Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/puej65DAwNmN-nlldxWR3MH7PJg.roa
File: puej65DAwNmN-nlldxWR3MH7PJg.roa (raw, json)
Hash identifier: YmwtFH5mvDKqa5OifZhNt+FMa2VjOwm3qYWbNLpi6XQ=
Subject key identifier: A6:E7:A3:EB:90:C0:C0:D9:8D:FA:79:65:77:15:91:DC:C1:FB:3C:98
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 055A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/puej65DAwNmN-nlldxWR3MH7PJg.roa
Signing time: Fri 17 Jan 2025 19:54:44 +0000
ROA not before: Fri 17 Jan 2025 19:54:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1370 (0x55a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 17 19:54:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A6E7A3EB90C0C0D98DFA7965771591DCC1FB3C98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ea:13:21:df:6b:f3:10:a4:f4:34:d9:31:ba:
ab:26:ed:83:3f:94:ad:b2:f7:0c:11:61:35:a5:74:
ba:91:46:fd:98:3e:45:42:5c:b4:dd:72:38:c7:5c:
cf:3d:c5:8f:47:85:e4:42:e0:1e:ba:f6:3a:48:49:
76:f7:2f:2b:23:1c:cd:30:e1:bd:3c:e6:0d:f7:be:
81:12:b6:08:5e:90:8d:32:30:22:e5:c4:5e:cf:d5:
5d:80:3f:36:f4:1d:a4:d0:77:49:4b:f6:f3:f1:44:
3e:13:f2:e6:eb:ab:86:b8:7e:c0:1c:c5:84:17:f3:
1f:7e:70:f8:49:cc:7d:98:2d:a3:66:86:7c:62:d9:
38:84:fc:3b:b3:44:5f:d2:8a:35:fe:58:28:f1:6b:
76:cc:b8:46:31:a0:6c:a3:8a:c1:45:02:0c:6d:81:
61:46:49:fb:ee:6c:d1:0a:11:f9:bf:7b:51:86:b1:
e1:20:99:7c:12:f1:63:2e:94:40:1b:72:2b:99:75:
81:58:32:f5:9d:3d:1b:f2:4f:80:fd:e8:3a:15:0a:
09:e2:da:60:f7:a8:55:5d:35:08:fe:a6:f0:f3:94:
74:a4:fb:59:22:8a:30:ec:a6:85:ae:2e:1c:ae:c9:
e1:66:4d:15:e4:38:af:82:87:41:92:4a:e1:07:18:
05:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E7:A3:EB:90:C0:C0:D9:8D:FA:79:65:77:15:91:DC:C1:FB:3C:98
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/puej65DAwNmN-nlldxWR3MH7PJg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
07:54:71:04:ab:3a:43:54:1e:9c:33:83:3a:1d:52:b6:22:6e:
14:c6:6d:63:70:9e:b0:56:12:78:0f:f1:86:de:5c:28:c7:95:
84:08:9d:ff:a8:4c:1f:a4:06:74:05:bb:46:d4:db:4f:ff:0f:
82:ae:83:cc:54:79:39:fb:7e:da:d5:4d:ba:01:f6:90:45:8f:
a6:67:31:0e:09:13:29:bd:1c:5c:3a:59:4d:b8:0b:62:60:86:
96:a6:dd:90:84:2b:25:d9:73:d8:1d:c6:fb:6d:1c:bb:cd:f8:
b0:6e:3e:45:b5:82:b3:62:08:8b:82:f0:45:86:a0:8b:52:09:
56:7e:1c:e6:17:3c:84:d4:8d:2e:83:74:b0:4e:41:05:d7:ea:
27:89:11:4a:67:a5:96:c3:ff:3d:a2:49:07:19:65:dc:5b:25:
e3:e3:35:ce:f8:9a:80:77:9e:08:f6:55:28:fd:cb:a8:47:af:
73:17:0f:9e:b3:ae:72:b7:21:dc:55:5b:97:b1:33:4a:ff:07:
03:34:b5:12:d9:b1:62:81:31:f9:8c:bc:ef:15:19:83:0f:a6:
9b:3d:9c:20:04:a9:ca:77:85:49:70:f0:db:22:f2:91:8c:8b:
ff:17:64:a1:34:8f:71:ae:f0:fd:fa:61:c5:cb:af:89:96:8a:
09:e3:5c:a7
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTcx
OTU0NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE2RTdBM0VCOTBDMEMw
RDk4REZBNzk2NTc3MTU5MURDQzFGQjNDOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU6hMh32vzEKT0NNkxuqsm7YM/lK2y9wwRYTWldLqRRv2YPkVC
XLTdcjjHXM89xY9HheRC4B669jpISXb3LysjHM0w4b085g33voEStghekI0yMCLl
xF7P1V2APzb0HaTQd0lL9vPxRD4T8ubrq4a4fsAcxYQX8x9+cPhJzH2YLaNmhnxi
2TiE/DuzRF/SijX+WCjxa3bMuEYxoGyjisFFAgxtgWFGSfvubNEKEfm/e1GGseEg
mXwS8WMulEAbciuZdYFYMvWdPRvyT4D96DoVCgni2mD3qFVdNQj+pvDzlHSk+1ki
ijDspoWuLhyuyeFmTRXkOK+Ch0GSSuEHGAXdAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUpuej65DAwNmN+nlldxWR3MH7PJgwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3B1ZWo2NURBd05tTi1u
bGxkeFdSM01IN1BKZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAAdUcQSrOkNUHpwzgzodUrYi
bhTGbWNwnrBWEngP8YbeXCjHlYQInf+oTB+kBnQFu0bU20//D4Kug8xUeTn7ftrV
TboB9pBFj6ZnMQ4JEym9HFw6WU24C2Jghpam3ZCEKyXZc9gdxvttHLvN+LBuPkW1
grNiCIuC8EWGoItSCVZ+HOYXPITUjS6DdLBOQQXX6ieJEUpnpZbD/z2iSQcZZdxb
JePjNc74moB3ngj2VSj9y6hHr3MXD56zrnK3IdxVW5exM0r/BwM0tRLZsWKBMfmM
vO8VGYMPpps9nCAEqcp3hUlw8Nsi8pGMi/8XZKE0j3Gu8P36YcXLr4mWignjXKc=
Generated at Fri Jan 17 23:26:30 2025 by rpki-client on console.sobornost.net