Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/iLrADdujb6wvdqp80sYhdwcQA8I.roa
File: iLrADdujb6wvdqp80sYhdwcQA8I.roa (raw, json)
Hash identifier: T90C4PZF7PckRrJ9Cq4mygAbEkhB2Q3spoBmjzm48Bc=
Subject key identifier: 88:BA:C0:0D:DB:A3:6F:AC:2F:76:AA:7C:D2:C6:21:77:07:10:03:C2
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07FE
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/iLrADdujb6wvdqp80sYhdwcQA8I.roa
Signing time: Fri 24 Jan 2025 20:55:07 +0000
ROA not before: Fri 24 Jan 2025 20:55:07 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2046 (0x7fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 20:55:07 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=88BAC00DDBA36FAC2F76AA7CD2C62177071003C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:68:a2:55:7e:54:75:4b:17:1d:52:45:3e:84:
9b:fa:65:df:04:14:8b:3d:4f:7d:c3:60:f0:8c:cf:
a8:ea:5d:54:07:5e:18:61:30:c2:8f:08:74:51:1f:
8a:bc:03:f0:69:9a:7a:97:97:7b:97:0c:9c:66:11:
b0:85:18:4e:fc:c7:65:35:ef:60:8a:d0:ab:9b:4c:
93:1d:72:16:99:37:c7:66:4e:f0:db:76:8f:d6:43:
45:1e:d4:8a:7a:c5:6f:89:ff:1b:79:8c:39:94:a0:
69:99:fd:b7:cb:b2:9e:a4:3e:1a:fd:c6:fb:10:40:
f0:63:31:cd:f0:30:2c:06:9d:b7:65:90:d7:4e:35:
51:0d:c8:b5:66:53:61:f5:5a:ee:ae:59:bf:03:8d:
da:fe:70:91:fa:72:6c:d3:b8:6c:ab:5f:04:28:c0:
6c:9b:83:ab:8b:34:4c:75:55:fe:72:91:c7:c3:e4:
b2:de:3a:c6:13:53:69:76:54:a2:3e:00:32:7f:75:
7a:3e:50:63:ab:94:1e:46:90:75:50:97:e7:2e:34:
27:33:49:90:59:2a:4e:4c:74:b9:46:b6:94:a2:c3:
37:cb:6a:c8:02:61:72:1a:74:72:4b:b0:bd:84:97:
c5:1c:12:be:ba:38:55:18:a7:28:4b:b2:b4:71:41:
29:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BA:C0:0D:DB:A3:6F:AC:2F:76:AA:7C:D2:C6:21:77:07:10:03:C2
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/iLrADdujb6wvdqp80sYhdwcQA8I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
62:2a:0f:6f:ba:7f:83:5e:54:71:b3:29:72:55:51:06:23:16:
c5:1a:41:68:a0:b5:02:b4:21:6d:61:f8:7e:8b:b2:ab:18:b5:
73:8b:76:30:02:c7:5a:89:12:2d:26:9a:fe:3e:76:43:82:e4:
3c:ea:f3:ac:3a:46:c5:b3:22:2d:25:ba:cc:e4:a5:c4:c2:76:
7c:65:f5:74:3a:04:32:fe:5d:e2:13:5c:34:8b:bb:a9:3f:a2:
13:69:11:0b:f1:43:ba:06:fc:b6:e3:10:94:1b:81:f2:3f:ef:
8f:10:20:8c:25:8a:a6:92:97:ec:28:a4:0a:de:ba:58:44:2b:
da:51:3e:28:64:0c:e0:15:5e:c0:69:7f:c4:a6:9c:71:b5:b1:
9a:28:76:84:c7:1c:fe:4e:c7:46:82:73:c2:da:12:e1:0f:76:
a2:99:76:9a:7c:f6:b4:ba:36:88:dd:c0:6d:11:b1:40:fd:a1:
5c:07:e6:2e:13:85:f6:b4:ef:86:91:eb:ae:34:dc:6f:69:0a:
a0:2a:8f:31:65:0d:28:a4:a9:a7:1a:12:4b:fa:95:57:20:09:
29:6b:b9:b4:4b:b4:49:7f:dc:95:da:bd:53:a6:95:c8:93:20:
21:80:00:f4:02:77:05:ec:48:25:23:fc:6e:4a:e8:82:22:e0:
0d:6f:e2:2a
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQy
MDU1MDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg4QkFDMDBEREJBMzZG
QUMyRjc2QUE3Q0QyQzYyMTc3MDcxMDAzQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfaKJVflR1SxcdUkU+hJv6Zd8EFIs9T33DYPCMz6jqXVQHXhhh
MMKPCHRRH4q8A/BpmnqXl3uXDJxmEbCFGE78x2U172CK0KubTJMdchaZN8dmTvDb
do/WQ0Ue1Ip6xW+J/xt5jDmUoGmZ/bfLsp6kPhr9xvsQQPBjMc3wMCwGnbdlkNdO
NVENyLVmU2H1Wu6uWb8Djdr+cJH6cmzTuGyrXwQowGybg6uLNEx1Vf5ykcfD5LLe
OsYTU2l2VKI+ADJ/dXo+UGOrlB5GkHVQl+cuNCczSZBZKk5MdLlGtpSiwzfLasgC
YXIadHJLsL2El8UcEr66OFUYpyhLsrRxQSmjAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUiLrADdujb6wvdqp80sYhdwcQA8IwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2lMckFEZHVqYjZ3dmRx
cDgwc1loZHdjUUE4SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGIqD2+6f4NeVHGzKXJVUQYj
FsUaQWigtQK0IW1h+H6LsqsYtXOLdjACx1qJEi0mmv4+dkOC5Dzq86w6RsWzIi0l
uszkpcTCdnxl9XQ6BDL+XeITXDSLu6k/ohNpEQvxQ7oG/LbjEJQbgfI/748QIIwl
iqaSl+wopAreulhEK9pRPihkDOAVXsBpf8SmnHG1sZoodoTHHP5Ox0aCc8LaEuEP
dqKZdpp89rS6NojdwG0RsUD9oVwH5i4Thfa074aR66403G9pCqAqjzFlDSikqaca
Ekv6lVcgCSlrubRLtEl/3JXavVOmlciTICGAAPQCdwXsSCUj/G5K6IIi4A1v4io=
Generated at Sat Jan 25 00:45:41 2025 by rpki-client on console.sobornost.net