F6:80:6E:75:71:2E:D8:88:1D:7C:15:D5:CF:F0:EE:9E:50
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/9-sS9oBudXEu2IgdfBXVz_DunlA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
10:09:3e:17:59:77:84:31:72:e3:93:90:d4:ee:f5:cf:cc:0e:
5b:4d:da:3c:7a:32:d5:8b:44:bd:bd:b6:df:16:dd:da:b4:77:
64:66:3b:51:1e:b0:b4:56:41:7c:d4:99:fd:52:e2:f1:87:47:
d2:af:9c:d8:48:b7:a2:96:14:8b:60:50:72:4c:0e:36:6a:35:
08:b0:d9:57:e9:4d:b7:98:76:e1:b1:11:71:06:41:72:ab:33:
83:e2:b7:fd:5b:99:73:3e:f7:37:b4:20:8d:15:4b:87:a8:7a:
df:92:fd:45:97:6b:fa:aa:44:1d:a2:36:02:16:28:a3:25:a0:
ce:72:ce:1b:3b:01:89:90:01:73:f6:ed:2c:c3:6b:9f:24:34:
31:02:ad:21:39:7c:ca:47:b6:ab:24:92:eb:df:f0:57:71:fc:
f2:fe:f0:bf:2b:c1:49:52:68:81:b0:86:fb:96:06:fb:c1:f9:
98:26:b5:06:ff:85:a7:e6:e2:73:ac:e9:4c:37:9e:09:dc:d2:
00:95:5a:54:21:51:07:46:a0:02:94:d5:7d:ac:bd:c8:63:00:
3d:c2:e4:60:36:2d:6c:3e:a0:50:ff:6d:89:5b:64:c6:a1:23:
e0:9e:57:88:e5:f1:14:ca:7a:60:e1:6e:cb:0f:e4:ee:fa:a0:
9f:bf:e3:ea
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTcx
NTU0NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY3RUIxMkY2ODA2RTc1
NzEyRUQ4ODgxRDdDMTVENUNGRjBFRTlFNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6SdMu2XWk+Q8Xe1s3evElcIbzFmcv9QTN5fBND+m/BLZWNbXm
E1O0CmIww20FWzjYG02RnalGGfqyy0ijBxPzFrtVx+5Y2XdS7siRLFo18GbzpFp1
Szb9lgF/qtqV8pMOaYRIOCJOYSKr+eXjCRv67dgl3ZPd8Qg4ZUWqreBPl3ANPDNe
ItgS2uK+9QHPGRRIRqgsyHlxM4tOcAOrHiCCelgyjxAIsBKNiaKpR2ug2sLEnPEW
UglMiia/5PQq3RQwsPAkQEU8TaO7kDQYg9NIVCHjQB7P+f1hzlp/Zm4xjZ+6C8kt
MREnAT00D70IPyjc81FV/rmIXou0osgA5bzXAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU9+sS9oBudXEu2IgdfBXVz/DunlAwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzktc1M5b0J1ZFhFdTJJ
Z2RmQlhWel9EdW5sQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBABAJPhdZd4QxcuOTkNTu9c/M
DltN2jx6MtWLRL29tt8W3dq0d2RmO1EesLRWQXzUmf1S4vGHR9KvnNhIt6KWFItg
UHJMDjZqNQiw2VfpTbeYduGxEXEGQXKrM4Pit/1bmXM+9ze0II0VS4eoet+S/UWX
a/qqRB2iNgIWKKMloM5yzhs7AYmQAXP27SzDa58kNDECrSE5fMpHtqskkuvf8Fdx
/PL+8L8rwUlSaIGwhvuWBvvB+ZgmtQb/hafm4nOs6Uw3ngnc0gCVWlQhUQdGoAKU
1X2svchjAD3C5GA2LWw+oFD/bYlbZMahI+CeV4jl8RTKemDhbssP5O76oJ+/4+o=
Generated at Fri Jan 17 19:21:46 2025 by rpki-client on console.sobornost.net