Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Jf3S1B0ag2awtmDl4NzqzYruwTw.roa
File: Jf3S1B0ag2awtmDl4NzqzYruwTw.roa (raw, json)
Hash identifier: StZKLHFp7829KmNUQb7s2vwYjFpOdgQl/pf7B211+3Q=
Subject key identifier: 25:FD:D2:D4:1D:1A:83:66:B0:B6:60:E5:E0:DC:EA:CD:8A:EE:C1:3C
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 04E4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Jf3S1B0ag2awtmDl4NzqzYruwTw.roa
Signing time: Thu 16 Jan 2025 14:24:41 +0000
ROA not before: Thu 16 Jan 2025 14:24:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1252 (0x4e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 16 14:24:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=25FDD2D41D1A8366B0B660E5E0DCEACD8AEEC13C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3f:54:f1:ca:9f:fa:5d:c2:af:10:4e:5b:25:
44:d4:1a:2f:65:46:1b:d9:66:ab:38:62:ed:0c:be:
e7:ee:74:97:44:dc:13:fa:17:37:55:f0:1d:2e:5d:
1e:47:a6:de:58:f0:89:80:10:30:7e:ec:14:33:ff:
c2:43:af:0c:3b:22:9d:b4:10:85:71:f5:a7:83:a2:
79:e2:ce:26:25:b6:5d:cd:8d:0b:ed:c2:f4:d3:66:
7e:c6:3e:91:30:07:aa:32:c0:2e:d3:c8:d0:59:03:
ae:aa:d4:46:33:44:51:4a:fc:c4:98:32:1a:ee:e5:
9c:64:96:ff:95:88:d9:55:56:55:34:22:40:82:51:
d3:bb:40:01:0b:04:fd:a3:ef:9d:be:06:4f:93:e8:
b1:a2:17:6f:b1:32:82:23:d7:ba:07:73:8e:b9:39:
19:84:75:1e:8f:ec:0e:81:ab:b8:9f:0d:9d:0e:08:
f0:c1:01:ed:cd:15:dc:81:05:9b:b6:3f:39:38:31:
00:ca:04:d3:8f:be:77:18:f6:fc:92:ab:34:f7:0a:
5d:7e:94:48:a2:5a:d4:d4:46:b4:bc:3d:4d:bf:f1:
e0:15:55:dd:0e:31:3b:e9:2f:8f:1a:ea:b8:b9:2c:
e1:3e:31:e4:45:7d:ae:24:cf:ff:db:ec:30:70:84:
55:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FD:D2:D4:1D:1A:83:66:B0:B6:60:E5:E0:DC:EA:CD:8A:EE:C1:3C
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Jf3S1B0ag2awtmDl4NzqzYruwTw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:16:12:f9:43:23:8e:28:8b:9e:55:7b:21:55:1e:51:3e:af:
87:ff:ba:5f:78:5b:79:af:fb:d2:0f:bd:03:11:53:32:80:d1:
6a:90:57:ab:de:82:88:b9:49:d5:a0:ca:85:1f:19:27:33:ad:
8e:38:3c:1f:2e:a7:48:72:2e:72:fa:e1:83:0e:f9:ac:6f:ce:
27:f5:ad:ee:cf:d8:3d:46:69:c7:e2:82:cd:95:e3:ae:86:dd:
bc:08:16:f0:8a:6e:a8:cf:45:39:dd:00:26:ef:fe:2d:b3:2d:
ba:0b:bf:a7:ed:a0:17:f2:9f:26:ff:29:25:1b:00:ba:eb:71:
70:8a:65:30:73:8b:11:c5:50:de:92:05:6f:18:45:5b:53:57:
19:39:f8:f9:94:a8:80:03:d8:bb:da:03:9a:a1:bc:2d:1a:bf:
eb:ee:45:0b:a5:3f:9d:66:41:e0:d6:7f:7c:20:93:a6:6c:52:
95:8e:2e:b6:8c:77:6f:b7:3d:eb:9c:1b:5c:e5:a2:2e:3f:50:
91:51:ab:aa:b3:31:ec:38:4d:09:69:7a:b8:e1:36:68:f1:67:
8f:18:61:e9:6a:5a:d5:06:ca:af:be:ba:51:5a:79:9d:ee:cd:
75:8d:01:af:d8:7f:76:dd:8e:ad:87:0c:61:15:ba:06:90:ae:
61:bd:fd:ef
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTYx
NDI0NDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI1RkREMkQ0MUQxQTgz
NjZCMEI2NjBFNUUwRENFQUNEOEFFRUMxM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7P1Txyp/6XcKvEE5bJUTUGi9lRhvZZqs4Yu0MvufudJdE3BP6
FzdV8B0uXR5Hpt5Y8ImAEDB+7BQz/8JDrww7Ip20EIVx9aeDonniziYltl3NjQvt
wvTTZn7GPpEwB6oywC7TyNBZA66q1EYzRFFK/MSYMhru5Zxklv+ViNlVVlU0IkCC
UdO7QAELBP2j752+Bk+T6LGiF2+xMoIj17oHc465ORmEdR6P7A6Bq7ifDZ0OCPDB
Ae3NFdyBBZu2Pzk4MQDKBNOPvncY9vySqzT3Cl1+lEiiWtTURrS8PU2/8eAVVd0O
MTvpL48a6ri5LOE+MeRFfa4kz//b7DBwhFWPAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUJf3S1B0ag2awtmDl4NzqzYruwTwwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0pmM1MxQjBhZzJhd3Rt
RGw0TnpxellydXdUdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAI8WEvlDI44oi55VeyFVHlE+
r4f/ul94W3mv+9IPvQMRUzKA0WqQV6vegoi5SdWgyoUfGSczrY44PB8up0hyLnL6
4YMO+axvzif1re7P2D1Gacfigs2V466G3bwIFvCKbqjPRTndACbv/i2zLboLv6ft
oBfynyb/KSUbALrrcXCKZTBzixHFUN6SBW8YRVtTVxk5+PmUqIAD2LvaA5qhvC0a
v+vuRQulP51mQeDWf3wgk6ZsUpWOLraMd2+3PeucG1zloi4/UJFRq6qzMew4TQlp
erjhNmjxZ48YYelqWtUGyq++ulFaeZ3uzXWNAa/Yf3bdjq2HDGEVugaQrmG9/e8=
Generated at Thu Jan 16 17:53:08 2025 by rpki-client on console.sobornost.net