Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Rc1Ex_Wyw8qgH-2wX3ZPwbhpIBg.roa
File: Rc1Ex_Wyw8qgH-2wX3ZPwbhpIBg.roa (raw, json)
Hash identifier: JoONTjrkaSFz6cyxRIR5Lb2n5NeriP8nwcSnOd8Uee4=
Subject key identifier: 45:CD:44:C7:F5:B2:C3:CA:A0:1F:ED:B0:5F:76:4F:C1:B8:69:20:18
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CE6
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Rc1Ex_Wyw8qgH-2wX3ZPwbhpIBg.roa
Signing time: Thu 06 Feb 2025 22:55:46 +0000
ROA not before: Thu 06 Feb 2025 22:55:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3302 (0xce6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 22:55:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=45CD44C7F5B2C3CAA01FEDB05F764FC1B8692018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:7a:cd:b7:bf:f2:3e:b8:ad:82:80:f4:81:f9:
d8:03:e5:45:4c:db:79:d1:d1:93:00:a8:a7:a2:10:
b5:30:c1:4b:7f:6f:f0:43:a1:aa:9d:af:cf:d8:98:
34:9a:90:9b:b9:3b:ad:cf:53:0d:73:47:b6:f3:72:
e0:a1:dc:33:42:d2:cb:09:e0:34:5b:7f:2f:ae:05:
b2:6f:4d:76:e7:c8:6f:c4:0e:33:43:bf:45:56:19:
59:f3:6c:06:29:c5:35:f8:d3:e6:5c:45:73:aa:cb:
2a:ee:d4:e6:f6:d3:6f:a1:3a:f3:37:4a:c8:fe:a3:
69:b9:28:f2:6f:ff:1b:fb:1e:45:4e:b8:7e:22:68:
3c:fc:06:18:4d:b9:54:e8:d0:d6:4f:ca:25:2f:da:
87:eb:62:b5:39:d5:b7:79:8b:5d:5f:46:33:bb:5d:
04:e2:58:b9:a2:4e:5a:fc:d4:59:d0:ab:a3:74:e7:
f7:05:93:14:e8:18:56:1e:8d:39:1c:d0:e7:d1:17:
ef:0e:3c:82:ae:3a:db:a1:e1:1a:0d:f7:37:ae:1d:
e8:cc:e8:c7:99:2f:57:3b:9e:69:41:34:9b:e9:ab:
3b:82:5c:dd:14:66:86:cd:ee:16:4a:21:08:76:fd:
5e:38:19:4d:9f:aa:33:d0:44:e7:ce:16:a5:a6:fb:
f8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CD:44:C7:F5:B2:C3:CA:A0:1F:ED:B0:5F:76:4F:C1:B8:69:20:18
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Rc1Ex_Wyw8qgH-2wX3ZPwbhpIBg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b8:c7:f9:9d:28:86:cf:f4:ab:8e:d4:d4:30:47:5b:87:10:88:
30:5d:4b:9d:60:04:63:c3:fa:da:a2:dd:c5:f7:b8:64:38:77:
13:d5:5b:47:a0:b9:1b:8b:b9:3d:5a:40:c8:8d:7b:b1:c6:53:
d4:e0:5a:ad:23:98:d7:01:d5:04:ac:f9:42:a6:51:6c:49:95:
78:af:e5:0a:f4:2e:b5:fb:c0:6c:35:2d:d6:e3:97:7b:42:82:
e8:f6:4f:34:9a:af:04:00:6b:e4:50:a9:44:f5:ad:72:42:33:
a6:76:66:5a:de:58:5e:99:19:30:f8:62:e9:e7:d0:21:07:35:
be:47:c9:2c:24:32:4f:1a:1b:5c:3c:fc:23:02:0e:d2:1f:8d:
c7:93:42:24:4a:74:bb:da:3e:77:68:fb:16:4e:ce:a9:26:85:
39:31:67:7d:4e:66:93:6e:28:ea:51:7f:c9:d2:3c:51:0d:ee:
50:e2:8a:93:45:66:66:9e:3a:8d:62:8c:b7:7c:01:15:14:a1:
f3:5f:2f:40:c9:2c:96:29:9b:33:4e:44:58:0e:82:3b:db:19:
00:da:c8:46:5e:2e:15:36:0c:d9:12:b6:cf:d5:74:fb:30:7c:
39:c2:06:56:69:88:dc:37:d1:2a:13:4a:6d:62:59:a7:e1:4b:
ee:07:e2:0f
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDOYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYy
MjU1NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ1Q0Q0NEM3RjVCMkMz
Q0FBMDFGRURCMDVGNzY0RkMxQjg2OTIwMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtes23v/I+uK2CgPSB+dgD5UVM23nR0ZMAqKeiELUwwUt/b/BD
oaqdr8/YmDSakJu5O63PUw1zR7bzcuCh3DNC0ssJ4DRbfy+uBbJvTXbnyG/EDjND
v0VWGVnzbAYpxTX40+ZcRXOqyyru1Ob202+hOvM3Ssj+o2m5KPJv/xv7HkVOuH4i
aDz8BhhNuVTo0NZPyiUv2ofrYrU51bd5i11fRjO7XQTiWLmiTlr81FnQq6N05/cF
kxToGFYejTkc0OfRF+8OPIKuOtuh4RoN9zeuHejM6MeZL1c7nmlBNJvpqzuCXN0U
ZobN7hZKIQh2/V44GU2fqjPQROfOFqWm+/h7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQURc1Ex/Wyw8qgH+2wX3ZPwbhpIBgwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1JjMUV4X1d5dzhxZ0gt
MndYM1pQd2JocElCZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBALjH+Z0ohs/0q47U1DBHW4cQ
iDBdS51gBGPD+tqi3cX3uGQ4dxPVW0eguRuLuT1aQMiNe7HGU9TgWq0jmNcB1QSs
+UKmUWxJlXiv5Qr0LrX7wGw1Ldbjl3tCguj2TzSarwQAa+RQqUT1rXJCM6Z2Zlre
WF6ZGTD4Yunn0CEHNb5HySwkMk8aG1w8/CMCDtIfjceTQiRKdLvaPndo+xZOzqkm
hTkxZ31OZpNuKOpRf8nSPFEN7lDiipNFZmaeOo1ijLd8ARUUofNfL0DJLJYpmzNO
RFgOgjvbGQDayEZeLhU2DNkSts/VdPswfDnCBlZpiNw30SoTSm1iWafhS+4H4g8=
-----END CERTIFICATE-----
Generated at Fri Feb 7 03:12:21 2025 by rpki-client on console.sobornost.net