Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/vz5KLVl7yA-MVV_Ltz2UzJJAWlI.roa
File: vz5KLVl7yA-MVV_Ltz2UzJJAWlI.roa (raw, json)
Hash identifier: tVNWHFWzGg9UFydpWG1ATUr/+eUobv6AmSe6yRxVEks=
Subject key identifier: BF:3E:4A:2D:59:7B:C8:0F:8C:55:5F:CB:B7:3D:94:CC:92:40:5A:52
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 04F4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/vz5KLVl7yA-MVV_Ltz2UzJJAWlI.roa
Signing time: Thu 16 Jan 2025 18:24:39 +0000
ROA not before: Thu 16 Jan 2025 18:24:39 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1268 (0x4f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 16 18:24:39 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BF3E4A2D597BC80F8C555FCBB73D94CC92405A52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:50:3f:bf:09:93:df:16:34:8a:3e:19:59:fe:
7e:b2:9a:d4:59:59:36:0a:40:f4:89:d2:83:28:c1:
5d:8f:88:be:33:49:7b:26:de:ce:a1:e2:80:28:2f:
fa:51:49:eb:64:16:0b:0d:8e:30:07:c9:55:e1:9c:
f1:8e:74:fe:aa:bd:88:4a:4b:a2:6a:c3:28:8d:24:
b2:9c:9f:47:77:37:ff:b1:5a:3e:3d:b0:1a:57:f5:
02:e4:4c:64:60:35:9b:07:0a:23:88:40:0b:e2:bf:
e7:aa:c6:5c:93:17:78:8f:29:44:6d:a0:88:0c:e7:
75:36:7d:2b:4e:5e:99:3d:00:ae:bc:a9:33:8e:20:
ea:2f:80:8b:7c:39:5d:45:0f:2b:12:56:0a:9a:de:
e7:9b:9b:de:11:65:c3:0c:5d:79:27:1e:ee:76:45:
59:2d:b8:1c:5c:fb:7b:b7:1e:79:63:6a:c1:29:3f:
29:22:27:12:2c:35:d5:4b:07:55:d0:20:13:3b:9d:
22:24:ed:04:2c:1c:06:b6:65:aa:66:f0:7e:cb:82:
d7:5a:87:e3:f6:75:ec:83:f6:5c:9e:03:ab:fb:ea:
7e:e0:07:98:72:3a:59:91:a0:cb:c0:75:e6:9a:b4:
03:5b:66:43:27:aa:12:14:03:49:f0:1a:5f:60:25:
06:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3E:4A:2D:59:7B:C8:0F:8C:55:5F:CB:B7:3D:94:CC:92:40:5A:52
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/vz5KLVl7yA-MVV_Ltz2UzJJAWlI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
37:f8:5a:c6:fd:d6:39:99:67:f6:24:3d:31:0b:d3:06:10:65:
42:f7:6a:68:fd:79:61:3a:67:51:b0:1c:52:aa:55:78:2a:93:
aa:06:e3:2e:d9:12:fa:7f:61:28:48:d4:c2:3a:67:c0:7e:c5:
13:06:5b:ab:9c:8b:eb:a7:60:f1:22:36:31:a5:49:2a:de:2d:
bc:41:3b:02:07:46:d4:de:46:c0:b7:f0:07:9e:67:9e:84:41:
e1:1f:b5:f4:4c:9e:e8:29:6e:d3:3e:7f:f1:af:34:23:7d:ff:
79:92:c7:c2:bf:ad:8e:c7:c0:27:37:38:d3:34:28:fe:18:43:
c6:86:d7:25:42:ca:e9:df:e2:67:c5:4a:5b:91:a3:6f:17:ad:
28:bf:85:5a:e9:90:e2:0d:8d:8c:e7:46:f4:0d:c1:7b:2e:75:
1d:cc:f9:36:b6:93:d1:30:fc:61:da:b6:d3:35:7e:bf:66:8d:
d6:d9:1d:56:ca:bd:71:e4:fd:2a:21:46:f0:c6:49:7f:e4:c5:
1d:14:8e:45:9e:d0:df:00:53:24:02:58:da:76:10:1a:c5:30:
cc:4e:80:5c:00:63:c4:49:50:c6:29:ab:16:b4:56:e2:8e:7b:
6d:ab:ba:15:2d:c2:4d:10:8a:54:75:eb:0a:8d:6d:3a:96:eb:
93:72:6e:b1
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBPQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTYx
ODI0MzlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJGM0U0QTJENTk3QkM4
MEY4QzU1NUZDQkI3M0Q5NENDOTI0MDVBNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKUD+/CZPfFjSKPhlZ/n6ymtRZWTYKQPSJ0oMowV2PiL4zSXsm
3s6h4oAoL/pRSetkFgsNjjAHyVXhnPGOdP6qvYhKS6JqwyiNJLKcn0d3N/+xWj49
sBpX9QLkTGRgNZsHCiOIQAviv+eqxlyTF3iPKURtoIgM53U2fStOXpk9AK68qTOO
IOovgIt8OV1FDysSVgqa3uebm94RZcMMXXknHu52RVktuBxc+3u3HnljasEpPyki
JxIsNdVLB1XQIBM7nSIk7QQsHAa2Zapm8H7Lgtdah+P2deyD9lyeA6v76n7gB5hy
OlmRoMvAdeaatANbZkMnqhIUA0nwGl9gJQa5AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUvz5KLVl7yA+MVV/Ltz2UzJJAWlIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3Z6NUtMVmw3eUEtTVZW
X0x0ejJVekpKQVdsSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADf4Wsb91jmZZ/YkPTEL0wYQ
ZUL3amj9eWE6Z1GwHFKqVXgqk6oG4y7ZEvp/YShI1MI6Z8B+xRMGW6uci+unYPEi
NjGlSSreLbxBOwIHRtTeRsC38AeeZ56EQeEftfRMnugpbtM+f/GvNCN9/3mSx8K/
rY7HwCc3ONM0KP4YQ8aG1yVCyunf4mfFSluRo28XrSi/hVrpkOINjYznRvQNwXsu
dR3M+Ta2k9Ew/GHattM1fr9mjdbZHVbKvXHk/SohRvDGSX/kxR0UjkWe0N8AUyQC
WNp2EBrFMMxOgFwAY8RJUMYpqxa0VuKOe22ruhUtwk0QilR16wqNbTqW65NybrE=
Generated at Thu Jan 16 21:51:00 2025 by rpki-client on console.sobornost.net