Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/eTAl7bDFxlMVtukEHQQKH41bJy4.roa
File: eTAl7bDFxlMVtukEHQQKH41bJy4.roa (raw, json)
Hash identifier: 5hW1rERocz9vJgL2sfNVXpLF3oInKJvHLPjKvass5+I=
Subject key identifier: 79:30:25:ED:B0:C5:C6:53:15:B6:E9:04:1D:04:0A:1F:8D:5B:27:2E
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 061E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/eTAl7bDFxlMVtukEHQQKH41bJy4.roa
Signing time: Sun 19 Jan 2025 20:54:51 +0000
ROA not before: Sun 19 Jan 2025 20:54:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1566 (0x61e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 19 20:54:51 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=793025EDB0C5C65315B6E9041D040A1F8D5B272E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ee:af:94:3a:f8:58:55:aa:5c:47:77:e3:e3:
6d:13:a4:d0:96:a7:43:ba:fb:f5:08:f8:1d:29:08:
7d:7d:17:9b:3d:e0:35:ba:80:bf:9a:7b:5e:dc:1e:
46:5b:97:32:cc:a5:53:00:fb:d3:97:c0:bf:5f:b3:
95:f4:93:c7:aa:77:d9:4c:38:75:72:13:e0:3d:ef:
8b:28:b0:0d:ac:25:dc:2c:d3:2a:2f:dc:88:bb:a7:
12:80:43:2b:7e:a6:c3:5d:41:c5:d9:80:fc:cf:98:
89:12:93:a9:83:81:cf:40:0d:bf:28:fe:88:50:49:
66:2d:14:66:fa:f9:cb:a0:bd:31:29:66:8b:7e:92:
d3:59:5a:82:b0:5d:fc:47:0b:c2:a6:96:8e:ab:7e:
06:0b:e5:53:5d:b9:ca:af:7c:28:30:99:6d:63:86:
d2:17:3b:3d:95:19:18:ba:1b:51:1f:cd:66:dd:fd:
30:2e:72:63:ec:35:f8:21:0f:66:1b:3e:23:75:db:
33:c1:22:6f:dd:81:a8:1d:77:2e:90:92:8b:5a:51:
9f:27:50:06:13:f4:62:7e:2a:32:60:3b:21:fa:cc:
83:8d:3d:a4:fc:38:cd:c4:b0:cb:9a:ba:b4:06:fd:
f3:b4:fe:bd:b3:36:d8:15:bd:33:5a:37:81:35:a5:
69:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:30:25:ED:B0:C5:C6:53:15:B6:E9:04:1D:04:0A:1F:8D:5B:27:2E
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/eTAl7bDFxlMVtukEHQQKH41bJy4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
56:a3:9f:bc:f6:40:ab:cd:1e:07:4f:6f:3d:90:6a:31:24:37:
2e:3e:38:c9:7a:56:00:9d:7c:fb:bc:5e:24:f7:96:16:6f:cf:
8c:b5:95:10:3f:c4:65:53:06:4c:a8:84:66:5b:a9:95:34:6b:
88:95:96:ca:0d:a3:55:57:90:7b:39:3e:0d:ee:1c:1c:ca:31:
ca:bf:93:2c:d9:dc:c1:19:ff:f6:93:ed:cb:8c:69:d5:0b:4b:
36:0f:2a:ec:37:ee:7f:0d:db:54:82:b1:90:45:6c:2f:fe:2b:
1d:aa:a5:3d:1c:ea:93:d2:45:d3:bf:3c:66:09:ad:ec:bc:fa:
f7:7f:b1:5e:8e:a7:4a:02:df:54:d2:0b:11:dd:1d:17:c1:20:
1c:b2:1b:86:d7:e0:03:98:fa:9a:0c:fa:5c:04:ca:ab:66:aa:
8a:13:51:78:78:31:ef:4a:ee:e2:61:d7:8e:c7:9d:c6:bd:51:
db:8c:0b:65:a9:7b:cc:73:60:5d:02:c0:32:d2:a2:04:65:6c:
a9:d5:da:a6:a5:fe:6e:e4:a0:4b:80:96:15:c6:f7:2d:a3:71:
9c:04:75:23:2f:97:d8:80:1a:60:27:9e:ea:20:d8:49:4f:ad:
b9:20:d6:37:44:1e:f6:6c:74:69:a8:40:6e:af:1b:df:53:1e:
c6:94:55:9b
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTky
MDU0NTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc5MzAyNUVEQjBDNUM2
NTMxNUI2RTkwNDFEMDQwQTFGOEQ1QjI3MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe7q+UOvhYVapcR3fj420TpNCWp0O6+/UI+B0pCH19F5s94DW6
gL+ae17cHkZblzLMpVMA+9OXwL9fs5X0k8eqd9lMOHVyE+A974sosA2sJdws0yov
3Ii7pxKAQyt+psNdQcXZgPzPmIkSk6mDgc9ADb8o/ohQSWYtFGb6+cugvTEpZot+
ktNZWoKwXfxHC8Kmlo6rfgYL5VNducqvfCgwmW1jhtIXOz2VGRi6G1EfzWbd/TAu
cmPsNfghD2YbPiN12zPBIm/dgagddy6QkotaUZ8nUAYT9GJ+KjJgOyH6zIONPaT8
OM3EsMuaurQG/fO0/r2zNtgVvTNaN4E1pWkRAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUeTAl7bDFxlMVtukEHQQKH41bJy4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2VUQWw3YkRGeGxNVnR1
a0VIUVFLSDQxYkp5NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAFajn7z2QKvNHgdPbz2QajEk
Ny4+OMl6VgCdfPu8XiT3lhZvz4y1lRA/xGVTBkyohGZbqZU0a4iVlsoNo1VXkHs5
Pg3uHBzKMcq/kyzZ3MEZ//aT7cuMadULSzYPKuw37n8N21SCsZBFbC/+Kx2qpT0c
6pPSRdO/PGYJrey8+vd/sV6Op0oC31TSCxHdHRfBIByyG4bX4AOY+poM+lwEyqtm
qooTUXh4Me9K7uJh147Hnca9UduMC2Wpe8xzYF0CwDLSogRlbKnV2qal/m7koEuA
lhXG9y2jcZwEdSMvl9iAGmAnnuog2ElPrbkg1jdEHvZsdGmoQG6vG99THsaUVZs=
Generated at Mon Jan 20 00:53:43 2025 by rpki-client on console.sobornost.net