Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/vgwBWV2Ma_1_oZeSduS85_IDPkI.roa
File: vgwBWV2Ma_1_oZeSduS85_IDPkI.roa (raw, json)
Hash identifier: Kh1bzpbmxWrizGIYu8tUPWhF0/4W19fa9l3RSSiJ0pg=
Subject key identifier: BE:0C:01:59:5D:8C:6B:FD:7F:A1:97:92:76:E4:BC:E7:F2:03:3E:42
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0870
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/vgwBWV2Ma_1_oZeSduS85_IDPkI.roa
Signing time: Sun 26 Jan 2025 01:25:11 +0000
ROA not before: Sun 26 Jan 2025 01:25:11 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2160 (0x870)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 26 01:25:11 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BE0C01595D8C6BFD7FA1979276E4BCE7F2033E42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:20:d8:d3:a8:c8:f0:c6:97:86:bb:db:08:
4a:0d:01:14:15:b6:62:f1:18:4e:f5:8d:d1:bf:89:
4d:78:b3:36:3d:51:b5:18:77:78:2e:fc:ea:af:cb:
72:93:68:1a:15:0f:72:23:03:d3:a7:79:66:c7:af:
20:66:de:69:e5:5a:dc:c7:16:74:27:f8:86:2c:3d:
bc:16:cb:0a:d0:81:db:e7:5c:83:05:32:33:69:ac:
f9:1c:4d:e9:97:03:65:00:3f:1e:f1:12:32:92:72:
b7:3d:3f:f9:c0:c6:7e:3f:29:c1:22:5e:4c:bf:4c:
74:b9:e9:ca:4e:91:0b:60:d8:a8:3d:cd:57:38:9f:
e0:38:5d:52:96:d7:d6:c0:36:ff:61:c4:35:85:f1:
09:23:b6:a8:a8:19:8b:5b:21:fa:3d:43:04:92:38:
64:b1:b4:42:2b:09:8f:2b:2f:7a:0e:04:af:5a:17:
1f:dc:63:e6:d4:36:3d:3b:5e:dc:b4:bf:1c:05:8f:
a9:09:29:59:b4:a0:cf:a7:5a:98:13:17:68:78:cd:
60:ed:44:1c:40:ab:a3:12:86:4a:fd:b9:b4:f1:0b:
18:f3:d2:4f:5c:f2:2b:b5:48:24:83:d4:33:b9:b4:
b9:88:76:f4:e4:02:19:3d:50:d7:57:a6:7e:c5:e8:
cb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0C:01:59:5D:8C:6B:FD:7F:A1:97:92:76:E4:BC:E7:F2:03:3E:42
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/vgwBWV2Ma_1_oZeSduS85_IDPkI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
91:61:5f:20:80:cb:9e:83:08:2f:f6:23:a2:ab:29:86:ec:c8:
58:d7:17:70:84:99:78:8d:c0:81:d7:57:e7:d1:a1:d1:d6:e7:
a2:4b:3f:55:3a:91:8d:5e:ec:7b:2b:fa:7c:8f:9f:c4:b2:0c:
39:70:0b:8b:a5:9a:f4:d0:4a:07:e1:71:92:4d:08:aa:06:97:
ea:2e:fa:f7:38:4d:d7:5e:8e:53:17:63:0f:59:83:01:fb:22:
43:f8:eb:77:9c:37:c1:b3:53:b2:43:17:d2:3f:bb:56:73:a4:
71:20:73:bc:87:99:3b:07:07:47:ea:83:7d:7e:b9:90:66:3d:
b6:cc:ff:c1:54:e8:36:9f:d6:77:ed:27:f9:63:e5:d4:f5:96:
c1:93:0f:ef:49:32:ee:10:35:24:86:d0:15:d9:cc:9d:7c:25:
23:12:71:0b:e4:40:ed:69:bc:73:be:ea:db:55:6c:af:25:d9:
07:05:5b:7e:3c:29:4c:05:7c:9b:17:9f:ca:6f:56:6d:e4:d6:
13:40:b0:bc:c3:81:db:8a:0b:1a:2c:f1:75:18:49:47:1a:ea:
58:75:e7:a2:65:1b:fd:22:33:53:e1:a9:66:03:d4:29:51:45:
39:f8:95:cf:3d:f0:f8:fa:f9:81:6e:7e:2e:9b:12:3f:3f:08:
3f:99:4d:3e
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjYw
MTI1MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJFMEMwMTU5NUQ4QzZC
RkQ3RkExOTc5Mjc2RTRCQ0U3RjIwMzNFNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3eyDY06jI8MaXhrvbCEoNARQVtmLxGE71jdG/iU14szY9UbUY
d3gu/Oqvy3KTaBoVD3IjA9OneWbHryBm3mnlWtzHFnQn+IYsPbwWywrQgdvnXIMF
MjNprPkcTemXA2UAPx7xEjKScrc9P/nAxn4/KcEiXky/THS56cpOkQtg2Kg9zVc4
n+A4XVKW19bANv9hxDWF8QkjtqioGYtbIfo9QwSSOGSxtEIrCY8rL3oOBK9aFx/c
Y+bUNj07Xty0vxwFj6kJKVm0oM+nWpgTF2h4zWDtRBxAq6MShkr9ubTxCxjz0k9c
8iu1SCSD1DO5tLmIdvTkAhk9UNdXpn7F6MtFAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUvgwBWV2Ma/1/oZeSduS85/IDPkIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3Znd0JXVjJNYV8xX29a
ZVNkdVM4NV9JRFBrSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAJFhXyCAy56DCC/2I6KrKYbs
yFjXF3CEmXiNwIHXV+fRodHW56JLP1U6kY1e7Hsr+nyPn8SyDDlwC4ulmvTQSgfh
cZJNCKoGl+ou+vc4TddejlMXYw9ZgwH7IkP463ecN8GzU7JDF9I/u1ZzpHEgc7yH
mTsHB0fqg31+uZBmPbbM/8FU6Daf1nftJ/lj5dT1lsGTD+9JMu4QNSSG0BXZzJ18
JSMScQvkQO1pvHO+6ttVbK8l2QcFW348KUwFfJsXn8pvVm3k1hNAsLzDgduKCxos
8XUYSUca6lh156JlG/0iM1PhqWYD1ClRRTn4lc898Pj6+YFufi6bEj8/CD+ZTT4=
Generated at Sun Jan 26 05:41:51 2025 by rpki-client on console.sobornost.net