Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/RK1AlY7qcj9gYVxy5qVwOqBxmQI.roa
File: RK1AlY7qcj9gYVxy5qVwOqBxmQI.roa (raw, json)
Hash identifier: J/1jB9T5oiASbfomeqbxx2ZAmjGxqflMynWWxah8hrI=
Subject key identifier: 44:AD:40:95:8E:EA:72:3F:60:61:5C:72:E6:A5:70:3A:A0:71:99:02
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 05BE
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/RK1AlY7qcj9gYVxy5qVwOqBxmQI.roa
Signing time: Sat 18 Jan 2025 20:55:23 +0000
ROA not before: Sat 18 Jan 2025 20:55:23 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1470 (0x5be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 20:55:23 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=44AD40958EEA723F60615C72E6A5703AA0719902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:45:74:80:9b:20:43:50:11:e8:33:7f:01:73:
df:4a:33:9c:d6:13:b5:5f:62:3f:4f:ad:39:a4:48:
fd:e6:59:15:14:e0:c6:54:7d:a3:e8:36:50:83:60:
83:1d:df:76:31:2c:3d:f6:f7:f8:6a:6b:3e:d4:4e:
d5:e2:c4:2b:28:5d:85:67:47:ea:3b:06:37:26:68:
80:b6:52:9a:4b:19:3b:64:a5:9a:7a:e6:db:6e:78:
54:0a:71:f0:1b:3f:15:82:77:f3:e4:7f:e4:5d:e1:
d9:72:39:f1:34:7e:de:ef:b7:12:13:21:d3:05:82:
a2:20:62:e7:3e:eb:0b:f6:b2:f2:b4:a6:0e:6e:dc:
72:41:55:18:b0:8b:a6:99:c4:b6:ef:d6:dc:0d:73:
00:c5:33:8f:d2:17:0c:b1:b6:da:49:28:26:41:7e:
7f:63:8d:04:1e:c7:d1:6c:94:4b:e6:4e:06:bc:2c:
0c:a5:ce:52:07:2a:0b:23:15:db:31:e9:43:77:2a:
f4:ca:3b:b1:86:14:51:d1:6f:ba:ad:43:d3:25:1b:
1f:48:b3:37:51:0c:45:0a:22:77:7e:b3:e8:01:db:
37:77:ae:cf:f1:bb:4e:5d:aa:4e:3a:8e:37:ea:a9:
b9:39:22:da:7f:8d:56:85:aa:7d:18:89:6e:26:f3:
06:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AD:40:95:8E:EA:72:3F:60:61:5C:72:E6:A5:70:3A:A0:71:99:02
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/RK1AlY7qcj9gYVxy5qVwOqBxmQI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
34:f9:b9:17:85:cd:b5:fb:56:2f:07:92:e4:dc:24:06:20:58:
e0:32:14:e7:11:16:3c:22:4c:be:aa:7b:4d:d5:e5:87:15:16:
89:d6:31:23:8e:9d:38:c9:93:cd:10:c0:66:b9:09:99:5b:3c:
56:8b:63:ac:34:c8:02:38:96:22:5b:1d:b0:9f:71:4e:c0:ba:
97:df:d7:b9:25:1a:70:cc:61:d1:f4:29:83:a8:c6:aa:d2:bd:
d4:a0:9c:83:03:ed:85:2c:be:41:d7:21:fc:60:4f:b8:41:07:
43:30:8e:30:18:27:fe:89:84:e9:45:00:8a:cb:21:73:93:a2:
c2:c8:fe:99:77:27:40:2d:b6:5e:de:30:42:e7:73:b1:2f:8b:
28:44:c2:88:91:08:28:a1:8e:13:72:64:d8:71:d4:8a:0c:7c:
4f:99:ed:57:97:8c:b6:3b:bf:a8:58:f3:0d:0d:4a:4a:43:12:
6f:13:85:b1:86:84:96:46:1b:66:ba:ec:64:94:1f:2d:9f:d1:
6d:7d:75:5e:6c:24:70:54:d8:45:53:fb:3d:79:fd:e7:80:9a:
97:0e:c1:c6:42:b3:43:cf:0e:e7:17:96:51:94:0e:8b:ce:d0:
d3:c1:74:ca:9b:ee:07:61:16:e5:a1:2b:78:e6:af:c6:16:0b:
74:30:5d:8c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgy
MDU1MjNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ0QUQ0MDk1OEVFQTcy
M0Y2MDYxNUM3MkU2QTU3MDNBQTA3MTk5MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjRXSAmyBDUBHoM38Bc99KM5zWE7VfYj9PrTmkSP3mWRUU4MZU
faPoNlCDYIMd33YxLD329/hqaz7UTtXixCsoXYVnR+o7BjcmaIC2UppLGTtkpZp6
5ttueFQKcfAbPxWCd/Pkf+Rd4dlyOfE0ft7vtxITIdMFgqIgYuc+6wv2svK0pg5u
3HJBVRiwi6aZxLbv1twNcwDFM4/SFwyxttpJKCZBfn9jjQQex9FslEvmTga8LAyl
zlIHKgsjFdsx6UN3KvTKO7GGFFHRb7qtQ9MlGx9IszdRDEUKInd+s+gB2zd3rs/x
u05dqk46jjfqqbk5Itp/jVaFqn0YiW4m8wZtAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQURK1AlY7qcj9gYVxy5qVwOqBxmQIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1JLMUFsWTdxY2o5Z1lW
eHk1cVZ3T3FCeG1RSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADT5uReFzbX7Vi8HkuTcJAYg
WOAyFOcRFjwiTL6qe03V5YcVFonWMSOOnTjJk80QwGa5CZlbPFaLY6w0yAI4liJb
HbCfcU7Aupff17klGnDMYdH0KYOoxqrSvdSgnIMD7YUsvkHXIfxgT7hBB0MwjjAY
J/6JhOlFAIrLIXOTosLI/pl3J0Attl7eMELnc7EviyhEwoiRCCihjhNyZNhx1IoM
fE+Z7VeXjLY7v6hY8w0NSkpDEm8ThbGGhJZGG2a67GSUHy2f0W19dV5sJHBU2EVT
+z15/eeAmpcOwcZCs0PPDucXllGUDovO0NPBdMqb7gdhFuWhK3jmr8YWC3QwXYw=
Generated at Sun Jan 19 00:16:18 2025 by rpki-client on console.sobornost.net