Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/E25T9WeavzPHL6yQKxqFYPC4GMc.roa
File: E25T9WeavzPHL6yQKxqFYPC4GMc.roa (raw, json)
Hash identifier: MuTXKZUp+4/R073x0WmkPeN8bx5688pO70DfYhRK32Y=
Subject key identifier: 13:6E:53:F5:67:9A:BF:33:C7:2F:AC:90:2B:1A:85:60:F0:B8:18:C7
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0C58
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/E25T9WeavzPHL6yQKxqFYPC4GMc.roa
Signing time: Wed 05 Feb 2025 11:26:29 +0000
ROA not before: Wed 05 Feb 2025 11:26:29 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3160 (0xc58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 5 11:26:29 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=136E53F5679ABF33C72FAC902B1A8560F0B818C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:58:79:38:38:f7:1b:e2:f9:08:65:ce:37:7a:
d6:2a:33:e2:e2:15:59:04:04:9e:4f:d8:35:18:6a:
36:b8:28:3d:0f:ca:a9:aa:5d:40:69:7b:cb:3b:93:
f7:29:6c:86:ea:4a:10:b1:d5:eb:13:d0:2b:f1:dd:
f4:3a:aa:ad:56:c8:e7:29:c2:df:a2:3e:7e:77:e6:
56:a5:e5:78:61:3f:c6:58:6b:66:a3:7a:ee:7d:69:
f5:e0:16:11:f5:ab:5f:a7:d6:26:6e:fe:42:e7:b6:
fd:99:6e:98:d3:6b:60:34:6d:04:9a:9c:a0:34:f8:
d3:54:13:11:f6:3c:48:07:e0:d2:59:fb:05:31:c7:
cd:e2:3f:bf:37:1d:57:57:30:ca:e7:3c:bb:df:ff:
ba:41:f0:7b:29:9c:01:2e:45:9b:b3:52:7d:4e:42:
76:bb:d7:97:06:eb:62:b6:89:25:67:9b:c8:b7:ce:
4b:8d:f0:10:06:b9:29:d1:40:ce:90:9b:51:9c:52:
de:0a:d2:d5:89:27:7b:9c:58:09:ab:e8:77:0b:88:
6d:f4:3c:0b:18:eb:2e:77:2c:5c:ce:13:36:13:a3:
62:fa:50:24:57:61:71:72:86:eb:69:c0:97:2f:91:
19:22:a7:61:64:8e:eb:bb:4d:18:2e:1a:57:c0:4c:
4a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6E:53:F5:67:9A:BF:33:C7:2F:AC:90:2B:1A:85:60:F0:B8:18:C7
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/E25T9WeavzPHL6yQKxqFYPC4GMc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:9e:ba:bd:a0:a9:b0:5e:8f:5a:4d:57:53:81:29:01:1c:15:
f6:98:ce:d3:13:f6:55:e9:ea:f5:aa:71:d9:f6:95:58:ba:3a:
79:bd:fd:f0:31:55:7c:a2:d1:2b:d7:52:4a:a3:3f:23:92:9d:
cb:a2:dc:f3:01:d1:65:d8:33:f3:a1:a9:0c:91:2f:2b:db:29:
2b:10:67:a6:d8:0a:cd:4c:32:e7:fb:23:7a:3d:1f:83:de:24:
e1:3b:bf:5f:1f:7f:a5:cc:5c:5d:36:b4:e1:6a:ae:6b:62:30:
78:b3:5a:ed:c7:27:da:3e:da:96:14:76:2b:ec:57:58:32:3d:
75:65:9a:cb:c8:88:68:d1:92:23:27:f2:a6:9c:0b:1f:6f:51:
f0:d0:42:3e:93:a5:86:8f:77:ff:ac:52:f4:16:11:3e:bb:15:
c1:68:46:dc:cd:45:ef:64:61:58:66:73:cc:f5:d4:46:13:a1:
1e:8b:f8:e8:26:5c:76:c3:72:87:78:d0:cd:3b:65:51:4e:04:
69:b5:ca:a6:a4:ac:60:28:26:28:a0:52:29:09:ad:1d:76:95:
45:fc:40:46:9e:94:58:88:97:3a:72:52:a6:df:b4:27:63:66:
64:5e:3c:1a:aa:23:c2:1f:71:ca:f1:3b:b4:b6:58:2a:27:b4:
c2:54:f8:4a
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDUx
MTI2MjlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEzNkU1M0Y1Njc5QUJG
MzNDNzJGQUM5MDJCMUE4NTYwRjBCODE4QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyWHk4OPcb4vkIZc43etYqM+LiFVkEBJ5P2DUYaja4KD0Pyqmq
XUBpe8s7k/cpbIbqShCx1esT0Cvx3fQ6qq1WyOcpwt+iPn535lal5XhhP8ZYa2aj
eu59afXgFhH1q1+n1iZu/kLntv2ZbpjTa2A0bQSanKA0+NNUExH2PEgH4NJZ+wUx
x83iP783HVdXMMrnPLvf/7pB8HspnAEuRZuzUn1OQna715cG62K2iSVnm8i3zkuN
8BAGuSnRQM6Qm1GcUt4K0tWJJ3ucWAmr6HcLiG30PAsY6y53LFzOEzYTo2L6UCRX
YXFyhutpwJcvkRkip2Fkjuu7TRguGlfATEqvAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUE25T9WeavzPHL6yQKxqFYPC4GMcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0UyNVQ5V2VhdnpQSEw2
eVFLeHFGWVBDNEdNYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGyeur2gqbBej1pNV1OBKQEc
FfaYztMT9lXp6vWqcdn2lVi6Onm9/fAxVXyi0SvXUkqjPyOSncui3PMB0WXYM/Oh
qQyRLyvbKSsQZ6bYCs1MMuf7I3o9H4PeJOE7v18ff6XMXF02tOFqrmtiMHizWu3H
J9o+2pYUdivsV1gyPXVlmsvIiGjRkiMn8qacCx9vUfDQQj6TpYaPd/+sUvQWET67
FcFoRtzNRe9kYVhmc8z11EYToR6L+OgmXHbDcod40M07ZVFOBGm1yqakrGAoJiig
UikJrR12lUX8QEaelFiIlzpyUqbftCdjZmRePBqqI8IfccrxO7S2WContMJU+Eo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:10:36 2025 by rpki-client