Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/IPUH44geCvcWCl_Ac1PDGg4pc9c.roa
File: IPUH44geCvcWCl_Ac1PDGg4pc9c.roa (raw, json)
Hash identifier: 1YTVlKxvd/2lltvSuUjAUfT6rB40HrEf0G61PhsP4wU=
Subject key identifier: 20:F5:07:E3:88:1E:0A:F7:16:0A:5F:C0:73:53:C3:1A:0E:29:73:D7
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 050C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/IPUH44geCvcWCl_Ac1PDGg4pc9c.roa
Signing time: Fri 17 Jan 2025 00:24:43 +0000
ROA not before: Fri 17 Jan 2025 00:24:43 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1292 (0x50c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 17 00:24:43 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=20F507E3881E0AF7160A5FC07353C31A0E2973D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:50:1a:4e:9e:c7:f9:28:68:46:67:e5:60:19:
28:b6:21:e3:03:e1:78:2d:13:4d:c2:ff:e0:ff:1f:
ee:c3:bd:11:6d:21:d0:98:c7:16:94:98:92:3d:44:
82:a1:99:43:ec:74:64:5a:cf:5e:5b:53:51:82:c1:
6d:cd:86:f6:62:4b:f3:57:36:d8:9f:0e:a5:15:98:
62:e6:54:8a:29:da:f6:ae:61:27:95:a4:0c:6e:1e:
68:1c:53:20:e3:e7:e0:16:8e:68:ec:b5:81:9a:8f:
f6:0a:2e:82:99:1d:5f:20:5c:3a:32:84:47:23:d0:
e1:fe:8b:44:88:e9:d6:53:64:24:de:76:2a:74:61:
1f:3e:0d:9d:3b:48:b0:fd:a5:57:4a:cc:e5:f3:16:
13:db:f3:cb:a9:53:a3:5d:40:41:a8:8a:cd:a2:5b:
ea:9f:ee:7a:4c:45:29:90:20:71:a0:69:61:c9:ca:
44:12:21:df:d1:c2:eb:19:89:05:c4:21:99:57:8f:
f3:f7:17:c4:7c:fb:b0:f9:db:2c:11:f7:57:b9:51:
3c:35:48:5b:12:f0:ae:ea:dc:ad:9d:36:0d:6b:a3:
94:eb:02:b4:82:88:26:b7:b6:14:cc:23:21:df:d1:
6c:68:b7:a8:98:f8:b5:54:72:88:e3:5f:16:e8:ab:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F5:07:E3:88:1E:0A:F7:16:0A:5F:C0:73:53:C3:1A:0E:29:73:D7
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/IPUH44geCvcWCl_Ac1PDGg4pc9c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
7c:a3:62:e6:74:af:5f:4e:88:bc:0e:af:1a:a3:78:ed:0f:15:
12:8a:fa:09:f6:00:3b:9f:df:a2:4a:c0:f4:11:31:e3:73:5e:
a9:7b:18:56:8d:de:71:29:5d:cc:d5:c1:b4:bb:09:36:82:39:
dc:7e:6f:c0:f9:4c:61:30:8b:7e:bb:a3:06:3f:2e:5c:a9:d1:
4f:05:57:4d:e9:73:3e:af:17:84:8d:73:9e:59:e9:c9:31:a3:
61:b7:99:16:f5:a2:c7:34:c8:56:24:8d:ce:13:45:29:9f:31:
c6:e0:85:4d:2e:e3:bd:17:de:dc:73:2b:09:fc:ea:5f:de:bc:
0d:e0:e2:ab:ec:71:4b:ee:7c:d9:0c:a8:96:d4:ba:bb:d3:88:
56:cb:a9:3b:c8:48:2c:9f:05:80:3c:01:ee:3b:ba:ce:51:ed:
56:1b:4c:5f:68:8a:7e:38:d1:04:2b:4d:ec:b4:63:46:58:45:
ef:58:27:e3:61:72:57:ee:8b:bd:a9:b4:bd:93:dc:28:71:03:
31:ff:56:a2:fa:33:aa:c7:ef:d3:ea:20:b6:7f:97:57:ec:a2:
9e:2e:56:3d:ed:be:cc:c6:51:7e:55:25:ef:cd:ed:50:b3:c1:
8d:b2:6b:49:aa:b1:fe:04:ac:91:ca:8a:1c:06:e2:76:81:6e:
9e:35:c5:e7
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBQwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTcw
MDI0NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIwRjUwN0UzODgxRTBB
RjcxNjBBNUZDMDczNTNDMzFBMEUyOTczRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaUBpOnsf5KGhGZ+VgGSi2IeMD4XgtE03C/+D/H+7DvRFtIdCY
xxaUmJI9RIKhmUPsdGRaz15bU1GCwW3NhvZiS/NXNtifDqUVmGLmVIop2vauYSeV
pAxuHmgcUyDj5+AWjmjstYGaj/YKLoKZHV8gXDoyhEcj0OH+i0SI6dZTZCTedip0
YR8+DZ07SLD9pVdKzOXzFhPb88upU6NdQEGois2iW+qf7npMRSmQIHGgaWHJykQS
Id/RwusZiQXEIZlXj/P3F8R8+7D52ywR91e5UTw1SFsS8K7q3K2dNg1ro5TrArSC
iCa3thTMIyHf0Wxot6iY+LVUcojjXxboq7KjAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUIPUH44geCvcWCl/Ac1PDGg4pc9cwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0lQVUg0NGdlQ3ZjV0Ns
X0FjMVBER2c0cGM5Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHyjYuZ0r19OiLwOrxqjeO0P
FRKK+gn2ADuf36JKwPQRMeNzXql7GFaN3nEpXczVwbS7CTaCOdx+b8D5TGEwi367
owY/Llyp0U8FV03pcz6vF4SNc55Z6ckxo2G3mRb1osc0yFYkjc4TRSmfMcbghU0u
470X3txzKwn86l/evA3g4qvscUvufNkMqJbUurvTiFbLqTvISCyfBYA8Ae47us5R
7VYbTF9oin440QQrTey0Y0ZYRe9YJ+Nhclfui72ptL2T3ChxAzH/VqL6M6rH79Pq
ILZ/l1fsop4uVj3tvszGUX5VJe/N7VCzwY2ya0mqsf4ErJHKihwG4naBbp41xec=
-----END CERTIFICATE-----
Generated at Fri Jan 17 03:54:52 2025 by rpki-client on console.sobornost.net