Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/yUpdilC8voHZhhmP1PyNGuFcWEM.roa
File: yUpdilC8voHZhhmP1PyNGuFcWEM.roa (raw, json)
Hash identifier: w/WKb1uf9NENuzgTRoHZKLUBBjBxg404weOq98z0F30=
Subject key identifier: C9:4A:5D:8A:50:BC:BE:81:D9:86:19:8F:D4:FC:8D:1A:E1:5C:58:43
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B66
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/yUpdilC8voHZhhmP1PyNGuFcWEM.roa
Signing time: Sun 02 Feb 2025 22:55:37 +0000
ROA not before: Sun 02 Feb 2025 22:55:37 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2918 (0xb66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 22:55:37 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C94A5D8A50BCBE81D986198FD4FC8D1AE15C5843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:01:fc:63:b2:7e:3c:94:57:9d:c1:d4:82:b6:
ab:24:a2:70:9b:8f:bf:8b:77:57:fc:b4:c4:9e:a1:
db:c3:88:01:e5:70:e3:8f:08:c0:b8:f6:16:7b:ab:
c7:9f:68:a5:43:05:da:bc:c8:5e:7f:1e:e2:49:b5:
a7:6a:40:af:44:d0:39:63:c8:52:28:1f:d3:98:82:
c0:28:44:d6:04:e2:fa:0b:0c:52:c5:a4:f6:79:4e:
c7:ef:4b:0b:4a:02:2c:c0:fa:f1:74:26:38:af:f4:
bd:08:63:dc:85:b4:a7:4b:bd:e2:b5:08:a8:50:4f:
74:d3:ff:d0:b1:44:85:b9:22:75:fd:f0:d4:9e:81:
1e:f0:25:87:a7:e2:eb:8c:9f:32:6e:c5:3c:2a:94:
08:fa:32:2d:f7:2f:20:38:87:bf:72:ec:54:4c:98:
b6:1d:9f:c8:f1:be:89:ba:65:24:6a:4b:c9:c5:09:
d5:4d:c7:24:72:b4:ce:3d:b0:6f:26:14:c1:19:98:
ad:da:2a:9d:52:c8:25:05:14:54:83:61:52:4b:ba:
18:22:e8:6a:d8:4a:04:99:db:57:6d:62:06:bf:d7:
79:72:5f:38:e3:e2:d3:f9:17:7d:ce:e5:77:18:d0:
42:ce:f6:59:20:dd:d8:5d:c8:6b:d5:39:df:6d:a4:
48:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4A:5D:8A:50:BC:BE:81:D9:86:19:8F:D4:FC:8D:1A:E1:5C:58:43
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/yUpdilC8voHZhhmP1PyNGuFcWEM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
a5:27:4b:0c:4d:53:cd:e2:5f:81:b6:9f:c8:ef:d1:07:30:8c:
dc:da:37:74:3a:b1:ab:94:d2:10:3f:3e:1e:f3:cd:78:f6:e9:
1c:ff:70:c7:ed:69:e9:0e:3f:9a:63:3e:23:2c:47:47:32:15:
65:63:52:66:ad:a0:e7:fa:5c:33:da:2d:c8:fe:38:aa:3f:35:
74:14:ee:d0:9b:4e:2e:0d:b3:e3:05:a2:3b:3d:ea:b5:44:9f:
6d:3f:61:e5:b1:2c:d9:d1:2d:3e:37:17:07:84:2d:1b:d7:b5:
ad:04:6e:eb:d2:cd:b9:7b:62:ea:73:c5:85:a6:11:d0:45:81:
8c:e0:4e:9f:ce:6c:7d:a9:2d:dd:06:97:cf:f9:5c:aa:2a:53:
b5:9d:55:c4:2a:aa:51:28:82:6a:79:b5:3c:1c:4a:af:4f:a9:
73:bc:32:3f:a8:6d:bd:8c:12:10:38:5b:58:7e:b7:74:cf:d0:
03:0f:67:13:d2:87:f5:cb:0e:2d:44:b8:4d:46:d9:ca:1a:3a:
0d:c7:dd:59:23:7e:86:0b:4b:1e:59:ac:7d:41:ba:f4:5e:a7:
09:50:cc:ea:ef:1e:54:dc:60:03:54:26:86:d9:f6:47:b5:6f:
76:48:9f:95:cd:71:8b:0c:4b:f2:fc:ed:f3:1b:0b:62:ab:b4:
99:c2:92:33
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIy
MjU1MzdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM5NEE1RDhBNTBCQ0JF
ODFEOTg2MTk4RkQ0RkM4RDFBRTE1QzU4NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUAfxjsn48lFedwdSCtqskonCbj7+Ld1f8tMSeodvDiAHlcOOP
CMC49hZ7q8efaKVDBdq8yF5/HuJJtadqQK9E0DljyFIoH9OYgsAoRNYE4voLDFLF
pPZ5TsfvSwtKAizA+vF0Jjiv9L0IY9yFtKdLveK1CKhQT3TT/9CxRIW5InX98NSe
gR7wJYen4uuMnzJuxTwqlAj6Mi33LyA4h79y7FRMmLYdn8jxvom6ZSRqS8nFCdVN
xyRytM49sG8mFMEZmK3aKp1SyCUFFFSDYVJLuhgi6GrYSgSZ21dtYga/13lyXzjj
4tP5F33O5XcY0ELO9lkg3dhdyGvVOd9tpEj7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUyUpdilC8voHZhhmP1PyNGuFcWEMwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3lVcGRpbEM4dm9IWmho
bVAxUHlOR3VGY1dFTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKUnSwxNU83iX4G2n8jv0Qcw
jNzaN3Q6sauU0hA/Ph7zzXj26Rz/cMftaekOP5pjPiMsR0cyFWVjUmatoOf6XDPa
Lcj+OKo/NXQU7tCbTi4Ns+MFojs96rVEn20/YeWxLNnRLT43FweELRvXta0EbuvS
zbl7YupzxYWmEdBFgYzgTp/ObH2pLd0Gl8/5XKoqU7WdVcQqqlEogmp5tTwcSq9P
qXO8Mj+obb2MEhA4W1h+t3TP0AMPZxPSh/XLDi1EuE1G2coaOg3H3VkjfoYLSx5Z
rH1BuvRepwlQzOrvHlTcYANUJobZ9ke1b3ZIn5XNcYsMS/L87fMbC2KrtJnCkjM=
Generated at Mon Feb 3 02:53:55 2025 by rpki-client on console.sobornost.net