Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/wBo7pasI6Pkx0cMKNN0ZfEDcbjw.roa
File: wBo7pasI6Pkx0cMKNN0ZfEDcbjw.roa (raw, json)
Hash identifier: 2idBx51WMM9Yygl+TArWS7E24qTpha2Tq6FQdnPep8I=
Subject key identifier: C0:1A:3B:A5:AB:08:E8:F9:31:D1:C3:0A:34:DD:19:7C:40:DC:6E:3C
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07BC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/wBo7pasI6Pkx0cMKNN0ZfEDcbjw.roa
Signing time: Fri 24 Jan 2025 04:25:03 +0000
ROA not before: Fri 24 Jan 2025 04:25:03 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1980 (0x7bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 04:25:03 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C01A3BA5AB08E8F931D1C30A34DD197C40DC6E3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:6b:e6:86:2e:7b:2c:99:f5:8e:84:d5:2e:
a3:b7:54:4a:e5:13:49:ab:cf:42:d8:69:00:43:54:
0b:c3:ab:88:39:36:43:51:06:50:4a:6d:c9:dd:e0:
27:20:c7:93:ab:19:d2:67:f6:5c:4b:f7:4c:b4:c4:
99:25:d2:7a:aa:fe:4e:47:f1:3c:ed:54:ff:60:a6:
1e:4a:de:28:62:ac:52:d7:0a:c1:e4:35:4a:75:a9:
ea:cf:82:cb:8b:e2:48:bd:01:c2:96:f7:fe:72:0e:
55:94:7f:ca:ff:7f:ab:53:91:1f:56:ab:ea:d6:1b:
e2:73:72:99:7a:f0:3b:a8:0f:78:8f:ec:5f:40:a4:
16:f0:16:9c:52:fb:96:2a:85:99:fb:c1:1d:cc:49:
57:bd:05:3c:e9:b1:38:54:e0:b0:33:3b:9f:0f:bd:
2f:b6:dc:a7:55:ac:49:44:27:ea:14:70:f0:34:a7:
2e:2b:af:de:13:a7:46:83:1e:cd:c7:5e:f9:38:9e:
48:9d:4d:e6:20:b9:08:eb:49:46:b9:ea:1d:c4:08:
09:1f:38:f8:5f:c0:63:5f:c4:a5:e8:07:cc:d9:f2:
4c:9f:d1:d9:48:80:e0:cc:be:b5:26:51:25:99:61:
a6:54:3d:d0:2e:4b:21:d0:0e:3e:68:3f:41:ef:c1:
fe:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:1A:3B:A5:AB:08:E8:F9:31:D1:C3:0A:34:DD:19:7C:40:DC:6E:3C
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/wBo7pasI6Pkx0cMKNN0ZfEDcbjw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:78:36:02:25:76:0e:c1:4b:48:ac:4a:7d:6f:15:1b:b0:42:
26:d1:f6:4b:af:68:4a:5b:4c:1c:af:d4:f2:ef:ed:b9:7b:4b:
f7:51:f3:7f:d7:d9:b5:50:f3:1f:31:e5:cc:c3:3f:64:42:4d:
2b:e0:e1:3b:a4:fc:41:7e:67:d8:94:c6:00:46:fd:7f:35:a9:
7b:5c:47:d3:e0:5a:1a:9a:4d:32:8a:57:5c:6c:72:f5:df:34:
8e:ed:80:21:ed:89:c4:16:62:5b:c6:1a:40:10:18:09:78:c3:
ca:0b:ea:54:ef:9e:d0:d2:7d:16:79:bd:8f:ce:28:09:77:bd:
de:2a:29:34:8e:6a:7c:36:99:93:63:a6:6f:59:1f:22:31:e3:
39:2e:92:08:37:9e:bf:65:3d:64:9a:b8:03:4b:e0:50:89:2f:
33:ea:ac:ec:8a:66:3e:8a:71:92:e3:48:46:c3:d6:04:19:a5:
58:fb:12:e2:38:b9:6f:17:45:04:54:e1:b0:1c:22:0f:34:5d:
9a:87:d4:ce:b4:a0:7e:cb:b6:27:80:aa:a7:62:9c:29:a2:6f:
4c:b0:05:2b:d6:d7:b4:6a:90:c1:f4:50:33:ec:2f:41:38:f4:
8d:f3:6d:4a:d9:00:38:61:ce:4d:f4:8d:99:5b:46:d3:c7:b4:
99:42:a2:3b
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB7wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQw
NDI1MDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEMwMUEzQkE1QUIwOEU4
RjkzMUQxQzMwQTM0REQxOTdDNDBEQzZFM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf4Wvmhi57LJn1joTVLqO3VErlE0mrz0LYaQBDVAvDq4g5NkNR
BlBKbcnd4Ccgx5OrGdJn9lxL90y0xJkl0nqq/k5H8TztVP9gph5K3ihirFLXCsHk
NUp1qerPgsuL4ki9AcKW9/5yDlWUf8r/f6tTkR9Wq+rWG+Jzcpl68DuoD3iP7F9A
pBbwFpxS+5YqhZn7wR3MSVe9BTzpsThU4LAzO58PvS+23KdVrElEJ+oUcPA0py4r
r94Tp0aDHs3HXvk4nkidTeYguQjrSUa56h3ECAkfOPhfwGNfxKXoB8zZ8kyf0dlI
gODMvrUmUSWZYaZUPdAuSyHQDj5oP0Hvwf7FAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUwBo7pasI6Pkx0cMKNN0ZfEDcbjwwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3dCbzdwYXNJNlBreDBj
TUtOTjBaZkVEY2Jqdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAD14NgIldg7BS0isSn1vFRuw
QibR9kuvaEpbTByv1PLv7bl7S/dR83/X2bVQ8x8x5czDP2RCTSvg4Tuk/EF+Z9iU
xgBG/X81qXtcR9PgWhqaTTKKV1xscvXfNI7tgCHticQWYlvGGkAQGAl4w8oL6lTv
ntDSfRZ5vY/OKAl3vd4qKTSOanw2mZNjpm9ZHyIx4zkukgg3nr9lPWSauANL4FCJ
LzPqrOyKZj6KcZLjSEbD1gQZpVj7EuI4uW8XRQRU4bAcIg80XZqH1M60oH7LtieA
qqdinCmib0ywBSvW17RqkMH0UDPsL0E49I3zbUrZADhhzk30jZlbRtPHtJlCojs=
-----END CERTIFICATE-----
Generated at Fri Jan 24 13:42:13 2025 by rpki-client on console.sobornost.net