Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/L0-a_DA81yi-fLIsxOxqprJsp6c.roa
File: L0-a_DA81yi-fLIsxOxqprJsp6c.roa (raw, json)
Hash identifier: bIMOTS1gButaKR0P5GnyIudNt6YoQd94WOoWk8SmIYA=
Subject key identifier: 2F:4F:9A:FC:30:3C:D7:28:BE:7C:B2:2C:C4:EC:6A:A6:B2:6C:A7:A7
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 04FC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/L0-a_DA81yi-fLIsxOxqprJsp6c.roa
Signing time: Thu 16 Jan 2025 20:24:44 +0000
ROA not before: Thu 16 Jan 2025 20:24:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1276 (0x4fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 16 20:24:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2F4F9AFC303CD728BE7CB22CC4EC6AA6B26CA7A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c9:20:39:08:85:f2:52:51:99:67:34:a7:06:
6d:9e:c2:99:ff:ba:1f:b6:46:7e:f2:a2:dc:43:ae:
0b:22:f4:bc:03:64:66:2a:c6:39:af:c1:54:d9:62:
ff:fe:06:84:7a:62:5f:83:0e:bb:7e:6e:12:59:cf:
63:68:41:66:f5:9b:0d:20:6d:e5:e9:75:c7:60:bd:
96:67:52:f9:35:13:ad:96:f6:79:39:d5:12:ff:b8:
dd:a5:72:46:90:99:0c:82:81:a8:c4:29:ee:66:02:
7d:02:3e:6c:30:57:b4:f8:df:c7:f6:95:a1:0f:09:
8a:d5:e0:a8:8f:fa:70:d9:1d:f6:a6:bb:83:53:7a:
de:dd:19:06:da:9d:cd:4a:1e:fd:7e:3e:5e:b4:35:
74:28:fc:77:ee:2b:41:cf:2b:7f:d9:40:a2:b5:5f:
f1:ae:ef:36:48:bd:69:f9:bb:aa:ca:1f:c8:54:43:
51:91:13:1c:af:b6:1c:d8:b3:d8:78:71:3e:78:ef:
3e:a8:b7:a4:ed:f0:53:06:30:a6:8a:fd:5d:17:f1:
16:58:b4:87:bc:9f:de:46:26:2f:96:28:dd:d5:11:
98:0a:ba:70:04:76:df:0e:15:e0:f9:ac:59:69:b4:
8f:26:74:9b:48:02:60:d6:48:42:40:d8:df:2a:cc:
95:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4F:9A:FC:30:3C:D7:28:BE:7C:B2:2C:C4:EC:6A:A6:B2:6C:A7:A7
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/L0-a_DA81yi-fLIsxOxqprJsp6c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:a8:a4:20:1c:0c:47:c5:bb:da:5d:48:1a:84:a1:69:dd:c3:
ba:df:01:b8:61:8c:a1:fd:c0:de:3c:07:fe:71:5b:e8:95:1b:
5c:07:2c:7b:15:95:90:ac:11:26:bf:ce:b5:a7:83:16:7a:8b:
64:f7:bd:99:46:52:4d:69:9b:f0:18:a4:89:d6:3b:5b:2a:4f:
30:fc:3b:6d:9b:2a:07:72:cc:5d:e9:49:23:42:81:5e:1c:d7:
aa:2a:75:22:13:5b:29:e9:bd:c8:8c:e2:97:37:1b:90:20:8c:
34:15:ca:24:f4:58:51:35:a6:df:0c:bb:4f:ad:ec:a7:09:3e:
b0:cb:97:6c:0a:47:92:5d:f5:7a:31:28:81:23:b4:73:e2:32:
85:a4:98:76:9d:aa:c5:39:f4:86:61:3b:1d:a5:5e:75:ec:46:
7b:d5:4f:04:ee:7f:d0:30:b1:23:8f:70:b6:b4:75:d0:f3:23:
ea:02:6f:bf:51:32:00:65:3f:45:39:a1:c7:ef:0d:83:c6:23:
48:96:1a:bd:1f:40:4a:1d:ab:72:7c:08:f1:81:2e:a2:fc:c0:
3c:7f:4f:ae:28:a3:f1:22:dc:58:a1:1e:12:c3:90:30:bb:af:
14:2a:60:12:3c:1a:68:cf:cb:e5:1f:a1:2b:59:6b:2f:f3:04:
4d:7c:51:a8
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTYy
MDI0NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJGNEY5QUZDMzAzQ0Q3
MjhCRTdDQjIyQ0M0RUM2QUE2QjI2Q0E3QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1ySA5CIXyUlGZZzSnBm2ewpn/uh+2Rn7yotxDrgsi9LwDZGYq
xjmvwVTZYv/+BoR6Yl+DDrt+bhJZz2NoQWb1mw0gbeXpdcdgvZZnUvk1E62W9nk5
1RL/uN2lckaQmQyCgajEKe5mAn0CPmwwV7T438f2laEPCYrV4KiP+nDZHfamu4NT
et7dGQbanc1KHv1+Pl60NXQo/HfuK0HPK3/ZQKK1X/Gu7zZIvWn5u6rKH8hUQ1GR
ExyvthzYs9h4cT547z6ot6Tt8FMGMKaK/V0X8RZYtIe8n95GJi+WKN3VEZgKunAE
dt8OFeD5rFlptI8mdJtIAmDWSEJA2N8qzJUPAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUL0+a/DA81yi+fLIsxOxqprJsp6cwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0wwLWFfREE4MXlpLWZM
SXN4T3hxcHJKc3A2Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAC2opCAcDEfFu9pdSBqEoWnd
w7rfAbhhjKH9wN48B/5xW+iVG1wHLHsVlZCsESa/zrWngxZ6i2T3vZlGUk1pm/AY
pInWO1sqTzD8O22bKgdyzF3pSSNCgV4c16oqdSITWynpvciM4pc3G5AgjDQVyiT0
WFE1pt8Mu0+t7KcJPrDLl2wKR5Jd9XoxKIEjtHPiMoWkmHadqsU59IZhOx2lXnXs
RnvVTwTuf9AwsSOPcLa0ddDzI+oCb79RMgBlP0U5ocfvDYPGI0iWGr0fQEodq3J8
CPGBLqL8wDx/T64oo/Ei3FihHhLDkDC7rxQqYBI8GmjPy+UfoStZay/zBE18Uag=
Generated at Thu Jan 16 23:46:50 2025 by rpki-client on console.sobornost.net