Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/gVqdycgPicZh34KJlsFdou72nw0.roa
File: gVqdycgPicZh34KJlsFdou72nw0.roa (raw, json)
Hash identifier: GfxdB4bpyi12THc4WAkMqXnlRzpa/83ojLB6eoqPb9o=
Subject key identifier: 81:5A:9D:C9:C8:0F:89:C6:61:DF:82:89:96:C1:5D:A2:EE:F6:9F:0D
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0572
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/gVqdycgPicZh34KJlsFdou72nw0.roa
Signing time: Sat 18 Jan 2025 01:55:20 +0000
ROA not before: Sat 18 Jan 2025 01:55:20 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1394 (0x572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 01:55:20 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=815A9DC9C80F89C661DF828996C15DA2EEF69F0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d4:61:c0:b9:c6:51:5e:88:a2:59:77:1a:0f:
c8:b6:e5:99:b8:45:c7:62:0c:87:b2:f7:12:f2:bc:
50:a0:77:ee:c1:58:dc:91:80:be:fe:ed:71:1c:ed:
3c:a6:68:df:31:ed:66:54:a9:3e:1c:b6:8e:c3:75:
a7:cc:8e:cb:2f:9e:31:77:3a:82:a9:af:0b:b8:2e:
fb:5e:04:a6:f9:28:01:b9:08:08:3b:fb:2f:91:58:
79:52:9c:97:aa:19:81:19:6c:10:e9:d5:d3:66:04:
52:90:0f:44:6a:ff:94:87:22:f0:76:0f:00:7a:77:
be:f1:a9:f7:f1:2a:1b:ed:11:57:66:7d:30:bd:e6:
ef:68:02:c5:1e:2b:a3:5a:9d:9b:38:27:88:a8:18:
8d:8f:2c:cb:2e:7d:20:88:d4:21:4f:4f:30:ce:a2:
74:27:ac:e7:6c:d0:90:67:e6:5f:c4:03:9e:cf:f0:
c9:86:e0:9a:19:57:0e:2c:53:76:5f:99:84:31:3e:
1f:a7:85:bd:04:a0:a7:79:6f:ce:bc:7d:55:bd:da:
02:52:25:7c:92:c9:3f:0f:c3:ed:34:f7:21:e9:4b:
92:5c:0e:41:8f:25:8e:ef:d8:c5:1d:d2:0c:ac:1b:
eb:1c:73:67:ea:c9:ba:f6:51:1f:c7:e5:4f:ce:8f:
96:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5A:9D:C9:C8:0F:89:C6:61:DF:82:89:96:C1:5D:A2:EE:F6:9F:0D
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/gVqdycgPicZh34KJlsFdou72nw0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
44:e9:12:5a:b3:46:c9:8b:d6:ca:74:31:b2:46:ab:74:4f:a2:
e3:34:76:09:76:9d:5c:f9:b6:03:00:54:54:cf:4e:32:22:2e:
15:44:b4:bd:45:75:ba:66:1e:a7:bf:bf:db:54:7d:76:7c:2d:
63:30:ea:ed:ea:e6:31:33:26:15:43:81:ee:93:79:b3:f2:9c:
6e:d7:b9:1e:6a:19:93:f3:b0:81:39:e5:a8:99:4f:41:1d:70:
30:23:cf:31:26:71:c5:c4:22:09:9f:94:87:a9:3a:1e:e9:0b:
64:98:90:44:d0:12:a6:89:22:35:cd:2d:1e:0b:71:fc:c0:94:
15:cb:fc:0a:cc:ce:f3:65:63:f8:e7:f2:02:e1:ce:f6:67:db:
10:ba:33:3c:59:09:34:40:47:61:38:dd:e5:df:20:c2:3e:d5:
bc:c2:bf:c2:76:de:4e:dd:7b:ad:b8:48:29:dc:22:f4:37:ca:
d0:6c:c3:c8:1f:66:86:59:ec:20:ba:c9:41:92:f1:80:e9:e6:
7c:56:6a:56:99:d7:84:bd:d1:f0:68:ee:05:22:71:ec:3d:68:
44:c3:99:f9:3a:37:af:83:8b:1d:ca:90:23:5f:eb:e6:7c:46:
a2:ed:c8:d6:87:61:52:cd:a8:23:05:d0:b3:cc:c9:23:46:38:
a0:6e:35:ce
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgw
MTU1MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDgxNUE5REM5QzgwRjg5
QzY2MURGODI4OTk2QzE1REEyRUVGNjlGMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+1GHAucZRXoiiWXcaD8i25Zm4RcdiDIey9xLyvFCgd+7BWNyR
gL7+7XEc7TymaN8x7WZUqT4cto7DdafMjssvnjF3OoKprwu4LvteBKb5KAG5CAg7
+y+RWHlSnJeqGYEZbBDp1dNmBFKQD0Rq/5SHIvB2DwB6d77xqffxKhvtEVdmfTC9
5u9oAsUeK6NanZs4J4ioGI2PLMsufSCI1CFPTzDOonQnrOds0JBn5l/EA57P8MmG
4JoZVw4sU3ZfmYQxPh+nhb0EoKd5b868fVW92gJSJXySyT8Pw+009yHpS5JcDkGP
JY7v2MUd0gysG+scc2fqybr2UR/H5U/Oj5ZbAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUgVqdycgPicZh34KJlsFdou72nw0wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2dWcWR5Y2dQaWNaaDM0
S0psc0Zkb3U3Mm53MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAETpElqzRsmL1sp0MbJGq3RP
ouM0dgl2nVz5tgMAVFTPTjIiLhVEtL1FdbpmHqe/v9tUfXZ8LWMw6u3q5jEzJhVD
ge6TebPynG7XuR5qGZPzsIE55aiZT0EdcDAjzzEmccXEIgmflIepOh7pC2SYkETQ
EqaJIjXNLR4LcfzAlBXL/ArMzvNlY/jn8gLhzvZn2xC6MzxZCTRAR2E43eXfIMI+
1bzCv8J23k7de624SCncIvQ3ytBsw8gfZoZZ7CC6yUGS8YDp5nxWalaZ14S90fBo
7gUicew9aETDmfk6N6+Dix3KkCNf6+Z8RqLtyNaHYVLNqCMF0LPMySNGOKBuNc4=
Generated at Sat Jan 18 06:02:06 2025 by rpki-client on console.sobornost.net