Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/UtXvHFMwmIpl_SKGd67I9RoWxz8.roa
File: UtXvHFMwmIpl_SKGd67I9RoWxz8.roa (raw, json)
Hash identifier: wCmnynB9EKIf/gkgpwlkz0zTpz4z/NYFwEIHmuzG0DU=
Subject key identifier: 52:D5:EF:1C:53:30:98:8A:65:FD:22:86:77:AE:C8:F5:1A:16:C7:3F
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07A2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/UtXvHFMwmIpl_SKGd67I9RoWxz8.roa
Signing time: Thu 23 Jan 2025 21:55:06 +0000
ROA not before: Thu 23 Jan 2025 21:55:06 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1954 (0x7a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 23 21:55:06 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=52D5EF1C5330988A65FD228677AEC8F51A16C73F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:97:82:6d:3e:44:fa:e7:1b:f6:93:9c:d7:a4:
9a:68:70:35:5c:e7:bc:60:80:cb:f6:1c:8d:2a:57:
aa:13:5e:3b:4c:0b:79:08:80:21:8f:09:ac:03:f5:
a3:74:31:e6:d2:21:f6:57:9a:be:7e:44:e9:2c:e3:
19:14:29:e0:33:91:a4:5b:d7:b9:73:3e:67:b8:b8:
c3:5a:bb:02:da:c1:ad:91:b6:74:fd:a6:3c:a1:39:
16:a2:56:56:e0:74:55:6a:2f:18:8b:5a:ea:e0:b6:
27:c8:cf:b1:ab:76:51:99:3f:3c:f8:c2:d5:fd:13:
da:2b:f8:c2:a2:6a:99:6d:9a:c2:85:ac:ca:39:33:
14:d2:e6:06:9c:e6:c5:40:d7:b0:42:9c:9c:8d:75:
72:fc:1d:38:4e:f2:95:d1:43:28:a2:8e:d6:07:bc:
63:1a:80:b2:b1:d3:b4:24:47:7b:93:10:7d:2a:1b:
c7:13:5b:3d:8d:c6:2b:d7:37:e1:ac:78:ae:89:e5:
18:4e:8c:c0:e4:32:9f:76:03:23:53:c7:75:88:0c:
11:ad:1b:e9:58:f6:1f:72:cd:38:c7:3f:e4:8b:06:
13:d9:78:a6:21:66:05:33:00:22:b9:92:38:32:44:
cb:7d:a3:f9:6b:19:ff:fc:0f:49:49:9c:df:2d:19:
3f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D5:EF:1C:53:30:98:8A:65:FD:22:86:77:AE:C8:F5:1A:16:C7:3F
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/UtXvHFMwmIpl_SKGd67I9RoWxz8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
17:e6:fd:8e:0e:fe:a3:57:8f:67:e3:24:2e:bf:07:03:2c:14:
fa:14:52:39:c4:d3:64:6e:8f:16:52:67:53:3a:bd:2a:7a:ca:
4d:5e:56:14:6c:12:76:9f:c4:4c:7f:b7:14:54:c0:d5:92:8b:
61:a7:dc:2f:48:17:f1:2d:b4:4e:c6:bb:2a:fa:92:2f:0d:16:
85:57:f5:ab:35:b0:29:c8:38:dd:1a:b9:66:18:1f:f8:8d:57:
17:01:3b:11:15:b5:d4:98:3a:a6:14:06:79:a8:f0:82:e4:6c:
a1:4c:0e:91:05:9d:ad:c8:0b:f4:0b:5f:78:89:9a:c0:07:d5:
d1:a2:a3:84:35:29:cb:95:52:2b:32:c0:bb:ed:34:24:11:c8:
31:cb:2b:72:ff:e8:a5:d4:54:7d:6a:56:e3:3d:75:d4:64:14:
73:36:e2:3c:64:6d:b2:f2:e6:9a:e0:51:8b:7d:d9:58:81:d3:
6c:b9:46:3c:c6:26:4d:d3:9a:e4:2a:da:97:c7:e3:86:c0:2b:
66:80:4f:af:8b:9f:80:fe:e5:85:ec:5d:26:14:eb:8b:27:b9:
44:8d:1d:8f:43:4e:08:a9:7f:4b:f3:6d:dd:cb:5d:bd:d9:17:
63:dd:27:2e:68:c9:58:d7:b1:bf:52:55:d9:2d:0c:8a:2f:3e:
9d:9d:fb:10
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjMy
MTU1MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUyRDVFRjFDNTMzMDk4
OEE2NUZEMjI4Njc3QUVDOEY1MUExNkM3M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSl4JtPkT65xv2k5zXpJpocDVc57xggMv2HI0qV6oTXjtMC3kI
gCGPCawD9aN0MebSIfZXmr5+ROks4xkUKeAzkaRb17lzPme4uMNauwLawa2RtnT9
pjyhORaiVlbgdFVqLxiLWurgtifIz7GrdlGZPzz4wtX9E9or+MKiapltmsKFrMo5
MxTS5gac5sVA17BCnJyNdXL8HThO8pXRQyiijtYHvGMagLKx07QkR3uTEH0qG8cT
Wz2NxivXN+GseK6J5RhOjMDkMp92AyNTx3WIDBGtG+lY9h9yzTjHP+SLBhPZeKYh
ZgUzACK5kjgyRMt9o/lrGf/8D0lJnN8tGT+HAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUUtXvHFMwmIpl/SKGd67I9RoWxz8wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1V0WHZIRk13bUlwbF9T
S0dkNjdJOVJvV3h6OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBABfm/Y4O/qNXj2fjJC6/BwMs
FPoUUjnE02RujxZSZ1M6vSp6yk1eVhRsEnafxEx/txRUwNWSi2Gn3C9IF/EttE7G
uyr6ki8NFoVX9as1sCnION0auWYYH/iNVxcBOxEVtdSYOqYUBnmo8ILkbKFMDpEF
na3IC/QLX3iJmsAH1dGio4Q1KcuVUisywLvtNCQRyDHLK3L/6KXUVH1qVuM9ddRk
FHM24jxkbbLy5prgUYt92ViB02y5RjzGJk3TmuQq2pfH44bAK2aAT6+Ln4D+5YXs
XSYU64snuUSNHY9DTgipf0vzbd3LXb3ZF2PdJy5oyVjXsb9SVdktDIovPp2d+xA=
-----END CERTIFICATE-----
Generated at Fri Jan 24 01:46:53 2025 by rpki-client on console.sobornost.net