Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/dGEMF3AhCvb794b2ccgiWYaaG4E.roa
File: dGEMF3AhCvb794b2ccgiWYaaG4E.roa (raw, json)
Hash identifier: Tfshs/lu75t9ubgc7ij/7R5zF4r61lzoYXBIUuCe+NY=
Subject key identifier: 74:61:0C:17:70:21:0A:F6:FB:F7:86:F6:71:C8:22:59:86:9A:1B:81
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07E2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/dGEMF3AhCvb794b2ccgiWYaaG4E.roa
Signing time: Fri 24 Jan 2025 13:55:05 +0000
ROA not before: Fri 24 Jan 2025 13:55:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2018 (0x7e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 13:55:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=74610C1770210AF6FBF786F671C82259869A1B81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:de:d3:97:3e:58:cd:6b:4b:b0:84:7d:c5:60:
0c:7b:6d:31:1a:45:91:40:dd:c7:99:e0:5b:78:c4:
40:15:a8:c9:d6:3d:4b:b3:98:57:59:8f:23:bf:3c:
eb:5e:f3:ae:c6:ca:9a:0f:d9:0e:82:08:87:c4:a5:
b4:65:a3:69:67:a5:e6:99:7e:96:d0:13:48:c9:d7:
02:44:b3:1d:c2:54:1a:a0:9a:72:02:01:81:0b:fa:
16:1c:d5:9b:e3:b3:62:bb:8b:41:e8:5a:e5:80:5d:
c4:b6:62:69:16:3e:83:d1:1b:eb:35:0e:e4:4f:2f:
04:28:2e:71:95:a6:aa:8f:5a:31:82:7f:99:3f:41:
9d:de:9e:86:38:12:46:41:05:b0:f0:85:fb:28:be:
b5:f5:53:b0:68:9c:61:7f:86:bb:6d:35:64:ed:03:
35:e3:7f:f9:06:86:8e:63:84:66:1b:b9:c0:7e:ba:
3b:be:5e:7f:b9:8e:f9:32:85:26:a2:79:17:bf:d6:
55:01:e9:b8:79:fa:3e:16:87:53:0d:86:42:de:3e:
37:b5:be:e7:f0:22:49:b7:61:ec:19:9c:9a:87:2e:
2e:9c:1d:ae:62:c6:6b:13:07:6e:a2:a5:7f:a3:d8:
9c:f4:87:45:f4:a2:fb:89:6e:08:3f:3f:cc:e8:af:
25:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:61:0C:17:70:21:0A:F6:FB:F7:86:F6:71:C8:22:59:86:9A:1B:81
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/dGEMF3AhCvb794b2ccgiWYaaG4E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
64:fe:34:d7:04:97:64:db:20:e0:96:e7:7e:e1:cf:ce:a2:58:
e7:3a:0d:fe:29:e3:11:19:d3:0d:ec:72:a7:bf:4e:1f:11:46:
59:3f:93:1a:71:3c:71:1b:24:07:12:0b:d0:63:26:1b:97:43:
38:71:61:e6:cb:2d:d8:7f:b5:08:04:63:5e:98:f6:d6:87:ec:
e1:0e:e8:7d:8a:01:6d:e6:e8:87:d1:3d:74:dc:0e:00:b3:08:
1b:71:34:01:76:06:1f:43:87:49:ba:4b:ba:f3:25:ef:ab:f9:
da:d9:a7:95:21:a3:b2:88:8f:7a:4f:91:10:01:db:46:bb:43:
88:39:92:10:fc:27:1c:ea:3f:c1:88:8a:0d:ac:2e:8f:7a:bc:
69:a7:0d:e7:6c:ce:b7:f3:f4:3f:1b:da:b2:53:dc:4f:6d:ee:
07:d2:9d:22:8b:54:19:8c:ee:de:8d:cf:3a:60:0b:d2:d0:49:
84:fe:25:53:38:a3:c6:7d:5a:fa:e9:fd:5b:69:f7:7a:f9:46:
4c:f0:17:d7:4d:12:78:32:44:c6:05:a5:ef:81:4b:c6:7a:98:
6d:28:03:2e:fb:cb:1e:1e:67:26:e7:df:da:34:70:9f:4c:da:
46:e8:48:28:28:3c:8e:fe:a9:18:da:7a:65:d2:b6:11:18:e9:
52:d1:e7:92
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQx
MzU1MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc0NjEwQzE3NzAyMTBB
RjZGQkY3ODZGNjcxQzgyMjU5ODY5QTFCODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj3tOXPljNa0uwhH3FYAx7bTEaRZFA3ceZ4Ft4xEAVqMnWPUuz
mFdZjyO/POte867GypoP2Q6CCIfEpbRlo2lnpeaZfpbQE0jJ1wJEsx3CVBqgmnIC
AYEL+hYc1Zvjs2K7i0HoWuWAXcS2YmkWPoPRG+s1DuRPLwQoLnGVpqqPWjGCf5k/
QZ3enoY4EkZBBbDwhfsovrX1U7BonGF/hrttNWTtAzXjf/kGho5jhGYbucB+uju+
Xn+5jvkyhSaieRe/1lUB6bh5+j4Wh1MNhkLePje1vufwIkm3YewZnJqHLi6cHa5i
xmsTB26ipX+j2Jz0h0X0ovuJbgg/P8zoryXpAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUdGEMF3AhCvb794b2ccgiWYaaG4EwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2RHRU1GM0FoQ3ZiNzk0
YjJjY2dpV1lhYUc0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGT+NNcEl2TbIOCW537hz86i
WOc6Df4p4xEZ0w3scqe/Th8RRlk/kxpxPHEbJAcSC9BjJhuXQzhxYebLLdh/tQgE
Y16Y9taH7OEO6H2KAW3m6IfRPXTcDgCzCBtxNAF2Bh9Dh0m6S7rzJe+r+drZp5Uh
o7KIj3pPkRAB20a7Q4g5khD8JxzqP8GIig2sLo96vGmnDedszrfz9D8b2rJT3E9t
7gfSnSKLVBmM7t6NzzpgC9LQSYT+JVM4o8Z9Wvrp/Vtp93r5RkzwF9dNEngyRMYF
pe+BS8Z6mG0oAy77yx4eZybn39o0cJ9M2kboSCgoPI7+qRjaemXSthEY6VLR55I=
-----END CERTIFICATE-----
Generated at Fri Jan 24 18:18:10 2025 by rpki-client on console.sobornost.net