Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/fnRyhF6IqVcGbsFfT5jpsb9YF9M.roa
File: fnRyhF6IqVcGbsFfT5jpsb9YF9M.roa (raw, json)
Hash identifier: BdXhHZ2XOV8CnAD6hJWbQb/KsA8n8882vDvVGIUcqy0=
Subject key identifier: 7E:74:72:84:5E:88:A9:57:06:6E:C1:5F:4F:98:E9:B1:BF:58:17:D3
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0526
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/fnRyhF6IqVcGbsFfT5jpsb9YF9M.roa
Signing time: Fri 17 Jan 2025 06:54:44 +0000
ROA not before: Fri 17 Jan 2025 06:54:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1318 (0x526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 17 06:54:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7E7472845E88A957066EC15F4F98E9B1BF5817D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c1:65:84:13:40:a2:72:ba:e8:87:60:3c:e8:
b3:94:f7:74:ea:0e:1b:ac:c5:46:e3:7f:40:26:76:
6c:ba:84:38:14:67:f3:4f:0c:19:81:7a:5b:aa:d8:
c0:28:28:e3:77:0c:e9:cd:c4:b0:f2:60:5f:41:a2:
c5:34:fe:75:5d:6c:bd:b2:40:1e:a0:f9:85:e5:35:
1d:0c:36:40:eb:f5:f2:27:90:1d:85:c5:b2:77:e8:
bb:d4:f6:e0:f3:fc:c6:1b:64:cc:71:07:49:fa:e5:
1e:f1:a9:1d:da:f4:4e:5e:6d:55:88:81:c0:fe:5b:
8b:9c:dd:c0:90:1b:b9:74:af:a3:1c:48:23:77:37:
0e:06:73:77:6f:3a:60:62:5b:60:bd:91:7d:64:cf:
da:7d:b2:cb:53:35:f8:8c:ba:e6:23:56:5b:31:60:
aa:0e:71:d7:1a:5b:ae:7e:32:65:a0:50:a1:dc:c8:
23:8b:90:dd:a4:f0:b1:76:bd:f1:ae:b3:f8:9f:c6:
75:57:f8:a0:77:fd:c8:f4:5e:a4:7b:04:84:54:e6:
27:d4:7e:c5:ca:35:10:24:1a:78:df:ab:01:5b:41:
34:ba:7d:e0:de:a6:37:98:21:25:38:2e:52:21:40:
01:bf:78:c4:e0:31:3d:c0:49:60:da:24:8a:cb:9e:
74:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:74:72:84:5E:88:A9:57:06:6E:C1:5F:4F:98:E9:B1:BF:58:17:D3
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/fnRyhF6IqVcGbsFfT5jpsb9YF9M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
71:c1:aa:4b:7b:d7:d8:c4:7b:2f:2e:2f:88:0f:07:5c:de:87:
28:2d:9e:f3:31:c2:8d:aa:8e:51:e2:2a:80:4e:2d:ca:9f:67:
f3:01:3b:21:b9:66:2a:b0:9b:3f:1d:fb:6c:0b:5b:fa:13:18:
de:36:66:19:2c:c2:70:53:31:87:5a:d3:cf:93:31:ac:3e:22:
42:bf:73:bf:8e:45:31:69:c9:1d:27:8f:5c:99:ce:4c:d9:b7:
24:5d:ea:0b:26:c5:4e:34:2c:8d:93:f3:ad:37:cd:e3:22:55:
7c:f7:c3:fb:fa:61:97:4f:20:17:e2:81:28:5c:34:45:99:ad:
5a:8c:23:07:8b:53:da:95:c8:cc:e8:92:3a:cc:53:0d:40:40:
7b:e1:c9:69:91:b6:98:35:13:b3:db:3b:5e:73:4f:c1:83:c8:
88:44:cb:04:05:79:b8:7a:1b:6f:39:29:8f:14:41:fe:3b:cc:
b6:2a:fd:09:2b:91:85:06:27:c5:e9:9d:1f:58:12:42:35:e7:
2d:1e:fe:c1:5d:dd:7d:61:95:bf:21:2b:1b:58:55:ec:7a:c4:
9a:67:76:b9:fd:c4:55:65:a2:c7:19:e3:25:62:88:25:d4:65:
76:18:ff:d1:ab:21:24:f8:73:bc:f2:c9:35:8f:ee:96:90:e1:
39:08:96:41
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBSYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTcw
NjU0NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdFNzQ3Mjg0NUU4OEE5
NTcwNjZFQzE1RjRGOThFOUIxQkY1ODE3RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjwWWEE0Cicrroh2A86LOU93TqDhusxUbjf0Amdmy6hDgUZ/NP
DBmBeluq2MAoKON3DOnNxLDyYF9BosU0/nVdbL2yQB6g+YXlNR0MNkDr9fInkB2F
xbJ36LvU9uDz/MYbZMxxB0n65R7xqR3a9E5ebVWIgcD+W4uc3cCQG7l0r6McSCN3
Nw4Gc3dvOmBiW2C9kX1kz9p9sstTNfiMuuYjVlsxYKoOcdcaW65+MmWgUKHcyCOL
kN2k8LF2vfGus/ifxnVX+KB3/cj0XqR7BIRU5ifUfsXKNRAkGnjfqwFbQTS6feDe
pjeYISU4LlIhQAG/eMTgMT3ASWDaJIrLnnQJAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUfnRyhF6IqVcGbsFfT5jpsb9YF9MwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2ZuUnloRjZJcVZjR2Jz
RmZUNWpwc2I5WUY5TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHHBqkt719jEey8uL4gPB1ze
hygtnvMxwo2qjlHiKoBOLcqfZ/MBOyG5Ziqwmz8d+2wLW/oTGN42ZhkswnBTMYda
08+TMaw+IkK/c7+ORTFpyR0nj1yZzkzZtyRd6gsmxU40LI2T8603zeMiVXz3w/v6
YZdPIBfigShcNEWZrVqMIweLU9qVyMzokjrMUw1AQHvhyWmRtpg1E7PbO15zT8GD
yIhEywQFebh6G285KY8UQf47zLYq/QkrkYUGJ8XpnR9YEkI15y0e/sFd3X1hlb8h
KxtYVex6xJpndrn9xFVloscZ4yViiCXUZXYY/9GrIST4c7zyyTWP7paQ4TkIlkE=
Generated at Fri Jan 17 13:20:02 2025 by rpki-client on console.sobornost.net