Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/90ebeMH1dAM7uctp0Qio7-QUXo4.roa
File: 90ebeMH1dAM7uctp0Qio7-QUXo4.roa (raw, json)
Hash identifier: ZxSr4VjqIpEAWrbAMbvX63OniEmm7v7xCSu7nn3VppI=
Subject key identifier: F7:47:9B:78:C1:F5:74:03:3B:B9:CB:69:D1:08:A8:EF:E4:14:5E:8E
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 09F2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/90ebeMH1dAM7uctp0Qio7-QUXo4.roa
Signing time: Thu 30 Jan 2025 01:55:29 +0000
ROA not before: Thu 30 Jan 2025 01:55:29 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2546 (0x9f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 30 01:55:29 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F7479B78C1F574033BB9CB69D108A8EFE4145E8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:de:7a:77:52:8d:39:b3:88:34:af:7f:ff:
cb:a8:90:0e:ec:23:b9:15:d0:5f:b4:ab:78:9d:49:
e0:d8:7f:d7:df:50:af:e7:98:79:2c:c5:98:27:82:
bd:05:ac:81:39:3c:ff:dc:27:b6:c2:f3:f3:ec:07:
09:f5:52:12:ef:12:59:64:ed:82:ee:3b:d1:8d:1f:
f0:79:92:2e:72:4f:c4:fe:63:89:54:d7:cf:86:ca:
4c:b3:f9:ba:34:71:09:54:4a:77:be:94:5c:bc:c8:
89:32:7c:73:2d:be:80:22:65:d6:7e:56:fe:18:32:
09:e0:b2:32:25:b5:d6:26:e8:d7:2c:f0:f0:9f:b6:
a2:40:a9:9e:81:44:05:ef:eb:05:62:00:1c:b4:1c:
02:58:14:e8:d6:7f:31:3c:94:ad:d7:2b:14:8f:29:
2d:4d:06:0e:1e:fe:3c:36:c0:94:25:31:80:25:d9:
6f:99:dc:d3:90:9a:f3:08:cf:c0:ee:0d:0e:b5:7d:
c8:c4:6b:bf:66:f4:8e:f8:3d:e6:b4:54:30:8c:bb:
05:a2:0b:cd:f4:e2:92:7e:43:26:e8:8d:85:75:3d:
8c:9b:16:11:9a:f4:9c:68:29:4f:83:fd:ad:e5:5a:
66:81:69:55:41:f2:bf:6f:6c:51:ce:4b:4d:da:d0:
18:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:47:9B:78:C1:F5:74:03:3B:B9:CB:69:D1:08:A8:EF:E4:14:5E:8E
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/90ebeMH1dAM7uctp0Qio7-QUXo4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:6d:02:ef:04:e0:e2:89:8e:41:30:1e:28:cb:01:16:b2:a4:
15:fc:71:3c:e0:d9:8b:53:a8:6d:be:0a:65:9c:59:23:ec:01:
85:91:de:51:df:32:58:58:79:48:9f:f3:7d:03:b0:07:f8:80:
43:dd:b5:7f:04:80:4a:c5:ad:54:6a:8a:66:de:21:7f:88:b6:
58:36:83:3f:a8:59:47:49:7d:4c:b0:be:1c:13:70:00:c2:e0:
ff:6d:d5:56:57:af:f1:bf:68:81:5f:53:d1:e6:39:03:14:4b:
c6:35:28:aa:42:9f:d1:d1:45:af:7f:06:19:5f:2d:3c:e8:ab:
94:0d:3d:ed:bb:71:02:a0:60:dd:1d:c1:2d:9b:99:15:88:2e:
a8:6d:e7:8b:a2:66:30:10:0e:2a:4e:32:64:b8:f9:54:73:70:
14:c9:99:bc:2c:6a:da:ad:28:c8:52:ac:27:5a:ae:71:87:9c:
d3:3a:1a:10:2b:c6:ff:15:bd:39:55:26:7a:c3:f4:a4:be:da:
6d:f5:80:e5:97:a1:8c:ae:6d:a0:c3:35:74:52:82:3f:84:47:
40:49:29:71:5c:27:cc:fe:d5:e7:71:77:00:58:6d:0b:69:1d:
2a:ec:ad:c4:a1:9c:cb:2d:a6:d3:6e:f0:00:85:62:e0:b5:c2:
c6:3b:94:af
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzAw
MTU1MjlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY3NDc5Qjc4QzFGNTc0
MDMzQkI5Q0I2OUQxMDhBOEVGRTQxNDVFOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr6d56d1KNObOINK9//8uokA7sI7kV0F+0q3idSeDYf9ffUK/n
mHksxZgngr0FrIE5PP/cJ7bC8/PsBwn1UhLvEllk7YLuO9GNH/B5ki5yT8T+Y4lU
18+Gykyz+bo0cQlUSne+lFy8yIkyfHMtvoAiZdZ+Vv4YMgngsjIltdYm6Ncs8PCf
tqJAqZ6BRAXv6wViABy0HAJYFOjWfzE8lK3XKxSPKS1NBg4e/jw2wJQlMYAl2W+Z
3NOQmvMIz8DuDQ61fcjEa79m9I74Pea0VDCMuwWiC8304pJ+QybojYV1PYybFhGa
9JxoKU+D/a3lWmaBaVVB8r9vbFHOS03a0BixAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU90ebeMH1dAM7uctp0Qio7+QUXo4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzkwZWJlTUgxZEFNN3Vj
dHAwUWlvNy1RVVhvNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGxtAu8E4OKJjkEwHijLARay
pBX8cTzg2YtTqG2+CmWcWSPsAYWR3lHfMlhYeUif830DsAf4gEPdtX8EgErFrVRq
imbeIX+Itlg2gz+oWUdJfUywvhwTcADC4P9t1VZXr/G/aIFfU9HmOQMUS8Y1KKpC
n9HRRa9/BhlfLTzoq5QNPe27cQKgYN0dwS2bmRWILqht54uiZjAQDipOMmS4+VRz
cBTJmbwsatqtKMhSrCdarnGHnNM6GhArxv8VvTlVJnrD9KS+2m31gOWXoYyubaDD
NXRSgj+ER0BJKXFcJ8z+1edxdwBYbQtpHSrsrcShnMstptNu8ACFYuC1wsY7lK8=
Generated at Thu Jan 30 06:45:15 2025 by rpki-client on console.sobornost.net