Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Mr96cF3GsDbOJ63d3VNnNSCb4Wc.roa
File: Mr96cF3GsDbOJ63d3VNnNSCb4Wc.roa (raw, json)
Hash identifier: gXE/NTSD61AsnRuhpCKxLDsHC+7ERx/nrWLEN7dtH48=
Subject key identifier: 32:BF:7A:70:5D:C6:B0:36:CE:27:AD:DD:DD:53:67:35:20:9B:E1:67
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 085E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Mr96cF3GsDbOJ63d3VNnNSCb4Wc.roa
Signing time: Sat 25 Jan 2025 20:55:13 +0000
ROA not before: Sat 25 Jan 2025 20:55:13 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2142 (0x85e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 25 20:55:13 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=32BF7A705DC6B036CE27ADDDDD536735209BE167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:6c:a4:21:a9:63:b8:0e:5c:26:37:93:85:6b:
10:13:7a:20:fc:05:07:b7:87:25:c3:eb:79:e0:d5:
ba:c2:c0:cf:b3:3d:5c:b0:de:c7:9a:64:5a:1d:a7:
85:11:f1:59:4b:c0:b1:ad:61:5f:e8:f5:b1:d3:b7:
c4:ff:ef:6c:18:99:a3:aa:30:8f:79:c0:65:38:8b:
93:50:45:21:c6:98:3f:76:a6:30:73:35:a6:95:d3:
64:fd:fc:2c:91:cb:ca:d2:c5:0b:48:97:1a:2e:ac:
e9:a1:bd:07:53:4b:38:da:4f:e8:15:9a:97:98:b6:
0d:b7:55:b6:48:4b:c8:d3:a6:11:1f:af:60:55:1a:
85:fd:45:ec:67:b2:f0:eb:24:c5:48:78:7e:7d:00:
09:c6:08:1c:cb:0c:e9:c0:b7:93:8b:b5:e6:de:8d:
03:0f:47:c0:6d:c0:94:4b:94:67:e8:11:e6:8a:4a:
a6:77:2c:d2:c8:50:9b:61:d2:11:ba:93:69:2c:3e:
3e:76:b2:e3:51:eb:ac:12:7f:0b:99:83:6c:05:5d:
9a:da:ba:13:a1:0d:32:86:9b:bb:23:ae:09:fe:7c:
20:d1:61:ef:50:df:5c:31:96:88:93:6a:a2:2e:f6:
51:cb:b1:76:5f:e1:4e:9a:93:d7:68:54:0a:ad:2d:
54:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BF:7A:70:5D:C6:B0:36:CE:27:AD:DD:DD:53:67:35:20:9B:E1:67
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Mr96cF3GsDbOJ63d3VNnNSCb4Wc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
7c:1f:48:75:5a:ea:8b:18:de:16:4a:04:64:51:6c:76:a1:6b:
c0:92:58:fc:55:af:da:28:85:5c:0b:50:a9:e0:ed:bc:e8:29:
31:1f:53:9a:c4:45:3d:a3:91:cf:74:a7:ca:ac:a2:69:2a:96:
cb:2d:6b:2b:d2:d6:ac:fa:d2:fc:12:d2:19:f7:f5:75:c6:6e:
26:73:65:56:3f:dc:dd:af:2a:c6:a1:af:9d:d7:54:80:e1:11:
c4:b8:fc:20:37:f0:2e:c3:b5:33:02:67:e4:ae:de:21:61:17:
83:99:4a:d1:95:29:4e:d0:f1:65:a4:04:bb:14:f9:54:b0:91:
b9:15:b5:fa:53:4a:e0:0d:a1:f1:00:50:6f:d9:b0:b5:cd:fb:
c9:d1:cf:4e:87:0c:62:ec:60:0f:8d:3a:2e:49:f9:61:d7:89:
3b:77:0d:34:c2:de:20:d0:76:6d:5c:6e:75:8f:4b:5a:94:17:
c2:0b:65:f3:f9:b9:0a:25:7f:2e:8f:48:5a:ea:d6:41:e9:d7:
83:39:4f:21:5a:a5:e1:7e:04:a6:15:0d:c4:7a:6b:db:1a:8a:
45:42:81:2c:ef:a3:e9:66:55:0d:9f:b2:c7:5d:c2:34:ca:e7:
21:7b:1e:ce:e3:42:aa:ce:87:e1:67:cd:fc:d8:9f:ab:25:96:
46:d5:57:01
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjUy
MDU1MTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMyQkY3QTcwNURDNkIw
MzZDRTI3QURERERENTM2NzM1MjA5QkUxNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtbKQhqWO4DlwmN5OFaxATeiD8BQe3hyXD63ng1brCwM+zPVyw
3seaZFodp4UR8VlLwLGtYV/o9bHTt8T/72wYmaOqMI95wGU4i5NQRSHGmD92pjBz
NaaV02T9/CyRy8rSxQtIlxourOmhvQdTSzjaT+gVmpeYtg23VbZIS8jTphEfr2BV
GoX9RexnsvDrJMVIeH59AAnGCBzLDOnAt5OLtebejQMPR8BtwJRLlGfoEeaKSqZ3
LNLIUJth0hG6k2ksPj52suNR66wSfwuZg2wFXZrauhOhDTKGm7sjrgn+fCDRYe9Q
31wxloiTaqIu9lHLsXZf4U6ak9doVAqtLVR7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUMr96cF3GsDbOJ63d3VNnNSCb4WcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL01yOTZjRjNHc0RiT0o2
M2QzVk5uTlNDYjRXYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHwfSHVa6osY3hZKBGRRbHah
a8CSWPxVr9oohVwLUKng7bzoKTEfU5rERT2jkc90p8qsomkqlsstayvS1qz60vwS
0hn39XXGbiZzZVY/3N2vKsahr53XVIDhEcS4/CA38C7DtTMCZ+Su3iFhF4OZStGV
KU7Q8WWkBLsU+VSwkbkVtfpTSuANofEAUG/ZsLXN+8nRz06HDGLsYA+NOi5J+WHX
iTt3DTTC3iDQdm1cbnWPS1qUF8ILZfP5uQolfy6PSFrq1kHp14M5TyFapeF+BKYV
DcR6a9saikVCgSzvo+lmVQ2fssddwjTK5yF7Hs7jQqrOh+FnzfzYn6sllkbVVwE=
Generated at Sun Jan 26 00:49:51 2025 by rpki-client on console.sobornost.net