Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/K-LIePwuqdptk1D4ZqdQQgvHZpA.roa
File: K-LIePwuqdptk1D4ZqdQQgvHZpA.roa (raw, json)
Hash identifier: sRN3cT5gdk3AzG0t2Dj2/xd3vJ78Z0tNi6fGYxVrypg=
Subject key identifier: 2B:E2:C8:78:FC:2E:A9:DA:6D:93:50:F8:66:A7:50:42:0B:C7:66:90
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0A3A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/K-LIePwuqdptk1D4ZqdQQgvHZpA.roa
Signing time: Thu 30 Jan 2025 19:57:25 +0000
ROA not before: Thu 30 Jan 2025 19:57:25 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2618 (0xa3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 30 19:57:25 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2BE2C878FC2EA9DA6D9350F866A750420BC76690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:97:08:d6:5a:e2:d7:42:a9:42:33:1a:b6:
13:c3:2a:0b:05:a3:35:8b:77:42:54:32:6c:e4:fb:
4c:d4:20:a4:fe:b8:2a:eb:e6:e2:66:a5:79:da:87:
f4:66:fe:ee:a9:06:35:8b:54:af:c1:0d:ea:80:88:
b9:70:fe:b3:70:e0:05:a8:d4:da:f0:c4:99:89:b4:
00:76:ae:94:58:45:cc:07:f5:94:7f:cd:fa:05:5d:
2e:45:cb:f6:f9:89:56:7d:d9:7d:10:5b:73:11:82:
63:43:b5:d9:8e:6f:e3:ea:b7:4d:fb:60:eb:53:4a:
aa:7a:a4:31:48:96:92:5a:2a:f0:a1:1e:bf:03:ee:
e6:0d:b2:b8:92:df:0e:69:10:28:8b:37:d2:d5:a4:
21:b9:e9:15:5c:28:77:b3:05:96:20:b8:d8:9d:db:
5c:d1:f7:43:ef:a8:e8:b8:cd:92:0d:ff:5a:15:74:
17:14:21:df:b7:3b:2f:da:c3:d6:79:54:3a:68:57:
49:a7:9e:9a:cd:78:fe:7f:17:af:a6:9d:51:0e:c0:
1b:f5:25:90:36:95:99:37:6b:01:39:9b:37:55:f0:
f9:98:e3:0f:1e:d8:18:16:de:55:c2:b7:f9:6e:d0:
b5:83:f1:84:c4:96:f0:70:04:e7:74:80:e1:50:95:
d9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E2:C8:78:FC:2E:A9:DA:6D:93:50:F8:66:A7:50:42:0B:C7:66:90
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/K-LIePwuqdptk1D4ZqdQQgvHZpA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
52:c5:64:ad:1b:02:62:f0:4d:68:29:a7:fc:5f:99:54:bc:5a:
77:f5:0e:38:8b:09:d8:8d:f5:ce:b1:df:c5:13:62:52:e4:88:
82:5c:0a:a3:41:2e:11:2d:0c:34:09:94:ce:ba:09:ad:29:61:
9b:15:95:93:af:19:fd:08:c8:45:f8:a0:a7:b4:3b:1a:59:7f:
c8:77:9e:9a:6c:9c:11:53:37:0a:e0:10:9d:fb:d5:ea:9a:35:
38:62:cf:05:50:6c:46:b0:48:69:cd:79:6c:2d:b6:dc:98:f7:
e5:11:62:2d:e1:3c:5e:c1:6d:50:f2:04:1e:55:05:20:97:8e:
06:b4:78:d5:35:17:7c:b3:04:02:14:5c:2b:50:11:6c:66:ab:
9c:e0:32:42:76:56:2c:3a:d8:c5:95:49:1f:2c:8e:15:ac:d5:
e3:99:2f:92:ad:45:65:5a:72:e6:1d:8a:02:77:c6:ea:ab:90:
42:f2:97:09:56:cb:3e:89:b1:fd:5f:c0:3f:b0:5f:08:66:e4:
bb:ea:c5:23:d6:2e:39:a5:04:e7:1a:57:7d:e5:09:79:71:23:
40:bf:b6:ac:0e:6a:08:ff:5e:86:ea:4d:50:50:80:53:5a:e1:
b5:bd:61:01:f7:22:f2:55:0a:62:04:a2:3c:08:90:7e:eb:af:
78:65:cb:14
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzAx
OTU3MjVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJCRTJDODc4RkMyRUE5
REE2RDkzNTBGODY2QTc1MDQyMEJDNzY2OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFdZcI1lri10KpQjMathPDKgsFozWLd0JUMmzk+0zUIKT+uCrr
5uJmpXnah/Rm/u6pBjWLVK/BDeqAiLlw/rNw4AWo1NrwxJmJtAB2rpRYRcwH9ZR/
zfoFXS5Fy/b5iVZ92X0QW3MRgmNDtdmOb+Pqt037YOtTSqp6pDFIlpJaKvChHr8D
7uYNsriS3w5pECiLN9LVpCG56RVcKHezBZYguNid21zR90PvqOi4zZIN/1oVdBcU
Id+3Oy/aw9Z5VDpoV0mnnprNeP5/F6+mnVEOwBv1JZA2lZk3awE5mzdV8PmY4w8e
2BgW3lXCt/lu0LWD8YTElvBwBOd0gOFQldmDAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUK+LIePwuqdptk1D4ZqdQQgvHZpAwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0stTEllUHd1cWRwdGsx
RDRacWRRUWd2SFpwQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAFLFZK0bAmLwTWgpp/xfmVS8
Wnf1DjiLCdiN9c6x38UTYlLkiIJcCqNBLhEtDDQJlM66Ca0pYZsVlZOvGf0IyEX4
oKe0OxpZf8h3nppsnBFTNwrgEJ371eqaNThizwVQbEawSGnNeWwtttyY9+URYi3h
PF7BbVDyBB5VBSCXjga0eNU1F3yzBAIUXCtQEWxmq5zgMkJ2Viw62MWVSR8sjhWs
1eOZL5KtRWVacuYdigJ3xuqrkELylwlWyz6Jsf1fwD+wXwhm5LvqxSPWLjmlBOca
V33lCXlxI0C/tqwOagj/XobqTVBQgFNa4bW9YQH3IvJVCmIEojwIkH7rr3hlyxQ=
Generated at Thu Jan 30 23:49:23 2025 by rpki-client on console.sobornost.net