Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/IT39qO6kesShfiQMtdFuCpDP0R4.roa
File: IT39qO6kesShfiQMtdFuCpDP0R4.roa (raw, json)
Hash identifier: s68H8CFNC9N6AsRufr4A25G97s/bX2A5CJvIsexBNxs=
Subject key identifier: 21:3D:FD:A8:EE:A4:7A:C4:A1:7E:24:0C:B5:D1:6E:0A:90:CF:D1:1E
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 09AA
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/IT39qO6kesShfiQMtdFuCpDP0R4.roa
Signing time: Wed 29 Jan 2025 07:55:26 +0000
ROA not before: Wed 29 Jan 2025 07:55:26 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2474 (0x9aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 29 07:55:26 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=213DFDA8EEA47AC4A17E240CB5D16E0A90CFD11E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:29:ff:35:a6:62:cf:cd:2a:b7:3c:55:b1:
32:b8:d3:e7:87:fb:da:10:e5:21:1e:95:37:c1:aa:
4e:f6:c1:05:0e:8f:5a:8d:f2:0e:c9:73:a5:ef:4b:
c1:35:24:af:a9:de:77:d6:6e:be:ec:a3:77:7a:c0:
bc:be:00:98:c8:a1:64:a3:04:af:b2:8c:8c:e0:cd:
0c:02:e3:fd:73:cb:50:95:2c:8d:c5:3a:fa:d0:02:
37:d2:a6:fb:29:9f:d0:d0:18:eb:18:17:d2:09:01:
44:69:31:1e:b5:d0:40:63:d7:ab:c2:7a:f0:e4:b3:
1e:91:15:e3:08:7e:d3:a0:f5:df:d0:70:b5:e4:eb:
c9:c0:80:db:5a:53:39:41:95:42:a9:ce:96:3a:2c:
15:e7:13:1b:ae:9e:d3:05:79:6f:df:8c:c5:48:01:
30:16:ce:12:8d:3d:09:8f:73:ee:ea:3c:49:30:e6:
90:73:91:3c:6b:27:2a:5e:79:ca:03:eb:56:93:2d:
b5:3b:0a:56:06:c0:b2:7a:10:38:da:72:08:ef:de:
db:d6:d1:39:7a:8c:0f:35:1c:ea:34:a8:ac:46:64:
65:05:44:64:e6:a2:3c:ef:ab:b7:b8:6f:3e:65:98:
9f:82:d7:0b:4f:d1:24:16:f7:02:da:9a:02:c5:5d:
79:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3D:FD:A8:EE:A4:7A:C4:A1:7E:24:0C:B5:D1:6E:0A:90:CF:D1:1E
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/IT39qO6kesShfiQMtdFuCpDP0R4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:2d:92:14:09:43:5d:58:3f:65:e1:ed:18:03:61:dc:0c:a8:
88:e6:b5:57:f9:eb:9f:67:41:9c:05:c9:c0:48:12:ba:ee:7e:
e8:89:47:79:e4:2b:1a:0e:60:04:3f:d3:4a:35:d9:8c:4b:01:
36:88:f1:aa:2e:28:9f:10:0f:f8:bf:d1:82:21:09:13:4d:2d:
fd:81:3f:39:24:db:b5:8d:a4:73:b0:0e:fa:ca:51:59:76:e8:
ce:fd:0d:82:a2:0c:a4:4e:fd:a2:38:45:d7:30:a7:23:fe:60:
23:28:70:d4:4a:e6:52:dc:cd:0a:f5:bd:8f:e5:ac:f4:a7:26:
0a:38:cf:b8:e1:9d:32:10:eb:d5:14:da:32:09:f4:92:29:bf:
12:a7:50:4b:1e:f0:d2:89:75:87:e8:72:db:8e:7c:24:4c:a6:
59:00:96:05:8d:dd:b8:5b:ae:75:e5:03:a8:e0:b5:80:64:b0:
0b:3f:04:c5:22:17:fc:c3:f9:d8:1f:ff:17:6a:80:81:76:70:
bc:3a:a4:61:9f:23:82:93:71:89:e9:77:9a:1e:3f:ff:5b:b9:
8c:9f:e0:6e:d4:70:77:f2:ac:b7:49:01:f9:ee:a4:a6:e2:2d:
af:a4:5c:7e:2d:59:03:94:8f:d4:4c:cc:59:c4:f8:b5:0c:08:
d1:7c:ca:39
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjkw
NzU1MjZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIxM0RGREE4RUVBNDdB
QzRBMTdFMjQwQ0I1RDE2RTBBOTBDRkQxMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCovyn/NaZiz80qtzxVsTK40+eH+9oQ5SEelTfBqk72wQUOj1qN
8g7Jc6XvS8E1JK+p3nfWbr7so3d6wLy+AJjIoWSjBK+yjIzgzQwC4/1zy1CVLI3F
OvrQAjfSpvspn9DQGOsYF9IJAURpMR610EBj16vCevDksx6RFeMIftOg9d/QcLXk
68nAgNtaUzlBlUKpzpY6LBXnExuuntMFeW/fjMVIATAWzhKNPQmPc+7qPEkw5pBz
kTxrJypeecoD61aTLbU7ClYGwLJ6EDjacgjv3tvW0Tl6jA81HOo0qKxGZGUFRGTm
ojzvq7e4bz5lmJ+C1wtP0SQW9wLamgLFXXkPAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUIT39qO6kesShfiQMtdFuCpDP0R4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0lUMzlxTzZrZXNTaGZp
UU10ZEZ1Q3BEUDBSNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAI8tkhQJQ11YP2Xh7RgDYdwM
qIjmtVf5659nQZwFycBIErrufuiJR3nkKxoOYAQ/00o12YxLATaI8aouKJ8QD/i/
0YIhCRNNLf2BPzkk27WNpHOwDvrKUVl26M79DYKiDKRO/aI4RdcwpyP+YCMocNRK
5lLczQr1vY/lrPSnJgo4z7jhnTIQ69UU2jIJ9JIpvxKnUEse8NKJdYfoctuOfCRM
plkAlgWN3bhbrnXlA6jgtYBksAs/BMUiF/zD+dgf/xdqgIF2cLw6pGGfI4KTcYnp
d5oeP/9buYyf4G7UcHfyrLdJAfnupKbiLa+kXH4tWQOUj9RMzFnE+LUMCNF8yjk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:08:46 2025 by rpki-client