Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/NEAgBptVTMKZcA1xXS8YpWzoORw.roa
File: NEAgBptVTMKZcA1xXS8YpWzoORw.roa (raw, json)
Hash identifier: /rWxgyKw47gGKalgr4dd+eDn4DFiwZ+YCPi135S+gdY=
Subject key identifier: 34:40:20:06:9B:55:4C:C2:99:70:0D:71:5D:2F:18:A5:6C:E8:39:1C
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0AC4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NEAgBptVTMKZcA1xXS8YpWzoORw.roa
Signing time: Sat 01 Feb 2025 06:27:15 +0000
ROA not before: Sat 01 Feb 2025 06:27:15 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2756 (0xac4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 06:27:15 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=344020069B554CC299700D715D2F18A56CE8391C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:41:9a:39:b5:42:a1:51:4e:3a:1f:f0:16:9a:
6a:2d:72:31:fa:e7:9c:e1:50:bf:be:56:fc:ff:e2:
53:9f:12:43:56:18:5d:e3:c8:91:0f:51:7f:5c:6b:
0f:31:b3:73:bd:ce:ad:d2:0a:b7:6e:9b:05:4e:e5:
c5:24:82:8f:14:4f:57:dd:c9:a1:6c:40:d7:82:8a:
8f:f2:cc:20:8a:91:c8:d5:0e:a4:e1:1d:93:9f:04:
a7:6f:eb:b0:ec:25:90:09:c5:7e:72:0f:e9:a7:2b:
86:dd:b6:5c:39:a6:3d:22:93:d6:07:06:22:9a:93:
48:bf:f4:d5:17:cc:bf:13:3c:a5:95:db:f2:50:af:
27:2d:71:4c:a2:1c:f8:1f:fa:85:81:fa:59:7e:ff:
f5:9f:5d:b3:9b:02:4d:f1:46:16:4b:24:07:90:aa:
80:bb:fd:97:de:df:58:54:69:fc:fd:79:95:95:73:
f1:1f:a5:66:7e:e5:43:da:3b:9b:8e:c3:08:f6:fd:
56:98:e4:48:68:dd:44:c5:a5:db:38:54:89:f2:77:
3d:98:25:5e:48:86:9f:a3:0f:10:a9:3a:dc:08:cd:
b7:ed:21:85:24:19:6e:a1:67:9f:24:9d:da:1e:94:
2e:fd:f7:9a:08:ac:a3:1f:4b:e0:b6:76:f5:65:bc:
8f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:40:20:06:9B:55:4C:C2:99:70:0D:71:5D:2F:18:A5:6C:E8:39:1C
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NEAgBptVTMKZcA1xXS8YpWzoORw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
ae:5d:23:fa:85:9e:dc:00:f7:e4:72:7c:99:4a:43:c6:73:c7:
f0:11:c4:4a:89:07:70:24:8b:bd:b0:87:75:9d:90:fa:f6:3f:
93:59:68:7c:7b:f1:11:b9:f9:cb:a3:64:c8:7d:b5:7e:1f:68:
7e:a4:c6:7c:41:d8:7e:2f:d9:1d:ae:cb:62:a9:fc:73:25:f4:
59:9e:e4:5b:1b:fc:b8:8f:b3:20:ff:d8:65:e7:48:10:dd:41:
35:17:59:1d:4e:da:b9:75:80:eb:1a:34:a5:8b:e3:f4:7b:91:
55:24:a4:dd:1a:54:5e:08:e7:72:b9:9d:36:70:ae:86:a5:e7:
c3:cd:c6:38:e5:d8:5f:fb:ff:ab:25:3a:a9:1e:b5:93:c6:9f:
e9:81:20:17:ca:09:e1:78:cf:b7:d7:ac:6e:27:bf:3f:d5:63:
4d:5a:df:c9:94:51:f8:fd:f1:7b:82:2a:b4:57:90:4f:7d:51:
8b:3a:51:04:34:ed:86:25:08:57:6b:02:0b:65:92:6d:fa:c4:
55:b9:34:e2:b9:58:77:e8:c7:d2:2f:c2:ce:18:35:dc:2c:a2:
c5:52:a0:86:d2:c1:d4:c6:9b:9c:15:2e:88:62:e2:4e:f1:b9:
ee:c1:e7:61:7c:1c:5d:6b:2f:09:0c:86:0c:8f:f3:7c:02:ac:
63:cd:32:1f
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEw
NjI3MTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM0NDAyMDA2OUI1NTRD
QzI5OTcwMEQ3MTVEMkYxOEE1NkNFODM5MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0QZo5tUKhUU46H/AWmmotcjH655zhUL++Vvz/4lOfEkNWGF3j
yJEPUX9caw8xs3O9zq3SCrdumwVO5cUkgo8UT1fdyaFsQNeCio/yzCCKkcjVDqTh
HZOfBKdv67DsJZAJxX5yD+mnK4bdtlw5pj0ik9YHBiKak0i/9NUXzL8TPKWV2/JQ
ryctcUyiHPgf+oWB+ll+//WfXbObAk3xRhZLJAeQqoC7/Zfe31hUafz9eZWVc/Ef
pWZ+5UPaO5uOwwj2/VaY5Eho3UTFpds4VInydz2YJV5Ihp+jDxCpOtwIzbftIYUk
GW6hZ58kndoelC7995oIrKMfS+C2dvVlvI+PAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUNEAgBptVTMKZcA1xXS8YpWzoORwwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL05FQWdCcHRWVE1LWmNB
MXhYUzhZcFd6b09Sdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAK5dI/qFntwA9+RyfJlKQ8Zz
x/ARxEqJB3Aki72wh3WdkPr2P5NZaHx78RG5+cujZMh9tX4faH6kxnxB2H4v2R2u
y2Kp/HMl9Fme5Fsb/LiPsyD/2GXnSBDdQTUXWR1O2rl1gOsaNKWL4/R7kVUkpN0a
VF4I53K5nTZwroal58PNxjjl2F/7/6slOqketZPGn+mBIBfKCeF4z7fXrG4nvz/V
Y01a38mUUfj98XuCKrRXkE99UYs6UQQ07YYlCFdrAgtlkm36xFW5NOK5WHfox9Iv
ws4YNdwsosVSoIbSwdTGm5wVLohi4k7xue7B52F8HF1rLwkMhgyP83wCrGPNMh8=
-----END CERTIFICATE-----
Generated at Sat Feb 1 14:14:12 2025 by rpki-client on console.sobornost.net