Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/v2B2KHzZKODpDPRtUmq6R8l16Mo.roa
File: v2B2KHzZKODpDPRtUmq6R8l16Mo.roa (raw, json)
Hash identifier: db5bs8hcBL7vyU90DkRQwTwdDebjnXN4JDi5sgvWffc=
Subject key identifier: BF:60:76:28:7C:D9:28:E0:E9:0C:F4:6D:52:6A:BA:47:C9:75:E8:CA
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CBC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/v2B2KHzZKODpDPRtUmq6R8l16Mo.roa
Signing time: Thu 06 Feb 2025 12:25:48 +0000
ROA not before: Thu 06 Feb 2025 12:25:48 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3260 (0xcbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 12:25:48 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BF6076287CD928E0E90CF46D526ABA47C975E8CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ea:51:dc:9e:bf:e3:34:bb:65:11:f5:92:05:
13:7b:af:3a:5d:53:fe:52:3e:c5:99:09:08:fa:30:
6d:ae:c8:d3:a5:1e:44:52:2a:71:b1:3f:86:96:a8:
b0:9d:4c:49:3d:1b:3d:29:01:c5:11:db:42:52:3f:
27:97:cc:ac:ff:72:ba:bf:f5:27:15:32:c0:85:b7:
65:35:31:37:25:b2:0c:12:1a:62:94:ff:af:21:4d:
7f:2c:81:4e:2d:35:4b:ca:5a:f9:da:38:37:8a:ee:
81:b3:eb:00:ed:5e:1a:27:ae:3c:2d:19:99:89:b9:
73:b5:cf:00:4b:01:a5:4f:bb:83:8b:eb:a2:91:89:
7c:b1:d1:46:e9:82:db:a8:58:48:dc:50:80:18:1b:
82:66:4a:da:b1:bf:4c:0a:d9:d0:62:08:d3:6c:eb:
22:1a:98:0d:e1:7c:3a:31:cd:9b:b9:f2:60:13:dd:
33:4e:2e:85:ed:39:37:0f:84:a7:ae:34:c6:ec:97:
a9:91:bf:1b:98:61:e5:a2:27:37:c6:4e:ef:1a:f1:
a3:c2:9d:0a:ba:dc:c5:0a:08:fc:fb:b4:bc:2a:e4:
70:47:b1:2e:df:9e:d0:dc:40:de:05:c3:d5:f8:83:
a2:0e:13:af:13:25:86:3a:a8:76:b9:d0:71:21:f6:
45:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:60:76:28:7C:D9:28:E0:E9:0C:F4:6D:52:6A:BA:47:C9:75:E8:CA
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/v2B2KHzZKODpDPRtUmq6R8l16Mo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
73:d5:68:1b:26:2b:8e:d4:cd:ab:19:00:bd:c3:bf:4c:93:d5:
aa:0d:69:2d:65:7f:b5:45:1e:3c:21:98:cf:37:af:4d:e4:74:
67:38:95:db:06:b5:0e:15:9f:f1:e5:a6:44:37:bf:35:6d:8a:
c9:c0:f7:ca:3d:c9:67:67:29:28:d4:44:75:59:f7:a7:95:5b:
48:3d:0c:15:bb:ed:55:2b:82:9c:89:b4:35:5b:3b:17:cc:74:
ef:6d:a4:2e:0f:ca:43:f2:eb:62:34:4c:c9:df:e2:0d:1c:27:
29:06:f9:8f:96:32:7d:86:4e:34:de:5d:a1:ed:cc:9f:1a:b2:
bc:e9:ae:51:94:7c:1a:88:d2:3d:a9:7f:fe:7a:f2:fc:96:d6:
ee:51:fd:29:4a:b6:0f:36:b3:5c:45:1f:03:f6:e5:69:6e:b4:
f5:15:1f:97:fb:03:64:20:1b:51:9b:42:49:b5:a0:08:2b:01:
92:a2:00:fb:3c:b1:1a:7a:55:94:f5:0e:29:00:83:64:f5:49:
48:97:ff:40:5e:fe:13:08:87:e9:77:8a:9f:ca:6d:ef:c7:6f:
d6:1f:a0:ab:b2:9f:ee:00:ca:0d:ce:99:0c:44:3e:01:03:bd:
d7:ef:2f:a8:b4:1b:ac:b9:d3:7a:84:2a:2d:45:d3:dc:b8:34:
6d:98:28:d1
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYx
MjI1NDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJGNjA3NjI4N0NEOTI4
RTBFOTBDRjQ2RDUyNkFCQTQ3Qzk3NUU4Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl6lHcnr/jNLtlEfWSBRN7rzpdU/5SPsWZCQj6MG2uyNOlHkRS
KnGxP4aWqLCdTEk9Gz0pAcUR20JSPyeXzKz/crq/9ScVMsCFt2U1MTclsgwSGmKU
/68hTX8sgU4tNUvKWvnaODeK7oGz6wDtXhonrjwtGZmJuXO1zwBLAaVPu4OL66KR
iXyx0UbpgtuoWEjcUIAYG4JmStqxv0wK2dBiCNNs6yIamA3hfDoxzZu58mAT3TNO
LoXtOTcPhKeuNMbsl6mRvxuYYeWiJzfGTu8a8aPCnQq63MUKCPz7tLwq5HBHsS7f
ntDcQN4Fw9X4g6IOE68TJYY6qHa50HEh9kVFAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUv2B2KHzZKODpDPRtUmq6R8l16MowHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3YyQjJLSHpaS09EcERQ
UnRVbXE2UjhsMTZNby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHPVaBsmK47UzasZAL3Dv0yT
1aoNaS1lf7VFHjwhmM83r03kdGc4ldsGtQ4Vn/HlpkQ3vzVtisnA98o9yWdnKSjU
RHVZ96eVW0g9DBW77VUrgpyJtDVbOxfMdO9tpC4PykPy62I0TMnf4g0cJykG+Y+W
Mn2GTjTeXaHtzJ8asrzprlGUfBqI0j2pf/568vyW1u5R/SlKtg82s1xFHwP25Wlu
tPUVH5f7A2QgG1GbQkm1oAgrAZKiAPs8sRp6VZT1DikAg2T1SUiX/0Be/hMIh+l3
ip/Kbe/Hb9YfoKuyn+4Ayg3OmQxEPgEDvdfvL6i0G6y503qEKi1F09y4NG2YKNE=
Generated at Thu Feb 6 16:15:44 2025 by rpki-client on console.sobornost.net