Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/eWmufaFq9VeI6BRXarWaKyFSROU.roa
File: eWmufaFq9VeI6BRXarWaKyFSROU.roa (raw, json)
Hash identifier: tSBfhE+OEAm4Oov6lq6uY00Md71YUangYjnwhgc4cX0=
Subject key identifier: 79:69:AE:7D:A1:6A:F5:57:88:E8:14:57:6A:B5:9A:2B:21:52:44:E5
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 06BE
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/eWmufaFq9VeI6BRXarWaKyFSROU.roa
Signing time: Tue 21 Jan 2025 12:54:55 +0000
ROA not before: Tue 21 Jan 2025 12:54:55 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1726 (0x6be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 21 12:54:55 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7969AE7DA16AF55788E814576AB59A2B215244E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:6c:0d:0a:07:39:d0:89:18:2c:d3:81:15:aa:
7c:b8:20:6f:62:84:e3:29:78:87:29:1f:d9:ba:ff:
90:1b:88:36:45:5e:0f:9f:d9:c4:6c:fc:7d:56:e0:
62:e7:97:c2:5b:06:7e:47:36:c4:c4:82:96:ea:3c:
20:49:cd:43:68:f0:0c:79:59:e5:d3:31:3a:40:16:
f7:ce:15:ff:63:3f:b8:46:39:ff:0b:a6:b8:27:82:
13:d9:ea:9c:54:ac:b9:8e:e8:f4:3f:df:e4:27:36:
77:29:dd:37:03:dd:96:42:b6:69:c9:96:f1:c7:1f:
57:48:5d:35:7c:5e:37:63:c1:b1:2e:a6:3c:d7:9a:
ef:ec:68:fa:f9:13:5b:93:d2:3d:8d:04:85:3f:d4:
4d:a1:33:cf:eb:44:4e:57:fb:37:e2:18:90:ba:2f:
6a:bd:12:6f:08:20:14:95:e8:15:34:be:2d:98:39:
c2:3f:1c:f8:f7:3d:b3:a8:b8:84:3e:de:3e:c4:2b:
a6:3a:d2:be:51:5b:4c:d1:52:ab:7a:64:ad:5e:ab:
87:db:0a:27:7e:43:49:e4:4a:1b:22:f7:cb:05:84:
b5:c9:1e:d7:3d:f6:ef:41:7d:1c:0a:b5:bd:f8:fb:
ab:30:bd:ac:0e:2a:68:82:b4:53:c6:a7:46:cc:ae:
2e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:69:AE:7D:A1:6A:F5:57:88:E8:14:57:6A:B5:9A:2B:21:52:44:E5
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/eWmufaFq9VeI6BRXarWaKyFSROU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
32:93:89:0e:68:ed:cc:97:ce:53:d8:52:31:19:ff:8d:fe:5e:
2c:e3:6f:27:d3:42:eb:81:55:c0:8d:58:1a:4f:24:fa:b8:4e:
cc:06:be:90:7d:8d:0c:4a:78:27:b8:02:b0:55:fc:8b:9c:25:
d0:21:32:eb:ff:8d:a1:45:ac:10:f9:63:b6:78:c0:35:b1:50:
77:6a:38:31:90:be:16:a8:c6:6e:6c:50:37:9b:66:b9:ee:60:
c4:da:17:9c:7a:8e:bc:f9:da:61:e6:12:d6:c6:56:76:65:4e:
42:37:56:6f:62:c0:c2:4b:81:d9:17:5b:5b:88:d6:2f:69:f2:
b2:e8:2a:ea:be:60:dd:cf:a0:df:77:ec:2f:a6:55:d0:21:e7:
e7:fc:fa:71:02:b6:02:34:f4:f7:90:4e:7d:9d:b2:dc:13:52:
51:29:a4:8d:f8:3a:d0:2f:fe:42:2b:b5:33:c7:ec:b6:3a:3c:
fe:c3:01:8b:5c:62:f1:b4:1d:a1:0b:ce:be:fa:79:8d:54:bb:
2e:a3:35:b8:08:8f:b7:6f:fc:cd:0f:40:ab:f3:5c:82:a5:1a:
ea:25:02:c4:07:96:2f:e1:6b:94:45:96:b9:5a:01:99:1e:67:
57:47:4f:51:cb:0f:ab:53:91:4e:0c:8e:3d:95:12:72:07:9f:
97:37:96:5c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjEx
MjU0NTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc5NjlBRTdEQTE2QUY1
NTc4OEU4MTQ1NzZBQjU5QTJCMjE1MjQ0RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1bA0KBznQiRgs04EVqny4IG9ihOMpeIcpH9m6/5AbiDZFXg+f
2cRs/H1W4GLnl8JbBn5HNsTEgpbqPCBJzUNo8Ax5WeXTMTpAFvfOFf9jP7hGOf8L
prgnghPZ6pxUrLmO6PQ/3+QnNncp3TcD3ZZCtmnJlvHHH1dIXTV8XjdjwbEupjzX
mu/saPr5E1uT0j2NBIU/1E2hM8/rRE5X+zfiGJC6L2q9Em8IIBSV6BU0vi2YOcI/
HPj3PbOouIQ+3j7EK6Y60r5RW0zRUqt6ZK1eq4fbCid+Q0nkShsi98sFhLXJHtc9
9u9BfRwKtb34+6swvawOKmiCtFPGp0bMri7HAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUeWmufaFq9VeI6BRXarWaKyFSROUwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2VXbXVmYUZxOVZlSTZC
UlhhcldhS3lGU1JPVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADKTiQ5o7cyXzlPYUjEZ/43+
XizjbyfTQuuBVcCNWBpPJPq4TswGvpB9jQxKeCe4ArBV/IucJdAhMuv/jaFFrBD5
Y7Z4wDWxUHdqODGQvhaoxm5sUDebZrnuYMTaF5x6jrz52mHmEtbGVnZlTkI3Vm9i
wMJLgdkXW1uI1i9p8rLoKuq+YN3PoN937C+mVdAh5+f8+nECtgI09PeQTn2dstwT
UlEppI34OtAv/kIrtTPH7LY6PP7DAYtcYvG0HaELzr76eY1Uuy6jNbgIj7dv/M0P
QKvzXIKlGuolAsQHli/ha5RFlrlaAZkeZ1dHT1HLD6tTkU4Mjj2VEnIHn5c3llw=
-----END CERTIFICATE-----
Generated at Tue Jan 21 17:32:52 2025 by rpki-client on console.sobornost.net