Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/llEPX8a5lU-LLJLpFnEG8PdlNBw.roa
File: llEPX8a5lU-LLJLpFnEG8PdlNBw.roa (raw, json)
Hash identifier: HYaw8ZpJ/D8Hvuzn9up03o8NL1jEV+/9vcCIqH3zxFI=
Subject key identifier: 96:51:0F:5F:C6:B9:95:4F:8B:2C:92:E9:16:71:06:F0:F7:65:34:1C
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0584
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/llEPX8a5lU-LLJLpFnEG8PdlNBw.roa
Signing time: Sat 18 Jan 2025 06:25:22 +0000
ROA not before: Sat 18 Jan 2025 06:25:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1412 (0x584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 06:25:22 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=96510F5FC6B9954F8B2C92E9167106F0F765341C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:86:6d:35:f2:22:71:22:6c:09:af:67:bb:8f:
14:40:78:56:13:59:be:3e:e5:57:91:7b:5a:00:2f:
a3:e4:5e:9f:a0:8e:5f:77:ef:44:9b:8e:4c:59:40:
67:12:2b:b6:74:84:2e:23:dd:e2:5d:55:6c:02:1f:
1c:2f:25:16:04:b6:d9:30:f5:e1:b8:85:51:d4:04:
aa:a8:8a:d3:ba:c0:54:2c:02:5a:6d:bd:97:45:51:
b9:7f:f2:5f:57:7f:48:14:23:48:4d:a8:19:4d:aa:
15:ae:85:ea:df:25:3c:2b:88:2d:15:08:57:aa:f9:
3b:55:4b:57:b3:b3:c6:d7:d1:dc:ad:88:30:58:33:
bd:bf:65:ac:96:4a:e1:4f:bb:02:92:7a:d0:7e:f6:
27:e7:89:0d:0a:87:03:09:94:53:54:4f:e6:9e:d8:
0c:76:dc:c9:c0:8b:e8:ea:07:f5:41:f0:b1:59:0d:
94:2e:b6:85:1d:f1:bb:1c:53:23:69:6f:26:c8:09:
bc:cf:da:1d:83:f6:c0:d1:b4:39:22:1b:da:ab:48:
81:50:de:3d:3e:17:d7:f6:fa:e8:2a:1b:d6:68:8b:
6b:cf:df:d1:e4:cc:0f:a0:5a:47:30:bd:bc:14:56:
3b:26:79:18:e9:83:44:ae:34:66:49:d8:31:6c:0d:
60:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:51:0F:5F:C6:B9:95:4F:8B:2C:92:E9:16:71:06:F0:F7:65:34:1C
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/llEPX8a5lU-LLJLpFnEG8PdlNBw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:3b:3f:16:80:c5:61:1e:79:fa:57:bf:8d:aa:7b:ff:b9:68:
bd:ac:04:f5:48:a9:85:06:c9:bd:dc:a9:f2:0c:de:00:f5:37:
c0:48:4e:8b:a3:2c:f4:dd:bd:27:60:ef:c5:17:fa:1a:d6:5f:
1b:24:9e:39:19:27:4c:a0:5c:4e:39:b4:93:a3:e0:8a:b8:94:
91:ee:45:5e:ae:38:65:20:57:46:51:e8:7c:76:aa:a8:9c:18:
17:16:fb:64:e3:0e:a9:a8:5c:f4:28:8b:ca:17:e1:15:f1:c9:
66:07:63:96:6c:99:b3:9d:04:cf:8b:bd:28:e8:c6:cf:5a:1a:
28:72:fb:a7:5c:1a:ad:10:d3:c3:c5:92:63:94:b2:fe:67:13:
31:07:77:f4:52:a7:1d:8c:6e:4b:2d:49:51:3b:6d:13:59:f0:
06:5d:77:07:fc:91:70:41:26:c3:3d:17:08:79:23:03:c5:69:
5d:eb:07:9f:a3:b3:88:42:fc:91:98:a6:43:e3:20:79:02:88:
c6:b8:76:6a:9a:49:c9:2b:82:f1:89:69:e6:1a:c0:c7:f4:5f:
61:c6:bb:7e:ad:e9:25:69:11:68:83:be:37:c7:cb:b2:eb:59:
76:3a:e5:4c:7c:60:27:20:91:43:92:ee:b4:22:80:c2:57:6f:
1c:0d:12:94
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgw
NjI1MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk2NTEwRjVGQzZCOTk1
NEY4QjJDOTJFOTE2NzEwNkYwRjc2NTM0MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+hm018iJxImwJr2e7jxRAeFYTWb4+5VeRe1oAL6PkXp+gjl93
70SbjkxZQGcSK7Z0hC4j3eJdVWwCHxwvJRYEttkw9eG4hVHUBKqoitO6wFQsAlpt
vZdFUbl/8l9Xf0gUI0hNqBlNqhWuherfJTwriC0VCFeq+TtVS1ezs8bX0dytiDBY
M72/ZayWSuFPuwKSetB+9ifniQ0KhwMJlFNUT+ae2Ax23MnAi+jqB/VB8LFZDZQu
toUd8bscUyNpbybICbzP2h2D9sDRtDkiG9qrSIFQ3j0+F9f2+ugqG9Zoi2vP39Hk
zA+gWkcwvbwUVjsmeRjpg0SuNGZJ2DFsDWCtAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUllEPX8a5lU+LLJLpFnEG8PdlNBwwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2xsRVBYOGE1bFUtTExK
THBGbkVHOFBkbE5Cdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAG87PxaAxWEeefpXv42qe/+5
aL2sBPVIqYUGyb3cqfIM3gD1N8BIToujLPTdvSdg78UX+hrWXxsknjkZJ0ygXE45
tJOj4Iq4lJHuRV6uOGUgV0ZR6Hx2qqicGBcW+2TjDqmoXPQoi8oX4RXxyWYHY5Zs
mbOdBM+LvSjoxs9aGihy+6dcGq0Q08PFkmOUsv5nEzEHd/RSpx2MbkstSVE7bRNZ
8AZddwf8kXBBJsM9Fwh5IwPFaV3rB5+js4hC/JGYpkPjIHkCiMa4dmqaSckrgvGJ
aeYawMf0X2HGu36t6SVpEWiDvjfHy7LrWXY65Ux8YCcgkUOS7rQigMJXbxwNEpQ=
Generated at Sat Jan 18 11:59:47 2025 by rpki-client on console.sobornost.net