Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/BjBDfzVgw7PUdvZGogkfGjpjWGc.roa
File: BjBDfzVgw7PUdvZGogkfGjpjWGc.roa (raw, json)
Hash identifier: kZsv2uZWZmleUCvpErVvzgqmzsMzlIqgMVKGATuSCjg=
Subject key identifier: 06:30:43:7F:35:60:C3:B3:D4:76:F6:46:A2:09:1F:1A:3A:63:58:67
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 04EC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/BjBDfzVgw7PUdvZGogkfGjpjWGc.roa
Signing time: Thu 16 Jan 2025 16:24:41 +0000
ROA not before: Thu 16 Jan 2025 16:24:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1260 (0x4ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 16 16:24:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0630437F3560C3B3D476F646A2091F1A3A635867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:44:82:ed:11:37:95:df:bc:83:67:9a:eb:2c:
b9:9a:ff:5e:21:b3:88:94:59:6e:78:c6:ae:10:ae:
08:75:ed:4d:36:26:88:00:e6:48:ad:96:1e:9e:46:
60:7c:a0:28:3c:08:2f:72:76:21:ce:2c:73:98:de:
1e:61:38:27:df:a6:50:f6:2a:69:9a:f2:0d:7e:10:
43:05:81:67:df:11:39:15:37:f2:f3:4b:d4:01:2c:
3b:ee:49:c3:3a:ca:ce:59:b3:40:9e:df:90:64:b7:
e2:01:da:ee:cf:8c:98:ad:58:3d:52:14:ee:5e:78:
7e:31:48:fd:d3:2a:01:b2:15:84:18:13:9f:d4:23:
9d:39:27:f6:73:21:a7:02:c2:90:63:7b:5d:17:a3:
b7:24:d9:56:06:f2:27:89:17:67:da:0f:dd:27:ee:
4e:e6:f2:12:45:03:50:af:f8:81:2f:79:b4:03:ee:
da:ab:ce:3a:06:fd:7a:7c:1f:55:30:15:e2:38:e8:
73:fd:74:16:f7:2b:a0:96:06:3f:34:47:8c:36:99:
ef:65:3e:b8:b4:c9:7b:48:c6:a5:a1:b4:18:3a:02:
ca:47:5d:6e:85:4c:57:35:3f:e3:8a:10:42:e8:7e:
83:5a:51:9b:da:8b:13:f8:92:4e:64:e4:7e:83:3f:
00:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:30:43:7F:35:60:C3:B3:D4:76:F6:46:A2:09:1F:1A:3A:63:58:67
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/BjBDfzVgw7PUdvZGogkfGjpjWGc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:3d:ca:44:7a:0e:31:cd:17:9e:8a:31:9e:1a:97:27:14:56:
26:7b:07:bd:71:29:08:bf:b3:44:b8:1d:9f:0a:ba:af:9d:c7:
48:c5:94:fd:39:aa:02:38:40:e2:ea:dc:6a:87:63:6e:e0:41:
77:1f:68:21:3f:5e:cc:59:0f:50:96:f5:d2:55:08:9c:04:9b:
1e:cf:68:e5:f1:bb:05:ea:a3:9c:37:dc:0d:a1:2f:31:61:43:
28:c8:fd:16:0d:f3:4f:0b:59:ad:4b:c0:d1:58:cb:b9:7d:76:
69:27:f7:4c:0a:be:8a:62:a7:af:c9:19:b0:d4:5d:87:bd:b5:
88:24:f6:d5:2f:a0:34:fb:4c:8f:ea:d6:95:67:95:24:c1:4e:
06:73:f9:94:44:59:59:0e:71:db:98:17:4f:51:e6:4c:58:58:
1e:35:1a:06:a6:5a:5f:40:24:6e:b2:42:a1:d9:09:cb:b1:2f:
87:1b:b2:b4:56:a3:aa:3b:cd:2b:0d:99:d9:98:94:49:f1:5b:
49:12:de:d5:d9:d3:20:1a:fe:bd:18:c8:d0:ce:07:23:56:ef:
a6:fd:72:d1:1c:7b:9a:64:19:08:b6:af:3c:ab:bb:73:0e:81:
ac:3d:41:b5:7c:ca:de:d1:22:c8:14:7f:a8:ad:1a:b0:ff:5c:
a2:89:97:85
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTYx
NjI0NDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA2MzA0MzdGMzU2MEMz
QjNENDc2RjY0NkEyMDkxRjFBM0E2MzU4NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfRILtETeV37yDZ5rrLLma/14hs4iUWW54xq4Qrgh17U02JogA
5kitlh6eRmB8oCg8CC9ydiHOLHOY3h5hOCffplD2Kmma8g1+EEMFgWffETkVN/Lz
S9QBLDvuScM6ys5Zs0Ce35Bkt+IB2u7PjJitWD1SFO5eeH4xSP3TKgGyFYQYE5/U
I505J/ZzIacCwpBje10Xo7ck2VYG8ieJF2faD90n7k7m8hJFA1Cv+IEvebQD7tqr
zjoG/Xp8H1UwFeI46HP9dBb3K6CWBj80R4w2me9lPri0yXtIxqWhtBg6AspHXW6F
TFc1P+OKEELofoNaUZvaixP4kk5k5H6DPwBbAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUBjBDfzVgw7PUdvZGogkfGjpjWGcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0JqQkRmelZndzdQVWR2
WkdvZ2tmR2pwaldHYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIo9ykR6DjHNF56KMZ4alycU
ViZ7B71xKQi/s0S4HZ8Kuq+dx0jFlP05qgI4QOLq3GqHY27gQXcfaCE/XsxZD1CW
9dJVCJwEmx7PaOXxuwXqo5w33A2hLzFhQyjI/RYN808LWa1LwNFYy7l9dmkn90wK
vopip6/JGbDUXYe9tYgk9tUvoDT7TI/q1pVnlSTBTgZz+ZREWVkOcduYF09R5kxY
WB41GgamWl9AJG6yQqHZCcuxL4cbsrRWo6o7zSsNmdmYlEnxW0kS3tXZ0yAa/r0Y
yNDOByNW76b9ctEce5pkGQi2rzyru3MOgaw9QbV8yt7RIsgUf6itGrD/XKKJl4U=
Generated at Thu Jan 16 19:51:58 2025 by rpki-client on console.sobornost.net