Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/R-Im5NZtTzH7ViwOiRVN-0JLLIk.roa
File: R-Im5NZtTzH7ViwOiRVN-0JLLIk.roa (raw, json)
Hash identifier: oAm9ADLeSfWUgnsDg/1Da1XVYJ/fEh4KFo/a7vBPMAk=
Subject key identifier: 47:E2:26:E4:D6:6D:4F:31:FB:56:2C:0E:89:15:4D:FB:42:4B:2C:89
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07EE
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/R-Im5NZtTzH7ViwOiRVN-0JLLIk.roa
Signing time: Fri 24 Jan 2025 16:55:06 +0000
ROA not before: Fri 24 Jan 2025 16:55:06 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2030 (0x7ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 16:55:06 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=47E226E4D66D4F31FB562C0E89154DFB424B2C89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3c:47:dd:8d:65:0c:7e:94:a2:54:d9:a4:7d:
88:00:98:27:6d:4c:51:f5:90:ff:8c:87:3a:0a:4b:
00:f6:56:89:95:a7:11:6a:3e:4d:e3:d8:08:48:a5:
f0:2d:56:d8:e5:86:80:34:db:7d:a7:02:51:ab:8b:
77:d1:6a:b5:c4:44:c6:af:32:fa:26:c9:9f:50:b2:
9d:2e:db:51:5a:fc:f3:2d:8d:ec:e2:91:1c:c3:02:
b0:99:64:2c:06:08:7a:62:26:8b:4a:85:b1:6d:25:
d7:5a:e0:51:03:c9:99:cb:96:7c:60:46:84:77:45:
1b:7e:73:b3:3a:52:c4:e3:9e:c7:74:8f:63:29:7f:
5a:db:30:02:ff:09:c7:76:f3:fc:4d:ef:e7:fe:9d:
e3:c8:78:71:0b:b5:74:55:f8:cb:8a:1b:db:6f:ee:
fe:0e:78:49:5b:f5:5a:3a:e1:ac:76:72:16:1a:81:
72:3c:d8:a3:76:07:aa:47:c5:af:3a:26:be:d9:b1:
90:43:c3:6e:79:0e:f0:01:7d:76:97:48:40:12:2f:
e4:d1:d9:08:a8:99:3a:70:c2:bf:a7:f5:a5:72:f8:
0f:1b:95:f7:6a:c9:d3:5a:67:8d:a6:db:8b:cd:02:
7a:42:b5:06:10:f0:ad:59:52:4a:82:cb:e6:65:9d:
99:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E2:26:E4:D6:6D:4F:31:FB:56:2C:0E:89:15:4D:FB:42:4B:2C:89
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/R-Im5NZtTzH7ViwOiRVN-0JLLIk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
64:ed:52:4d:ea:42:9f:65:d9:d5:1a:8d:a5:e7:a5:fa:4a:74:
c9:39:c4:1a:68:66:79:80:02:57:37:53:4a:4b:0d:05:14:c2:
14:ae:28:5b:dc:de:d5:78:61:dc:f0:b3:b8:9b:1c:27:04:f5:
3a:55:a8:0a:6b:84:92:10:b9:12:48:bc:1d:bf:52:2b:ad:bf:
ea:bc:ca:4c:e5:72:b1:c9:b9:6f:73:b5:e2:9d:22:d9:9f:31:
d4:0e:83:db:9c:21:55:5f:91:ef:b2:58:0d:43:6d:7f:b8:0d:
42:ce:31:28:82:cb:92:af:f9:fe:6f:7f:20:2d:c7:63:8c:fe:
c0:9f:c2:74:d3:30:eb:1f:64:5e:05:a7:a1:bf:1d:cb:d6:83:
75:1b:49:e6:56:80:13:52:02:ef:3c:06:e1:76:50:f8:5c:d7:
1e:6f:2c:8a:66:c5:33:1c:71:cf:70:a2:2c:ca:ca:97:43:e2:
18:32:ac:52:e8:2a:39:7c:6d:12:5a:ec:84:32:cd:4d:db:1f:
96:51:58:a3:48:3e:b5:dc:9e:f8:0e:cd:61:db:35:59:0a:8e:
5e:6a:e0:64:c7:17:1b:bb:dc:1e:07:1e:14:69:1c:53:34:1e:
5e:84:d4:59:88:4f:39:97:24:e1:ee:f0:a4:c9:d3:3b:c8:fd:
a6:85:2e:9b
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQx
NjU1MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ3RTIyNkU0RDY2RDRG
MzFGQjU2MkMwRTg5MTU0REZCNDI0QjJDODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDPEfdjWUMfpSiVNmkfYgAmCdtTFH1kP+MhzoKSwD2VomVpxFq
Pk3j2AhIpfAtVtjlhoA0232nAlGri3fRarXERMavMvomyZ9Qsp0u21Fa/PMtjezi
kRzDArCZZCwGCHpiJotKhbFtJdda4FEDyZnLlnxgRoR3RRt+c7M6UsTjnsd0j2Mp
f1rbMAL/Ccd28/xN7+f+nePIeHELtXRV+MuKG9tv7v4OeElb9Vo64ax2chYagXI8
2KN2B6pHxa86Jr7ZsZBDw255DvABfXaXSEASL+TR2QiomTpwwr+n9aVy+A8blfdq
ydNaZ42m24vNAnpCtQYQ8K1ZUkqCy+ZlnZn3AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUR+Im5NZtTzH7ViwOiRVN+0JLLIkwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1ItSW01Tlp0VHpIN1Zp
d09pUlZOLTBKTExJay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGTtUk3qQp9l2dUajaXnpfpK
dMk5xBpoZnmAAlc3U0pLDQUUwhSuKFvc3tV4Ydzws7ibHCcE9TpVqAprhJIQuRJI
vB2/Uiutv+q8ykzlcrHJuW9zteKdItmfMdQOg9ucIVVfke+yWA1DbX+4DULOMSiC
y5Kv+f5vfyAtx2OM/sCfwnTTMOsfZF4Fp6G/HcvWg3UbSeZWgBNSAu88BuF2UPhc
1x5vLIpmxTMccc9woizKypdD4hgyrFLoKjl8bRJa7IQyzU3bH5ZRWKNIPrXcnvgO
zWHbNVkKjl5q4GTHFxu73B4HHhRpHFM0Hl6E1FmITzmXJOHu8KTJ0zvI/aaFLps=
Generated at Fri Jan 24 20:24:40 2025 by rpki-client on console.sobornost.net