Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/aL6Ai71EOtwShLW-ZZC5WTWR9jM.roa
File: aL6Ai71EOtwShLW-ZZC5WTWR9jM.roa (raw, json)
Hash identifier: RsPcHtl90Xp6v3sZwypXEh/Dj5mIDXTw3hzOoxFF1Ys=
Subject key identifier: 68:BE:80:8B:BD:44:3A:DC:12:84:B5:BE:65:90:B9:59:35:91:F6:33
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0594
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/aL6Ai71EOtwShLW-ZZC5WTWR9jM.roa
Signing time: Sat 18 Jan 2025 10:24:45 +0000
ROA not before: Sat 18 Jan 2025 10:24:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1428 (0x594)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 10:24:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=68BE808BBD443ADC1284B5BE6590B9593591F633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b6:26:94:40:d8:0e:6d:56:29:32:44:82:c3:
f6:54:00:62:f6:50:1b:44:fd:58:09:53:d1:03:94:
6d:98:8d:ac:67:07:40:e0:1e:95:a3:8e:97:a2:b2:
4c:f4:fd:43:c5:1d:dc:fc:0e:cf:fa:ce:74:32:f3:
8e:10:d4:6d:4a:86:7f:0b:d5:55:f9:97:0e:95:eb:
9f:4a:a7:0a:5b:f2:8f:21:73:a8:cd:00:8d:d3:dd:
41:e4:65:d5:97:3e:7e:b4:6a:d0:47:b4:52:ed:e1:
29:a1:db:1d:af:9c:d3:b7:24:8e:2c:2d:70:59:c9:
35:03:d6:0e:0e:49:28:a9:26:7a:06:e4:6d:09:5a:
93:f5:47:78:4f:38:dc:b5:ec:66:2a:0d:2a:68:a4:
81:23:4b:2b:78:c9:f0:50:5c:b1:e0:12:04:5f:fe:
ed:d6:95:b5:15:b9:0c:ce:bb:22:7a:fc:f4:9e:46:
03:56:c0:65:38:08:f4:cd:d1:6d:11:71:7f:7f:e8:
f6:b8:bd:4c:01:d2:4b:83:e1:ac:ac:9f:fb:71:29:
ef:d0:16:a8:9c:33:68:3d:ba:aa:12:3a:47:68:02:
53:f9:01:57:6b:61:9d:7d:ea:fb:1e:d5:a9:5c:b7:
d1:89:fa:4d:32:15:8a:62:c5:40:71:cd:39:3d:99:
62:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BE:80:8B:BD:44:3A:DC:12:84:B5:BE:65:90:B9:59:35:91:F6:33
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/aL6Ai71EOtwShLW-ZZC5WTWR9jM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:a3:71:6b:ef:78:e5:02:91:fb:09:49:a1:14:91:02:84:45:
b9:84:2c:3b:af:26:c2:64:47:34:05:0a:b9:80:df:74:1b:8f:
d0:9d:3e:07:18:a7:68:8c:94:ed:88:f3:89:d5:79:43:fa:5e:
66:57:83:4d:ad:ae:7c:31:25:93:65:d1:15:bb:db:c0:8a:38:
93:b0:35:40:dc:3f:b0:fb:37:e4:13:48:c8:81:6c:66:2f:a4:
47:4b:45:00:ab:63:a7:ae:f1:5f:b1:0e:67:17:0d:25:00:0f:
bb:d8:96:48:60:6e:15:10:b9:e0:67:08:ec:d3:e4:43:f8:b3:
e1:16:81:c6:90:c8:9e:3e:a2:c3:d2:27:36:79:63:05:12:77:
39:09:e1:55:8d:28:53:dc:68:0e:c2:c7:96:05:bf:4a:33:50:
02:53:f0:8d:d2:e1:3b:9c:14:00:0a:f5:0d:7b:04:c9:c1:e8:
59:6e:27:61:01:14:aa:e7:2a:9b:bd:99:ea:e9:35:85:20:0c:
ce:f4:2e:5e:c8:02:1a:31:58:b3:d1:58:48:9d:a7:cf:f0:45:
61:8b:73:70:63:42:30:90:b7:7c:bf:06:a8:5b:29:2c:e1:fe:
a0:83:c7:5e:3c:0d:e6:57:ea:61:b3:38:41:0d:97:0b:99:b9:
ef:97:79:61
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgx
MDI0NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY4QkU4MDhCQkQ0NDNB
REMxMjg0QjVCRTY1OTBCOTU5MzU5MUY2MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDetiaUQNgObVYpMkSCw/ZUAGL2UBtE/VgJU9EDlG2YjaxnB0Dg
HpWjjpeiskz0/UPFHdz8Ds/6znQy844Q1G1Khn8L1VX5lw6V659Kpwpb8o8hc6jN
AI3T3UHkZdWXPn60atBHtFLt4Smh2x2vnNO3JI4sLXBZyTUD1g4OSSipJnoG5G0J
WpP1R3hPONy17GYqDSpopIEjSyt4yfBQXLHgEgRf/u3WlbUVuQzOuyJ6/PSeRgNW
wGU4CPTN0W0RcX9/6Pa4vUwB0kuD4aysn/txKe/QFqicM2g9uqoSOkdoAlP5AVdr
YZ196vse1alct9GJ+k0yFYpixUBxzTk9mWIPAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUaL6Ai71EOtwShLW+ZZC5WTWR9jMwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2FMNkFpNzFFT3R3U2hM
Vy1aWkM1V1RXUjlqTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAI6jcWvveOUCkfsJSaEUkQKE
RbmELDuvJsJkRzQFCrmA33Qbj9CdPgcYp2iMlO2I84nVeUP6XmZXg02trnwxJZNl
0RW728CKOJOwNUDcP7D7N+QTSMiBbGYvpEdLRQCrY6eu8V+xDmcXDSUAD7vYlkhg
bhUQueBnCOzT5EP4s+EWgcaQyJ4+osPSJzZ5YwUSdzkJ4VWNKFPcaA7Cx5YFv0oz
UAJT8I3S4TucFAAK9Q17BMnB6FluJ2EBFKrnKpu9merpNYUgDM70Ll7IAhoxWLPR
WEidp8/wRWGLc3BjQjCQt3y/BqhbKSzh/qCDx148DeZX6mGzOEENlwuZue+XeWE=
-----END CERTIFICATE-----
Generated at Sat Jan 18 13:59:46 2025 by rpki-client on console.sobornost.net