Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/uZNFBfMSgQ5wuasWtXYJ4lwkC-4.roa
File: uZNFBfMSgQ5wuasWtXYJ4lwkC-4.roa (raw, json)
Hash identifier: vumSjI4YnMkPTjxw9X4WogfZrHNaX47J/nZYsk3UDiQ=
Subject key identifier: B9:93:45:05:F3:12:81:0E:70:B9:AB:16:B5:76:09:E2:5C:24:0B:EE
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07F6
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/uZNFBfMSgQ5wuasWtXYJ4lwkC-4.roa
Signing time: Fri 24 Jan 2025 18:55:05 +0000
ROA not before: Fri 24 Jan 2025 18:55:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2038 (0x7f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 18:55:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B9934505F312810E70B9AB16B57609E25C240BEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:05:72:60:c8:5b:c6:55:7d:4c:ae:a2:3d:d5:
80:04:f7:68:ba:52:91:a0:50:db:bd:eb:e5:9f:9b:
ea:eb:60:1b:cb:a5:76:37:9b:be:cf:86:83:7b:66:
88:6e:82:4c:7d:f2:27:b1:86:ce:61:21:73:3b:67:
9e:29:2a:71:46:2a:1d:ff:cd:47:e1:8b:30:ab:98:
98:5f:1e:00:e7:7b:b4:93:20:5e:f9:3d:6f:85:b3:
47:47:fc:ed:78:c1:eb:a8:95:41:25:56:8a:1a:67:
7f:06:c4:8e:db:d8:57:a3:62:fc:80:c9:91:7f:2c:
28:92:47:29:08:f3:68:e1:68:d6:07:4e:19:e0:4e:
dd:9a:2e:0c:8a:57:d6:70:63:5d:6a:ec:fc:e5:b0:
55:8a:66:0c:82:5c:6b:59:d1:f9:da:5f:31:19:ad:
6f:d4:38:db:f1:3e:75:66:40:84:de:e9:03:59:c1:
6d:4f:9b:8b:60:e9:6a:02:f9:29:fb:7a:42:f6:be:
59:f0:8e:01:2f:d9:fa:24:47:12:f9:e3:bb:41:c6:
91:c1:f5:5f:f6:c6:bf:80:3d:3f:a1:40:7b:e9:3f:
9a:e5:11:e6:7a:a2:a7:62:a6:51:8c:3f:d0:12:a8:
f8:cb:dc:87:34:93:cc:8d:0f:ec:c2:cf:e6:4e:f6:
1e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:93:45:05:F3:12:81:0E:70:B9:AB:16:B5:76:09:E2:5C:24:0B:EE
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/uZNFBfMSgQ5wuasWtXYJ4lwkC-4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
29:54:4b:5f:61:56:67:ea:3e:7b:eb:a8:58:b7:5c:35:8e:9f:
8f:e9:94:c2:35:00:90:18:4b:06:9a:c5:f5:71:45:90:cd:82:
25:74:1b:aa:7c:4d:04:88:8a:3b:ba:d6:86:3d:b2:05:ae:8c:
e6:b3:b8:a8:ba:20:97:5d:7c:ac:82:2f:cd:67:1b:30:f2:3d:
73:2d:ed:47:14:59:9b:a0:00:c8:2d:af:a9:12:69:27:44:9e:
82:f9:00:b0:88:f6:7e:73:69:aa:11:8a:56:de:40:ae:ab:8f:
33:5d:e4:9e:f8:88:5e:d4:5e:c9:c7:bc:75:b7:d2:3e:11:11:
67:0c:cc:a8:bc:80:c3:6f:0b:bf:d8:08:33:69:b8:f2:a1:45:
04:fa:e2:7f:0a:a5:66:c2:d3:83:55:7d:57:40:5b:33:12:de:
18:55:a9:55:a9:e2:cf:cd:75:f6:6c:70:3a:f5:2f:42:95:c9:
a4:1a:16:ab:61:cc:b9:9e:60:f6:fc:65:a7:96:70:17:e0:8f:
88:1d:d1:34:40:ac:31:6f:21:64:4c:71:93:3c:bf:08:9c:91:
91:c1:cd:80:2f:45:2a:f2:f7:17:33:72:67:fe:cf:bc:c1:3c:
2c:36:56:98:55:84:4c:fa:94:33:d3:eb:0a:a8:d8:9d:27:56:
1f:80:34:1d
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQx
ODU1MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI5OTM0NTA1RjMxMjgx
MEU3MEI5QUIxNkI1NzYwOUUyNUMyNDBCRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsBXJgyFvGVX1MrqI91YAE92i6UpGgUNu96+Wfm+rrYBvLpXY3
m77PhoN7Zohugkx98iexhs5hIXM7Z54pKnFGKh3/zUfhizCrmJhfHgDne7STIF75
PW+Fs0dH/O14weuolUElVooaZ38GxI7b2FejYvyAyZF/LCiSRykI82jhaNYHThng
Tt2aLgyKV9ZwY11q7PzlsFWKZgyCXGtZ0fnaXzEZrW/UONvxPnVmQITe6QNZwW1P
m4tg6WoC+Sn7ekL2vlnwjgEv2fokRxL547tBxpHB9V/2xr+APT+hQHvpP5rlEeZ6
oqdiplGMP9ASqPjL3Ic0k8yND+zCz+ZO9h4jAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUuZNFBfMSgQ5wuasWtXYJ4lwkC+4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3VaTkZCZk1TZ1E1d3Vh
c1d0WFlKNGx3a0MtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAClUS19hVmfqPnvrqFi3XDWO
n4/plMI1AJAYSwaaxfVxRZDNgiV0G6p8TQSIiju61oY9sgWujOazuKi6IJddfKyC
L81nGzDyPXMt7UcUWZugAMgtr6kSaSdEnoL5ALCI9n5zaaoRilbeQK6rjzNd5J74
iF7UXsnHvHW30j4REWcMzKi8gMNvC7/YCDNpuPKhRQT64n8KpWbC04NVfVdAWzMS
3hhVqVWp4s/NdfZscDr1L0KVyaQaFqthzLmeYPb8ZaeWcBfgj4gd0TRArDFvIWRM
cZM8vwickZHBzYAvRSry9xczcmf+z7zBPCw2VphVhEz6lDPT6wqo2J0nVh+ANB0=
Generated at Fri Jan 24 22:28:46 2025 by rpki-client on console.sobornost.net