Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/YUZiMbg9qO6Nnklg4hnmiK5F8nI.roa
File: YUZiMbg9qO6Nnklg4hnmiK5F8nI.roa (raw, json)
Hash identifier: ws5axgscPBhG7ULm6iu9pFgGeevuepnUBPH/yTdq9NM=
Subject key identifier: 61:46:62:31:B8:3D:A8:EE:8D:9E:49:60:E2:19:E6:88:AE:45:F2:72
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0684
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/YUZiMbg9qO6Nnklg4hnmiK5F8nI.roa
Signing time: Mon 20 Jan 2025 22:25:31 +0000
ROA not before: Mon 20 Jan 2025 22:25:31 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1668 (0x684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 20 22:25:31 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=61466231B83DA8EE8D9E4960E219E688AE45F272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:d5:cb:6e:64:81:0b:96:a4:36:4d:b6:2c:
11:80:cb:61:12:6d:38:55:a8:74:45:d7:b0:9f:3d:
02:20:06:16:d2:e3:64:c9:13:ff:e4:65:63:38:72:
d8:50:01:64:b6:ab:b7:fb:60:2e:07:db:41:3f:4c:
58:62:d3:0f:47:7c:d1:1d:4d:39:03:8a:55:b3:24:
5b:7c:85:16:6f:4e:28:19:45:75:aa:56:84:5f:ec:
cd:a8:ce:c0:6a:4f:8e:a1:d6:de:7a:17:a8:61:57:
91:3d:0d:67:fc:75:6b:64:38:e8:1e:d6:9b:63:ea:
ab:a7:bd:1d:95:25:4d:37:f7:bd:b3:81:39:0a:b8:
89:bb:3e:1d:1c:61:01:e1:99:8c:59:3e:f6:4c:c3:
d2:c1:72:78:d5:75:f2:70:5e:18:de:08:ad:58:f1:
7c:77:10:d2:b3:56:6f:6c:05:5d:96:4d:88:17:46:
6f:7f:65:41:04:69:d0:fc:6e:05:27:08:ad:58:83:
d5:e6:18:1a:4b:4c:16:44:94:79:2d:8f:e2:c6:e8:
ed:fb:46:5e:74:0c:17:5e:35:8b:11:50:c6:7b:30:
37:2f:38:5c:e6:4c:fb:2c:61:99:11:69:44:66:1a:
62:d8:49:cf:36:05:66:2c:e7:37:68:91:fe:dc:96:
69:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:46:62:31:B8:3D:A8:EE:8D:9E:49:60:E2:19:E6:88:AE:45:F2:72
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/YUZiMbg9qO6Nnklg4hnmiK5F8nI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
27:df:8a:fa:05:83:2a:92:f6:77:d5:1e:19:a8:da:06:f3:6b:
5f:1f:6f:0f:16:66:bf:3b:fd:bc:0e:ec:48:0d:b3:65:47:de:
9d:55:9b:5f:0d:ba:de:be:d8:1c:45:c9:39:94:45:ae:77:fc:
f8:e3:78:6a:d4:a9:f7:f9:a8:8d:ca:16:32:d9:08:9a:c8:70:
af:fe:fd:12:6c:43:51:42:18:8c:a4:40:6c:30:60:86:80:ae:
82:20:85:56:17:10:06:ba:e9:1a:bd:b0:41:9d:d7:22:2a:2c:
2b:01:a2:06:50:23:97:2b:ef:4b:06:57:db:b3:fc:21:12:ee:
a4:69:82:1a:e5:7e:7c:74:62:b4:48:29:f1:c5:70:32:eb:0e:
c8:0e:44:07:16:ac:07:21:81:90:07:ec:23:41:4d:f3:10:8b:
62:05:d0:d4:eb:7b:59:a8:75:89:45:1d:dd:0f:0b:9b:b6:46:
92:5a:2c:24:1e:fa:6a:59:62:45:12:46:95:99:da:57:8e:c6:
7d:b9:ad:1c:09:43:f0:0f:67:7b:52:30:d3:47:92:82:b7:bc:
d0:2b:84:a7:9f:48:61:46:e5:04:cb:fd:89:df:38:5e:b3:37:
96:c0:e0:78:4a:d9:f3:f8:d1:7e:38:fc:a8:6b:74:dd:49:75:
23:35:12:39
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjAy
MjI1MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDYxNDY2MjMxQjgzREE4
RUU4RDlFNDk2MEUyMTlFNjg4QUU0NUYyNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCK9XLbmSBC5akNk22LBGAy2ESbThVqHRF17CfPQIgBhbS42TJ
E//kZWM4cthQAWS2q7f7YC4H20E/TFhi0w9HfNEdTTkDilWzJFt8hRZvTigZRXWq
VoRf7M2ozsBqT46h1t56F6hhV5E9DWf8dWtkOOge1ptj6qunvR2VJU03972zgTkK
uIm7Ph0cYQHhmYxZPvZMw9LBcnjVdfJwXhjeCK1Y8Xx3ENKzVm9sBV2WTYgXRm9/
ZUEEadD8bgUnCK1Yg9XmGBpLTBZElHktj+LG6O37Rl50DBdeNYsRUMZ7MDcvOFzm
TPssYZkRaURmGmLYSc82BWYs5zdokf7clmnrAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUYUZiMbg9qO6Nnklg4hnmiK5F8nIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1lVWmlNYmc5cU82Tm5r
bGc0aG5taUs1RjhuSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBACffivoFgyqS9nfVHhmo2gbz
a18fbw8WZr87/bwO7EgNs2VH3p1Vm18Nut6+2BxFyTmURa53/PjjeGrUqff5qI3K
FjLZCJrIcK/+/RJsQ1FCGIykQGwwYIaAroIghVYXEAa66Rq9sEGd1yIqLCsBogZQ
I5cr70sGV9uz/CES7qRpghrlfnx0YrRIKfHFcDLrDsgORAcWrAchgZAH7CNBTfMQ
i2IF0NTre1modYlFHd0PC5u2RpJaLCQe+mpZYkUSRpWZ2leOxn25rRwJQ/APZ3tS
MNNHkoK3vNArhKefSGFG5QTL/YnfOF6zN5bA4HhK2fP40X44/KhrdN1JdSM1Ejk=
-----END CERTIFICATE-----
Generated at Tue Jan 21 02:48:16 2025 by rpki-client on console.sobornost.net