Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/HGW0cAbTeNtaaYlo53Z6BOOtEkI.roa
File: HGW0cAbTeNtaaYlo53Z6BOOtEkI.roa (raw, json)
Hash identifier: SQYs+L8qtzPyeXpA0Mf+xep0JiZtcNuftV2WFQgSITg=
Subject key identifier: 1C:65:B4:70:06:D3:78:DB:5A:69:89:68:E7:76:7A:04:E3:AD:12:42
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CC4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/HGW0cAbTeNtaaYlo53Z6BOOtEkI.roa
Signing time: Thu 06 Feb 2025 14:25:46 +0000
ROA not before: Thu 06 Feb 2025 14:25:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3268 (0xcc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 14:25:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1C65B47006D378DB5A698968E7767A04E3AD1242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:5e:e5:9e:0c:ea:7b:30:b3:ae:b5:d0:10:
33:c8:b5:a5:05:97:ff:35:ec:fc:9d:ec:05:47:c6:
19:f9:a7:ec:9c:1e:d0:18:a7:76:59:f1:cf:06:16:
d0:01:41:7d:dd:f4:52:41:ed:35:4f:a0:1f:fa:5f:
e3:d4:82:ee:79:d5:95:c1:ac:cb:81:8b:0a:d5:8e:
60:90:9b:ec:20:06:98:ae:78:d5:22:9e:07:29:fc:
25:a9:4a:37:a8:50:29:88:a5:65:33:7d:54:6d:ab:
bf:df:91:75:38:41:ae:87:02:64:f2:24:50:e0:61:
28:31:c4:fb:df:ee:04:e4:6f:b3:70:48:85:eb:30:
cf:27:52:70:6d:1d:af:62:72:47:28:6f:28:7e:07:
ee:fc:45:de:27:a9:46:45:fe:42:62:e1:b1:13:20:
fa:5d:2f:1a:c4:9d:b0:b4:18:79:02:4f:c1:02:77:
db:e7:58:b2:fd:16:a4:3a:8d:57:b6:ec:e9:3b:b7:
f6:37:f4:2f:fc:e1:1f:67:3a:93:4d:0d:d2:2b:a3:
47:63:95:c8:cb:82:68:ec:80:fe:40:f3:c3:dd:1c:
05:42:2b:9b:d3:12:63:15:75:d8:e9:de:af:ff:d1:
3d:c9:30:59:87:6c:da:d4:55:11:4a:43:4e:b1:de:
f0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:65:B4:70:06:D3:78:DB:5A:69:89:68:E7:76:7A:04:E3:AD:12:42
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/HGW0cAbTeNtaaYlo53Z6BOOtEkI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:37:d4:6a:80:05:8d:00:36:c0:60:e1:3c:22:4c:35:f2:c6:
14:54:de:6c:a0:1f:ba:3f:cf:a6:7b:7e:b1:ae:14:26:97:8f:
63:bc:1a:b6:b4:82:7b:44:58:fb:06:21:ac:cd:7b:64:27:a0:
5e:06:c4:56:8f:a7:e9:ba:25:d1:6c:4f:5b:ef:47:1d:0b:64:
ce:11:3d:b0:30:6a:37:39:06:8e:8e:5c:dd:15:9d:c1:f2:c5:
2d:68:75:a1:d0:50:2e:e5:15:71:77:0f:87:c7:63:52:dd:26:
d6:de:ab:2a:44:2e:92:07:c9:73:ac:30:35:7e:6f:ca:7d:78:
e7:cf:01:62:6b:be:7e:10:90:c8:a6:c4:d9:ee:77:80:99:9f:
29:c9:d0:be:a1:5e:bb:67:6b:b3:02:73:6b:04:31:49:38:6f:
c7:0c:2f:f4:c8:4f:85:86:f4:99:73:dd:c0:df:a4:05:8a:39:
64:7c:1e:4f:1e:a4:11:60:ef:4a:3e:cb:ea:5b:f8:e3:71:bc:
ce:51:56:0e:f2:8f:e5:4c:0a:21:9e:9b:9d:c5:72:2c:9f:a4:
d2:f6:82:ab:7b:14:a9:cb:bb:04:b2:31:0c:af:3d:c4:72:86:
61:9e:5a:73:70:7e:a3:14:ec:e0:bd:d7:44:3d:7e:3c:64:3f:
14:8b:e6:ec
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYx
NDI1NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFDNjVCNDcwMDZEMzc4
REI1QTY5ODk2OEU3NzY3QTA0RTNBRDEyNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+/V7lngzqezCzrrXQEDPItaUFl/817Pyd7AVHxhn5p+ycHtAY
p3ZZ8c8GFtABQX3d9FJB7TVPoB/6X+PUgu551ZXBrMuBiwrVjmCQm+wgBpiueNUi
ngcp/CWpSjeoUCmIpWUzfVRtq7/fkXU4Qa6HAmTyJFDgYSgxxPvf7gTkb7NwSIXr
MM8nUnBtHa9ickcobyh+B+78Rd4nqUZF/kJi4bETIPpdLxrEnbC0GHkCT8ECd9vn
WLL9FqQ6jVe27Ok7t/Y39C/84R9nOpNNDdIro0djlcjLgmjsgP5A88PdHAVCK5vT
EmMVddjp3q//0T3JMFmHbNrUVRFKQ06x3vAJAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUHGW0cAbTeNtaaYlo53Z6BOOtEkIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0hHVzBjQWJUZU50YWFZ
bG81M1o2Qk9PdEVrSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAC831GqABY0ANsBg4TwiTDXy
xhRU3mygH7o/z6Z7frGuFCaXj2O8Gra0gntEWPsGIazNe2QnoF4GxFaPp+m6JdFs
T1vvRx0LZM4RPbAwajc5Bo6OXN0VncHyxS1odaHQUC7lFXF3D4fHY1LdJtbeqypE
LpIHyXOsMDV+b8p9eOfPAWJrvn4QkMimxNnud4CZnynJ0L6hXrtna7MCc2sEMUk4
b8cML/TIT4WG9Jlz3cDfpAWKOWR8Hk8epBFg70o+y+pb+ONxvM5RVg7yj+VMCiGe
m53FciyfpNL2gqt7FKnLuwSyMQyvPcRyhmGeWnNwfqMU7OC910Q9fjxkPxSL5uw=
Generated at Thu Feb 6 18:25:57 2025 by rpki-client on console.sobornost.net