Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/vW3Df9K1UnPPcwjyIy-iLLhTVo8.roa
File: vW3Df9K1UnPPcwjyIy-iLLhTVo8.roa (raw, json)
Hash identifier: Gq0JbE1y1ff4CaWEfeC2KURm+LdJL1meIlbmVBxDV/4=
Subject key identifier: BD:6D:C3:7F:D2:B5:52:73:CF:73:08:F2:23:2F:A2:2C:B8:53:56:8F
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BD6
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/vW3Df9K1UnPPcwjyIy-iLLhTVo8.roa
Signing time: Tue 04 Feb 2025 02:55:39 +0000
ROA not before: Tue 04 Feb 2025 02:55:39 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3030 (0xbd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 4 02:55:39 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BD6DC37FD2B55273CF7308F2232FA22CB853568F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:d8:31:14:57:f9:bb:92:98:4e:6a:80:a0:
32:4a:4e:2e:5e:d5:a1:e7:41:a8:31:67:2f:91:2c:
81:74:87:3b:9f:9a:ee:13:84:7c:85:32:b4:39:8c:
88:8b:7e:6e:ae:45:c5:d0:35:ef:07:da:c9:e1:b5:
ed:86:7c:f2:54:7c:97:41:8d:39:ec:48:91:bd:d6:
73:70:f0:97:b3:b4:c5:80:0e:09:0b:1c:3c:de:14:
19:aa:7d:1b:29:17:76:ec:af:46:e9:72:9e:99:b9:
ab:3a:4c:e7:17:32:2f:26:a8:b4:ae:b7:2b:4f:03:
9e:5b:a8:b9:12:d8:ab:fa:9d:45:99:2d:c5:7d:36:
11:51:0e:a6:8c:14:f7:c5:0f:69:0c:77:0e:83:91:
72:e7:62:22:12:82:6e:84:15:67:df:f3:af:7f:68:
bc:b8:77:bf:58:61:d5:d1:99:51:7d:52:66:42:ef:
ba:49:bf:70:5f:21:35:4b:77:19:ed:99:ad:74:3f:
0e:14:19:ad:fd:bb:79:ed:e0:c1:c3:d1:34:fd:2b:
17:6c:4d:d8:21:bd:ca:b9:b2:6c:ba:bd:18:fc:a4:
90:09:c0:d6:ee:7c:07:2c:33:bd:a8:3b:b9:f8:c3:
97:3f:4b:23:62:1d:d4:4b:2c:cf:10:3d:e5:0e:3f:
19:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6D:C3:7F:D2:B5:52:73:CF:73:08:F2:23:2F:A2:2C:B8:53:56:8F
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/vW3Df9K1UnPPcwjyIy-iLLhTVo8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
ac:50:0b:aa:94:4a:74:0d:35:07:54:f0:d9:8c:b2:a9:c1:de:
bf:29:69:4d:c8:3d:ea:03:13:8e:8b:94:00:c8:78:26:40:8b:
be:6d:18:60:b8:bf:7f:7c:c6:16:e1:ef:06:f4:79:04:9a:41:
27:00:e4:b1:17:2a:36:1d:1d:f7:16:c1:14:dd:12:18:4f:0b:
ea:00:ea:43:c9:be:02:fd:db:69:e7:66:5d:c4:66:d2:ad:03:
cf:5b:55:9e:83:ca:d7:80:f5:b7:a0:f2:5b:d8:52:d2:ac:4b:
d9:a2:9c:22:a9:8d:9c:c0:d6:c7:33:90:b7:eb:ac:2a:05:af:
c9:d0:d3:1c:47:8c:54:33:85:8a:5c:5d:0f:cc:13:82:fa:fd:
fa:49:78:41:ea:8b:2e:a3:e8:82:de:7e:23:4f:d8:fe:aa:06:
3d:59:1d:eb:c7:97:22:1f:87:48:4a:be:f6:28:b0:2a:2c:53:
1f:e7:d4:96:fc:dd:34:3f:49:35:e1:c6:69:81:b8:1a:01:93:
08:9e:ae:df:be:d2:82:a1:0c:89:79:19:02:d9:69:ad:24:03:
c6:cf:c1:d9:45:63:34:53:af:73:0b:1b:e3:a4:85:a8:0b:86:
42:80:32:8a:e7:32:ca:e3:80:8b:e9:20:98:dd:12:37:d9:65:
7f:76:92:43
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDQw
MjU1MzlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJENkRDMzdGRDJCNTUy
NzNDRjczMDhGMjIzMkZBMjJDQjg1MzU2OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0iNgxFFf5u5KYTmqAoDJKTi5e1aHnQagxZy+RLIF0hzufmu4T
hHyFMrQ5jIiLfm6uRcXQNe8H2snhte2GfPJUfJdBjTnsSJG91nNw8JeztMWADgkL
HDzeFBmqfRspF3bsr0bpcp6Zuas6TOcXMi8mqLSutytPA55bqLkS2Kv6nUWZLcV9
NhFRDqaMFPfFD2kMdw6DkXLnYiISgm6EFWff869/aLy4d79YYdXRmVF9UmZC77pJ
v3BfITVLdxntma10Pw4UGa39u3nt4MHD0TT9KxdsTdghvcq5smy6vRj8pJAJwNbu
fAcsM72oO7n4w5c/SyNiHdRLLM8QPeUOPxnZAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUvW3Df9K1UnPPcwjyIy+iLLhTVo8wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3ZXM0RmOUsxVW5QUGN3
anlJeS1pTExoVFZvOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKxQC6qUSnQNNQdU8NmMsqnB
3r8paU3IPeoDE46LlADIeCZAi75tGGC4v398xhbh7wb0eQSaQScA5LEXKjYdHfcW
wRTdEhhPC+oA6kPJvgL922nnZl3EZtKtA89bVZ6DyteA9beg8lvYUtKsS9minCKp
jZzA1sczkLfrrCoFr8nQ0xxHjFQzhYpcXQ/ME4L6/fpJeEHqiy6j6ILefiNP2P6q
Bj1ZHevHlyIfh0hKvvYosCosUx/n1Jb83TQ/STXhxmmBuBoBkwiert++0oKhDIl5
GQLZaa0kA8bPwdlFYzRTr3MLG+OkhagLhkKAMornMsrjgIvpIJjdEjfZZX92kkM=
Generated at Tue Feb 4 08:11:07 2025 by rpki-client on console.sobornost.net