Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Uf3VMsXoktKHmTszym96M2XE4kg.roa
File: Uf3VMsXoktKHmTszym96M2XE4kg.roa (raw, json)
Hash identifier: iHWa1SommTborrFaheHVJ3MgiI1sEooJdfu1hp5Wo48=
Subject key identifier: 51:FD:D5:32:C5:E8:92:D2:87:99:3B:33:CA:6F:7A:33:65:C4:E2:48
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 073A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Uf3VMsXoktKHmTszym96M2XE4kg.roa
Signing time: Wed 22 Jan 2025 19:54:57 +0000
ROA not before: Wed 22 Jan 2025 19:54:57 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1850 (0x73a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 22 19:54:57 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=51FDD532C5E892D287993B33CA6F7A3365C4E248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:17:43:4d:37:26:a4:a3:94:29:d0:33:aa:5d:
9a:2e:9b:94:ec:ec:fe:ec:54:64:99:8c:fd:89:21:
2c:10:5b:1e:aa:e6:e8:c2:68:79:e4:83:a4:80:49:
c0:14:9e:fd:09:ac:fa:9d:f5:2e:6a:a1:ca:44:58:
5a:0c:74:e2:0b:91:9a:d6:5d:63:a2:10:fd:3d:f2:
18:d4:8c:54:39:c7:fb:4c:a1:3a:73:48:87:05:46:
4a:97:b7:82:fc:89:df:e1:4a:9a:27:78:56:b8:2f:
c1:f9:67:66:23:b3:6a:25:f4:e9:f9:62:28:ad:f8:
4d:9a:73:82:2b:83:75:7f:72:b3:f8:22:f7:73:da:
a1:16:8a:d0:28:74:08:35:be:ea:34:78:ac:ec:fa:
96:78:63:1d:83:35:83:d4:97:8e:3b:6d:a5:46:9a:
2e:d9:31:c1:90:d8:58:23:50:68:4f:de:f4:f0:80:
a3:e2:1f:f4:25:a6:05:39:1f:2d:a3:2a:2b:58:cf:
ab:1e:89:4d:8e:d6:dd:6d:9c:f3:1b:64:09:67:73:
09:1f:97:fa:18:c1:fd:24:4f:50:c2:c6:d8:8d:01:
61:c1:95:b9:32:35:e3:2b:27:8e:7d:5f:c1:b9:0d:
2a:fa:61:4f:48:9c:89:02:00:c0:77:00:01:19:dc:
92:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FD:D5:32:C5:E8:92:D2:87:99:3B:33:CA:6F:7A:33:65:C4:E2:48
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Uf3VMsXoktKHmTszym96M2XE4kg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:5e:c1:fa:c4:d8:ad:7e:6b:1a:e2:fe:bf:57:b6:e9:2e:95:
06:2d:b7:7c:ab:35:f3:5c:4f:bb:a5:f4:37:4f:d4:4d:93:3c:
28:cf:d3:22:fe:36:36:f7:18:c4:f0:d1:1b:fc:53:d9:32:ce:
88:c6:27:c8:05:76:0c:3b:13:47:dc:2e:de:98:89:08:d0:c6:
81:6f:96:83:96:2d:0f:5c:e2:0e:df:84:80:34:7d:4c:75:51:
3e:b6:c9:29:a0:e5:e9:93:4d:e7:8b:fe:cd:a8:2c:f9:ff:6e:
3e:b2:e8:b0:11:d0:4b:d4:9e:7d:1d:c3:49:2d:12:58:82:18:
3d:36:b1:11:16:5f:68:04:a6:a6:18:f8:d3:d1:de:97:ed:bc:
3d:8a:12:d4:07:68:e6:d5:3b:a5:b5:60:99:67:54:4a:fa:db:
3b:3f:bf:57:83:c8:2a:77:49:e9:51:e3:c8:7e:5d:2a:4a:89:
39:41:3a:1c:57:cf:17:73:bb:e1:30:27:1c:b7:55:1a:fa:de:
4d:8d:2e:39:9b:69:7a:01:09:0d:15:b6:0e:34:b2:d1:4b:79:
87:fe:17:bf:75:a7:36:b1:b1:3a:4e:24:76:c8:71:7c:7a:25:
29:44:0b:84:75:3b:47:e3:c4:4a:9f:8c:27:a2:ed:a7:05:3c:
e2:e9:94:2c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjIx
OTU0NTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUxRkRENTMyQzVFODky
RDI4Nzk5M0IzM0NBNkY3QTMzNjVDNEUyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVF0NNNyako5Qp0DOqXZoum5Ts7P7sVGSZjP2JISwQWx6q5ujC
aHnkg6SAScAUnv0JrPqd9S5qocpEWFoMdOILkZrWXWOiEP098hjUjFQ5x/tMoTpz
SIcFRkqXt4L8id/hSponeFa4L8H5Z2Yjs2ol9On5Yiit+E2ac4Irg3V/crP4Ivdz
2qEWitAodAg1vuo0eKzs+pZ4Yx2DNYPUl447baVGmi7ZMcGQ2FgjUGhP3vTwgKPi
H/QlpgU5Hy2jKitYz6seiU2O1t1tnPMbZAlncwkfl/oYwf0kT1DCxtiNAWHBlbky
NeMrJ459X8G5DSr6YU9InIkCAMB3AAEZ3JLzAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUUf3VMsXoktKHmTszym96M2XE4kgwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1VmM1ZNc1hva3RLSG1U
c3p5bTk2TTJYRTRrZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBABpewfrE2K1+axri/r9Xtuku
lQYtt3yrNfNcT7ul9DdP1E2TPCjP0yL+Njb3GMTw0Rv8U9kyzojGJ8gFdgw7E0fc
Lt6YiQjQxoFvloOWLQ9c4g7fhIA0fUx1UT62ySmg5emTTeeL/s2oLPn/bj6y6LAR
0EvUnn0dw0ktEliCGD02sREWX2gEpqYY+NPR3pftvD2KEtQHaObVO6W1YJlnVEr6
2zs/v1eDyCp3SelR48h+XSpKiTlBOhxXzxdzu+EwJxy3VRr63k2NLjmbaXoBCQ0V
tg40stFLeYf+F791pzaxsTpOJHbIcXx6JSlEC4R1O0fjxEqfjCei7acFPOLplCw=
-----END CERTIFICATE-----
Generated at Thu Jan 23 02:09:00 2025 by rpki-client on console.sobornost.net