Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/iNJepauDGlnJ393B26DtFlr0ZNc.roa
File: iNJepauDGlnJ393B26DtFlr0ZNc.roa (raw, json)
Hash identifier: +cbKQkLmy8vpHGB+5DchxMNANKdmWeeRfQpZuFnzoEs=
Subject key identifier: 88:D2:5E:A5:AB:83:1A:59:C9:DF:DD:C1:DB:A0:ED:16:5A:F4:64:D7
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 059C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/iNJepauDGlnJ393B26DtFlr0ZNc.roa
Signing time: Sat 18 Jan 2025 12:24:46 +0000
ROA not before: Sat 18 Jan 2025 12:24:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1436 (0x59c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 12:24:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=88D25EA5AB831A59C9DFDDC1DBA0ED165AF464D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3c:a3:85:e4:8a:e3:98:a5:68:84:c6:2d:60:
13:bb:25:0c:ba:22:71:86:34:6b:be:93:42:44:86:
33:8e:13:ca:64:d1:53:fc:12:1a:ca:0b:5f:ea:ec:
e5:36:e9:8e:6c:b8:0d:a5:5d:8c:2d:ed:5b:b1:dd:
2a:81:1c:5e:16:6b:a8:72:95:75:77:87:fa:eb:ba:
1d:0d:f9:d1:c7:05:c7:c9:8d:9d:89:f5:2c:0f:22:
0a:ec:9c:f7:d8:39:87:42:83:45:58:89:ba:1c:de:
52:3f:28:d4:57:51:4d:50:10:44:c0:e4:b1:dd:aa:
5b:96:0d:e2:2b:bf:2c:27:85:38:b9:b8:6a:3a:d6:
17:06:4c:8d:38:d5:c4:04:0b:9c:15:35:eb:c5:23:
91:57:0a:a3:6d:b0:0c:84:35:c3:37:f3:31:f0:53:
e7:66:d2:58:20:cd:71:e1:18:1f:36:ef:e5:46:8f:
52:03:b2:cf:be:7d:c2:f9:68:d2:a6:ef:05:5c:2c:
29:23:6d:13:06:a1:62:2d:77:bc:5f:0a:f1:ad:75:
0c:6b:cc:6e:44:f3:e1:e5:7a:24:5e:41:ca:b9:a6:
8f:80:0f:1b:dd:14:7e:80:86:c5:4c:62:31:fd:8f:
e7:f5:f6:d1:05:cc:77:f8:42:e1:53:cd:0b:c8:71:
63:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D2:5E:A5:AB:83:1A:59:C9:DF:DD:C1:DB:A0:ED:16:5A:F4:64:D7
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/iNJepauDGlnJ393B26DtFlr0ZNc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
83:69:fb:4b:94:57:0e:22:00:2f:9f:00:52:46:59:8c:ff:fc:
4a:e6:12:07:e5:ac:29:40:95:e0:9a:8d:90:57:29:dc:b5:92:
ba:58:1d:38:01:8d:5f:40:7f:a4:f9:65:09:7c:cc:b6:50:fc:
25:ee:ff:8b:3e:01:71:9a:7d:34:f0:ff:ae:46:dc:91:25:33:
bc:d9:b1:a7:1e:ca:38:91:c3:f1:ec:c3:43:31:f0:01:be:88:
ef:db:7a:12:4c:3b:f8:ab:72:a5:dc:76:cb:a2:ae:eb:16:db:
64:d9:fc:95:aa:82:99:b2:dd:82:66:0e:04:91:33:4b:41:80:
ae:1b:69:0b:de:83:f1:84:94:75:4b:1e:6d:76:b9:49:6d:c2:
2e:cd:bc:44:78:73:57:47:a1:21:86:91:a2:77:55:1c:a8:b4:
cb:0f:b6:ca:3c:7b:dd:fe:8c:fc:a2:d9:53:84:c0:de:d9:a3:
f0:75:44:14:f1:e9:59:80:ce:33:17:80:c4:90:c2:53:e6:5e:
b1:8f:10:bd:77:51:4d:82:ff:e4:4b:57:a1:52:78:73:e1:fc:
2e:9a:31:6f:c6:05:fd:be:ce:1a:46:12:ce:af:d4:41:ce:ef:
cc:b1:4c:83:75:95:a4:ce:68:ee:63:8a:c6:5a:f2:1c:9e:5c:
19:30:39:f5
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgx
MjI0NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg4RDI1RUE1QUI4MzFB
NTlDOURGRERDMURCQTBFRDE2NUFGNDY0RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTPKOF5IrjmKVohMYtYBO7JQy6InGGNGu+k0JEhjOOE8pk0VP8
EhrKC1/q7OU26Y5suA2lXYwt7Vux3SqBHF4Wa6hylXV3h/rruh0N+dHHBcfJjZ2J
9SwPIgrsnPfYOYdCg0VYiboc3lI/KNRXUU1QEETA5LHdqluWDeIrvywnhTi5uGo6
1hcGTI041cQEC5wVNevFI5FXCqNtsAyENcM38zHwU+dm0lggzXHhGB827+VGj1ID
ss++fcL5aNKm7wVcLCkjbRMGoWItd7xfCvGtdQxrzG5E8+HleiReQcq5po+ADxvd
FH6AhsVMYjH9j+f19tEFzHf4QuFTzQvIcWMNAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUiNJepauDGlnJ393B26DtFlr0ZNcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2lOSmVwYXVER2xuSjM5
M0IyNkR0RmxyMFpOYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAINp+0uUVw4iAC+fAFJGWYz/
/ErmEgflrClAleCajZBXKdy1krpYHTgBjV9Af6T5ZQl8zLZQ/CXu/4s+AXGafTTw
/65G3JElM7zZsaceyjiRw/Hsw0Mx8AG+iO/behJMO/ircqXcdsuirusW22TZ/JWq
gpmy3YJmDgSRM0tBgK4baQveg/GElHVLHm12uUltwi7NvER4c1dHoSGGkaJ3VRyo
tMsPtso8e93+jPyi2VOEwN7Zo/B1RBTx6VmAzjMXgMSQwlPmXrGPEL13UU2C/+RL
V6FSeHPh/C6aMW/GBf2+zhpGEs6v1EHO78yxTIN1laTOaO5jisZa8hyeXBkwOfU=
Generated at Sat Jan 18 16:05:26 2025 by rpki-client on console.sobornost.net