Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/luaPHXfLir4Nj34Pfk6CF3ctbVs.roa
File: luaPHXfLir4Nj34Pfk6CF3ctbVs.roa (raw, json)
Hash identifier: wiTJSZ+d3CZrFRRI6driuooXqeRCxRNO7CDQItcuYHs=
Subject key identifier: 96:E6:8F:1D:77:CB:8A:BE:0D:8F:7E:0F:7E:4E:82:17:77:2D:6D:5B
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B08
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/luaPHXfLir4Nj34Pfk6CF3ctbVs.roa
Signing time: Sat 01 Feb 2025 23:25:36 +0000
ROA not before: Sat 01 Feb 2025 23:25:36 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2824 (0xb08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 23:25:36 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=96E68F1D77CB8ABE0D8F7E0F7E4E8217772D6D5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:70:44:0a:72:91:42:b1:64:aa:ea:b4:76:a2:
a7:f6:0b:a4:22:12:b3:c8:da:b5:02:06:f4:49:b2:
88:4d:9c:25:e7:88:00:c1:8a:05:de:99:d6:f5:c6:
4f:ff:d1:a9:b8:d6:66:51:ed:eb:e6:20:5b:8e:97:
41:6a:a7:e2:ee:7e:74:b3:e3:db:4c:7f:b1:0d:ca:
92:bb:bc:0b:df:44:a2:37:f9:74:1f:59:78:3c:b0:
a6:ae:16:f2:02:bb:25:06:01:93:fc:4e:31:55:91:
57:99:b8:9f:f2:42:8e:47:9a:e2:60:92:f8:64:10:
3e:53:13:bf:f2:5c:56:db:26:71:cb:3f:7b:97:d4:
37:3b:47:f2:be:88:c0:c4:25:58:ce:b2:7d:d8:9f:
80:b4:db:29:c0:d0:a3:60:bb:cc:84:a9:e8:4f:cc:
9b:97:11:9a:fc:bb:b3:59:7c:8a:b7:b3:65:21:2c:
4c:6a:08:a0:21:40:d4:7e:d9:8f:24:95:a9:6e:cc:
4b:4c:f2:d3:30:c2:ed:ef:89:69:0a:61:cf:c3:6e:
e8:d7:86:b2:15:90:12:fa:18:45:26:de:cc:c0:dd:
fe:f6:4c:50:64:ed:53:9e:15:3f:88:16:3d:e7:54:
d9:d1:13:fc:c2:ef:b3:13:94:86:70:85:d5:83:80:
ac:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E6:8F:1D:77:CB:8A:BE:0D:8F:7E:0F:7E:4E:82:17:77:2D:6D:5B
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/luaPHXfLir4Nj34Pfk6CF3ctbVs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
99:dd:37:85:eb:9d:a1:d7:7b:06:a1:56:13:52:b1:f0:7a:aa:
a3:fb:3f:04:e5:ce:06:3d:72:51:c2:96:9a:a1:e4:94:5e:f2:
00:1b:b9:30:c4:c9:f2:a4:73:5a:4c:08:b8:72:85:c7:1b:cb:
c9:b7:1a:02:64:4a:b6:75:c4:81:d4:9e:d1:b9:fb:bf:4c:5f:
71:0e:3c:e1:e0:e8:18:e0:f2:77:0d:98:a1:38:98:89:39:23:
ed:7f:fa:2e:1e:ca:e1:ee:66:ce:28:3d:89:3c:51:5d:b4:79:
04:93:de:93:0a:e1:30:b4:83:44:11:3a:23:40:91:c1:cf:c5:
bb:6f:fe:eb:34:e5:9b:db:1d:7b:5c:e8:4d:16:21:e0:77:63:
7f:44:73:ed:89:61:90:47:d3:15:dd:eb:f0:2e:26:37:87:87:
43:20:43:3e:eb:31:f1:ac:52:d6:a2:57:94:ff:b8:f7:fe:40:
2f:fb:85:d1:5a:62:80:f4:81:3d:02:f1:77:be:7a:b0:fd:66:
c8:f5:b9:7b:e6:60:0c:77:8f:b2:6a:88:23:e6:e8:3b:ad:a6:
90:29:cb:9d:88:63:9e:0e:15:8e:5b:73:f3:78:8a:52:ce:fe:
59:fb:e0:fe:ae:bc:1f:63:e9:ac:bd:8b:38:9b:fa:f0:0b:db:
9f:c8:44:12
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCwgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEy
MzI1MzZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk2RTY4RjFENzdDQjhB
QkUwRDhGN0UwRjdFNEU4MjE3NzcyRDZENUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdcEQKcpFCsWSq6rR2oqf2C6QiErPI2rUCBvRJsohNnCXniADB
igXemdb1xk//0am41mZR7evmIFuOl0Fqp+LufnSz49tMf7ENypK7vAvfRKI3+XQf
WXg8sKauFvICuyUGAZP8TjFVkVeZuJ/yQo5HmuJgkvhkED5TE7/yXFbbJnHLP3uX
1Dc7R/K+iMDEJVjOsn3Yn4C02ynA0KNgu8yEqehPzJuXEZr8u7NZfIq3s2UhLExq
CKAhQNR+2Y8klaluzEtM8tMwwu3viWkKYc/DbujXhrIVkBL6GEUm3szA3f72TFBk
7VOeFT+IFj3nVNnRE/zC77MTlIZwhdWDgKwRAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUluaPHXfLir4Nj34Pfk6CF3ctbVswHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2x1YVBIWGZMaXI0Tmoz
NFBmazZDRjNjdGJWcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAJndN4XrnaHXewahVhNSsfB6
qqP7PwTlzgY9clHClpqh5JRe8gAbuTDEyfKkc1pMCLhyhccby8m3GgJkSrZ1xIHU
ntG5+79MX3EOPOHg6Bjg8ncNmKE4mIk5I+1/+i4eyuHuZs4oPYk8UV20eQST3pMK
4TC0g0QROiNAkcHPxbtv/us05ZvbHXtc6E0WIeB3Y39Ec+2JYZBH0xXd6/AuJjeH
h0MgQz7rMfGsUtaiV5T/uPf+QC/7hdFaYoD0gT0C8Xe+erD9Zsj1uXvmYAx3j7Jq
iCPm6DutppApy52IY54OFY5bc/N4ilLO/ln74P6uvB9j6ay9izib+vAL25/IRBI=
Generated at Sun Feb 2 03:30:18 2025 by rpki-client on console.sobornost.net