Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/WNoKKmQO2dth1rDERf3-nfyN5aI.roa
File: WNoKKmQO2dth1rDERf3-nfyN5aI.roa (raw, json)
Hash identifier: ortF8H/UN2A+BoAwrs/K4W16AbhmulghW2cvi61VHk8=
Subject key identifier: 58:DA:0A:2A:64:0E:D9:DB:61:D6:B0:C4:45:FD:FE:9D:FC:8D:E5:A2
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0A32
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/WNoKKmQO2dth1rDERf3-nfyN5aI.roa
Signing time: Thu 30 Jan 2025 17:55:32 +0000
ROA not before: Thu 30 Jan 2025 17:55:32 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2610 (0xa32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 30 17:55:32 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=58DA0A2A640ED9DB61D6B0C445FDFE9DFC8DE5A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cd:24:43:03:60:1c:87:10:b4:e4:87:f0:b5:
4b:2f:4e:91:0c:61:63:94:23:83:be:06:22:09:55:
b2:8d:54:26:5f:22:e5:42:a6:94:a0:e1:d3:c7:73:
1b:59:a3:ef:5f:d4:54:92:49:3a:18:15:89:cc:bf:
0a:ed:4d:bd:fd:ce:87:dd:7d:09:f3:42:59:97:d2:
92:a8:d6:48:55:76:4d:b5:78:e8:38:7c:ae:c5:5f:
cd:d3:89:aa:3f:ca:1f:5c:0c:69:50:97:27:ae:ae:
e2:80:fe:1d:cf:93:59:be:08:8a:5b:e5:d3:2d:99:
93:26:08:6c:87:3d:08:67:40:7c:3c:43:80:9f:c1:
1e:d8:63:43:15:95:35:3f:0e:19:a4:ff:2f:54:10:
0e:6c:42:cf:a7:9b:cd:0d:ae:a7:35:05:58:8b:9b:
9e:bc:4b:d8:e9:37:c7:fb:d5:46:4a:5b:4b:16:27:
03:2b:52:af:46:02:a6:91:64:cf:e8:5a:d7:98:b9:
cb:b6:27:95:1c:cf:15:b6:9e:05:18:b9:89:70:2f:
27:9b:08:29:fa:f5:e2:27:1e:73:4c:38:a4:c3:a6:
bb:59:38:f3:f9:15:1a:10:bf:9d:84:00:14:e2:e5:
0d:53:7e:5d:f2:3d:42:a4:69:4b:44:03:bc:9f:05:
d8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DA:0A:2A:64:0E:D9:DB:61:D6:B0:C4:45:FD:FE:9D:FC:8D:E5:A2
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/WNoKKmQO2dth1rDERf3-nfyN5aI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
82:65:89:6c:21:cd:66:2d:ed:91:4d:56:24:44:7a:39:e1:a6:
52:7d:5e:6b:5b:ed:a8:27:6d:07:b0:53:ad:95:bc:9b:98:78:
1c:97:d7:59:18:f8:01:97:44:4d:40:ed:41:80:59:e6:aa:07:
7a:da:4f:64:1a:5c:1a:80:23:b9:1b:c5:be:26:39:60:ac:53:
79:2d:b0:90:5e:5c:48:59:ec:a0:d6:83:43:a5:fd:ff:ff:8f:
d6:d1:20:8b:49:57:6a:15:33:24:1e:b9:15:e0:e7:5e:47:aa:
02:b9:13:bd:77:f6:ef:1b:d3:5c:b9:51:09:98:95:fb:7c:1b:
66:40:65:f3:5c:4f:17:c2:7f:eb:b1:3a:3b:7e:73:68:f0:24:
fa:a8:77:10:15:69:f0:89:8f:45:b7:ed:1f:bb:48:73:60:7a:
9b:88:c8:4d:fc:d4:10:38:d6:4a:c8:6f:b6:98:87:67:87:c5:
e1:86:30:63:28:c7:6f:1d:2e:ed:e0:90:4d:20:af:2d:ef:ac:
f9:b8:02:c4:7a:bd:d8:ab:b9:b6:69:ae:07:e9:19:de:e1:e6:
83:22:14:a8:81:ae:00:9c:76:11:b2:4c:b7:96:36:25:62:00:
00:a3:5f:3e:c2:1c:27:36:64:78:0b:04:cc:e1:e1:ef:37:9c:
aa:33:5e:e7
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCjIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzAx
NzU1MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU4REEwQTJBNjQwRUQ5
REI2MUQ2QjBDNDQ1RkRGRTlERkM4REU1QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxzSRDA2AchxC05IfwtUsvTpEMYWOUI4O+BiIJVbKNVCZfIuVC
ppSg4dPHcxtZo+9f1FSSSToYFYnMvwrtTb39zofdfQnzQlmX0pKo1khVdk21eOg4
fK7FX83Tiao/yh9cDGlQlyeuruKA/h3Pk1m+CIpb5dMtmZMmCGyHPQhnQHw8Q4Cf
wR7YY0MVlTU/Dhmk/y9UEA5sQs+nm80Nrqc1BViLm568S9jpN8f71UZKW0sWJwMr
Uq9GAqaRZM/oWteYucu2J5UczxW2ngUYuYlwLyebCCn69eInHnNMOKTDprtZOPP5
FRoQv52EABTi5Q1Tfl3yPUKkaUtEA7yfBdjxAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUWNoKKmQO2dth1rDERf3+nfyN5aIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1dOb0tLbVFPMmR0aDFy
REVSZjMtbmZ5TjVhSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIJliWwhzWYt7ZFNViREejnh
plJ9Xmtb7agnbQewU62VvJuYeByX11kY+AGXRE1A7UGAWeaqB3raT2QaXBqAI7kb
xb4mOWCsU3ktsJBeXEhZ7KDWg0Ol/f//j9bRIItJV2oVMyQeuRXg515HqgK5E713
9u8b01y5UQmYlft8G2ZAZfNcTxfCf+uxOjt+c2jwJPqodxAVafCJj0W37R+7SHNg
epuIyE381BA41krIb7aYh2eHxeGGMGMox28dLu3gkE0gry3vrPm4AsR6vdirubZp
rgfpGd7h5oMiFKiBrgCcdhGyTLeWNiViAACjXz7CHCc2ZHgLBMzh4e83nKozXuc=
Generated at Thu Jan 30 21:42:43 2025 by rpki-client on console.sobornost.net