Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/r_wprTl6XX6PhRGWh_vBZDBnTTc.roa
File: r_wprTl6XX6PhRGWh_vBZDBnTTc.roa (raw, json)
Hash identifier: pmQllbIBFCTX1Ms9Xa962grczC6LbsoF9/UwK0xmXc4=
Subject key identifier: AF:FC:29:AD:39:7A:5D:7E:8F:85:11:96:87:FB:C1:64:30:67:4D:37
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B9A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/r_wprTl6XX6PhRGWh_vBZDBnTTc.roa
Signing time: Mon 03 Feb 2025 11:56:46 +0000
ROA not before: Mon 03 Feb 2025 11:56:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2970 (0xb9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 3 11:56:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AFFC29AD397A5D7E8F85119687FBC16430674D37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:54:2d:62:38:20:6c:23:cf:f1:9d:b6:2f:fc:
37:3c:f6:c0:0a:6a:7d:74:f1:93:17:d8:31:3a:48:
96:ac:94:03:17:95:b7:90:64:6b:2e:57:4b:c2:28:
b2:10:ef:4f:cc:18:29:0c:79:06:b6:6b:dd:b6:21:
21:b8:d2:ff:bd:ff:f8:d3:1a:8b:24:b5:fd:d4:75:
45:4b:7a:77:e4:3c:78:51:20:ff:07:95:ef:81:18:
2b:47:f3:f5:97:92:39:09:d7:73:89:e6:ad:33:9f:
08:2f:17:5f:99:c6:57:82:09:1d:9e:13:cf:a4:bc:
c9:bf:3e:aa:61:18:0d:32:6f:38:a7:a0:2a:c1:df:
ff:f5:8b:c7:61:85:24:dd:ed:e7:1b:7d:48:e4:6d:
94:b4:41:b5:d1:3f:84:80:d8:53:d5:52:24:ae:94:
fc:36:25:88:f7:32:57:17:84:ba:21:de:30:7d:81:
68:c0:60:7c:1a:f1:db:6a:6e:05:58:9b:3a:7f:cd:
56:35:86:39:d0:f4:60:a9:2e:e2:5d:fb:cf:14:84:
9c:14:c0:21:b6:16:9f:bf:a2:cd:b4:e5:ab:92:1e:
14:f8:76:f4:93:20:d1:2c:68:5c:f4:47:28:9f:57:
a0:ff:ff:ec:ae:ca:b3:22:2c:41:42:3a:3b:10:68:
3a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:FC:29:AD:39:7A:5D:7E:8F:85:11:96:87:FB:C1:64:30:67:4D:37
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/r_wprTl6XX6PhRGWh_vBZDBnTTc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:2d:3f:63:fe:c9:8f:76:d0:da:54:4c:56:26:28:44:f9:c9:
5f:17:97:aa:34:d2:81:99:e1:14:ff:fd:43:ee:99:16:f8:71:
e7:ee:82:d0:55:03:67:b1:bb:46:b7:c0:bf:21:65:8d:25:7e:
16:98:d5:89:f3:ac:b3:86:2c:59:63:11:c6:3b:26:42:72:bb:
ef:b9:df:1d:97:ac:55:02:95:a5:cb:3c:9b:b3:43:4e:bb:c6:
45:f6:36:d9:f5:f7:7f:40:e1:55:e7:8d:a3:c7:72:86:69:07:
c4:df:d8:d8:f8:90:81:4f:89:4a:bd:fb:63:b4:81:a9:c6:a3:
bc:a0:60:5b:d1:89:1f:a8:0a:6f:c4:6c:cd:90:10:31:26:38:
0e:8d:e0:fa:17:f9:56:c3:46:ab:3a:8d:91:b4:f7:38:da:fc:
77:a3:65:de:d4:df:27:bd:ba:29:5a:c3:eb:e7:dc:6c:d6:ed:
67:d5:f4:ca:fa:8b:ba:af:d3:d2:19:f6:12:a6:7c:7f:be:e9:
bb:af:41:7d:f1:72:16:c0:66:e5:fe:5f:e0:0f:49:c9:03:00:
49:8d:50:0e:4d:e9:b0:1e:a4:59:89:89:c7:8d:e4:43:c9:3d:
53:78:29:34:2a:3d:49:7f:6b:d7:8b:46:74:c8:0a:11:e3:f4:
51:a4:7e:dc
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDMx
MTU2NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFGRkMyOUFEMzk3QTVE
N0U4Rjg1MTE5Njg3RkJDMTY0MzA2NzREMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0VC1iOCBsI8/xnbYv/Dc89sAKan108ZMX2DE6SJaslAMXlbeQ
ZGsuV0vCKLIQ70/MGCkMeQa2a922ISG40v+9//jTGosktf3UdUVLenfkPHhRIP8H
le+BGCtH8/WXkjkJ13OJ5q0znwgvF1+ZxleCCR2eE8+kvMm/PqphGA0ybzinoCrB
3//1i8dhhSTd7ecbfUjkbZS0QbXRP4SA2FPVUiSulPw2JYj3MlcXhLoh3jB9gWjA
YHwa8dtqbgVYmzp/zVY1hjnQ9GCpLuJd+88UhJwUwCG2Fp+/os205auSHhT4dvST
INEsaFz0RyifV6D//+yuyrMiLEFCOjsQaDoRAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUr/wprTl6XX6PhRGWh/vBZDBnTTcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3Jfd3ByVGw2WFg2UGhS
R1doX3ZCWkRCblRUYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAK0tP2P+yY920NpUTFYmKET5
yV8Xl6o00oGZ4RT//UPumRb4cefugtBVA2exu0a3wL8hZY0lfhaY1YnzrLOGLFlj
EcY7JkJyu++53x2XrFUClaXLPJuzQ067xkX2Ntn1939A4VXnjaPHcoZpB8Tf2Nj4
kIFPiUq9+2O0ganGo7ygYFvRiR+oCm/EbM2QEDEmOA6N4PoX+VbDRqs6jZG09zja
/HejZd7U3ye9uilaw+vn3GzW7WfV9Mr6i7qv09IZ9hKmfH++6buvQX3xchbAZuX+
X+APSckDAEmNUA5N6bAepFmJiceN5EPJPVN4KTQqPUl/a9eLRnTIChHj9FGkftw=
-----END CERTIFICATE-----
Generated at Mon Feb 3 15:42:36 2025 by rpki-client on console.sobornost.net