Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/EFjjT5ABv2ndMFUAicEqaDFnvYI.roa
File: EFjjT5ABv2ndMFUAicEqaDFnvYI.roa (raw, json)
Hash identifier: NJRNTZOkLVf1r/c/6TAcUeyK8mfNb9zJpHU1/u26CLM=
Subject key identifier: 10:58:E3:4F:90:01:BF:69:DD:30:55:00:89:C1:2A:68:31:67:BD:82
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0AEE
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/EFjjT5ABv2ndMFUAicEqaDFnvYI.roa
Signing time: Sat 01 Feb 2025 16:55:34 +0000
ROA not before: Sat 01 Feb 2025 16:55:34 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2798 (0xaee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 16:55:34 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1058E34F9001BF69DD30550089C12A683167BD82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:00:05:88:38:6e:0a:18:20:ce:a8:0e:4a:dd:
9d:24:2f:33:25:5b:7b:92:e1:5e:50:10:45:e0:8a:
51:16:a2:01:59:d1:a4:ba:80:ac:59:77:ad:7e:df:
4f:27:b5:30:32:8c:ea:ac:32:87:75:c4:7f:b6:41:
86:8f:d4:7c:b4:f9:5f:d4:1e:25:f5:e4:b2:8b:eb:
32:4f:4a:8b:3c:af:3e:f1:66:d8:97:af:a1:f2:e8:
49:33:89:91:91:8a:cc:e0:6d:f1:91:8c:45:77:5d:
6c:3f:71:fa:b1:99:bd:2a:f0:a9:b8:db:bb:29:30:
60:41:99:87:42:72:3f:e4:3c:51:5e:05:20:2b:bb:
a6:16:03:75:c6:ad:dc:50:12:95:5b:f5:cb:fc:4a:
69:0a:88:19:8a:e5:41:a7:a6:57:32:13:1c:e2:6a:
89:69:dc:d8:3a:c8:8d:3f:12:21:11:ba:01:65:d3:
c4:09:8a:66:3e:5f:ef:3c:c6:14:72:db:6e:5f:31:
59:43:44:16:44:fd:cd:87:2f:60:31:c1:94:0a:11:
a5:bf:ba:72:8e:7d:ff:af:98:42:c0:a3:0e:57:81:
cb:03:99:7c:c4:3a:8d:8a:22:1b:0b:1e:47:02:8e:
2d:bd:8a:a7:41:59:9d:ec:72:09:ba:02:d9:d1:9c:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:58:E3:4F:90:01:BF:69:DD:30:55:00:89:C1:2A:68:31:67:BD:82
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/EFjjT5ABv2ndMFUAicEqaDFnvYI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
77:52:d9:19:d1:a5:44:2d:4f:c7:8f:a6:9e:f9:ae:10:b4:b3:
58:ec:53:73:37:a6:39:54:fd:97:ac:9b:1a:fa:c3:0c:df:cc:
f2:b6:85:79:f8:4e:ed:8c:cb:7e:50:e0:76:7a:33:17:10:ad:
f4:da:31:79:ba:0e:62:5e:14:ad:be:f4:fd:32:4f:06:64:46:
57:b8:48:46:4d:57:da:fc:4f:ff:14:9b:0d:c8:83:20:a0:1d:
d6:20:9a:c9:d7:8e:a0:75:a4:42:bc:b8:b6:04:72:59:fc:86:
bd:e7:de:c2:e8:e3:e5:c4:3f:b4:93:85:9f:cf:42:de:47:23:
dd:1e:18:1a:60:d3:d8:6e:e1:b4:ac:ce:6e:9d:12:0a:a7:84:
2a:86:87:7e:25:2d:88:63:a3:d2:80:c3:9c:37:65:84:d1:81:
2b:f4:3d:35:fd:69:15:d1:e8:ce:34:5b:c4:66:55:96:9a:c6:
8f:30:9d:35:83:78:e0:98:62:65:e1:de:6a:86:93:e8:c9:39:
60:2c:43:66:c2:36:cd:52:e6:00:a7:4a:79:e9:09:4c:95:de:
97:d0:d4:cd:04:2d:c5:2b:74:03:f4:84:86:24:f2:13:a8:fa:
06:a1:dc:d8:ee:8e:f6:dc:a6:10:40:89:9a:a0:6f:a2:69:0e:
9a:a0:49:da
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCu4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEx
NjU1MzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEwNThFMzRGOTAwMUJG
NjlERDMwNTUwMDg5QzEyQTY4MzE2N0JEODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHAAWIOG4KGCDOqA5K3Z0kLzMlW3uS4V5QEEXgilEWogFZ0aS6
gKxZd61+308ntTAyjOqsMod1xH+2QYaP1Hy0+V/UHiX15LKL6zJPSos8rz7xZtiX
r6Hy6EkziZGRiszgbfGRjEV3XWw/cfqxmb0q8Km427spMGBBmYdCcj/kPFFeBSAr
u6YWA3XGrdxQEpVb9cv8SmkKiBmK5UGnplcyExziaolp3Ng6yI0/EiERugFl08QJ
imY+X+88xhRy225fMVlDRBZE/c2HL2AxwZQKEaW/unKOff+vmELAow5XgcsDmXzE
Oo2KIhsLHkcCji29iqdBWZ3scgm6AtnRnCn7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUEFjjT5ABv2ndMFUAicEqaDFnvYIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0VGampUNUFCdjJuZE1G
VUFpY0VxYURGbnZZSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHdS2RnRpUQtT8ePpp75rhC0
s1jsU3M3pjlU/Zesmxr6wwzfzPK2hXn4Tu2My35Q4HZ6MxcQrfTaMXm6DmJeFK2+
9P0yTwZkRle4SEZNV9r8T/8Umw3IgyCgHdYgmsnXjqB1pEK8uLYEcln8hr3n3sLo
4+XEP7SThZ/PQt5HI90eGBpg09hu4bSszm6dEgqnhCqGh34lLYhjo9KAw5w3ZYTR
gSv0PTX9aRXR6M40W8RmVZaaxo8wnTWDeOCYYmXh3mqGk+jJOWAsQ2bCNs1S5gCn
SnnpCUyV3pfQ1M0ELcUrdAP0hIYk8hOo+gah3NjujvbcphBAiZqgb6JpDpqgSdo=
Generated at Sat Feb 1 20:54:26 2025 by rpki-client on console.sobornost.net