Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Oi1_ah1mrtloJRKQBXR8383toAQ.roa
File: Oi1_ah1mrtloJRKQBXR8383toAQ.roa (raw, json)
Hash identifier: rLLKFfcBChlmC1wo8y5GVlJQp3xpum0btRkKT/Ndihw=
Subject key identifier: 3A:2D:7F:6A:1D:66:AE:D9:68:25:12:90:05:74:7C:DF:CD:ED:A0:04
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0996
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Oi1_ah1mrtloJRKQBXR8383toAQ.roa
Signing time: Wed 29 Jan 2025 02:55:26 +0000
ROA not before: Wed 29 Jan 2025 02:55:26 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2454 (0x996)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 29 02:55:26 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3A2D7F6A1D66AED96825129005747CDFCDEDA004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1a:c7:be:20:04:61:b5:45:88:8e:a8:14:55:
d2:02:2e:ab:1b:22:4e:5f:c0:f6:85:cb:fe:3d:56:
65:ac:f3:0b:0f:7a:4f:28:aa:8a:07:b0:45:a6:a5:
cb:51:a0:79:63:0c:d8:94:fe:06:f5:b2:d0:c2:50:
c5:d2:60:60:77:ba:70:ba:07:26:f7:89:f2:ae:09:
39:c8:74:77:e0:0e:a2:6f:ef:92:2f:41:aa:07:53:
32:dd:fd:8b:02:ba:b5:66:c9:e1:74:20:74:08:32:
f3:0b:f5:20:cb:b8:3f:64:8f:f2:5c:fb:8d:b0:0b:
a7:2f:ad:f4:e5:a9:20:58:4d:58:0a:93:87:23:df:
51:59:95:85:a5:b0:6c:8a:53:0a:a1:da:66:e6:a3:
3f:3c:fe:05:17:26:83:4b:88:84:4a:ab:3c:5e:5d:
7f:1d:2d:dd:81:18:a8:7d:c8:df:51:b2:aa:76:eb:
47:f9:df:d5:76:46:74:2d:ee:16:e2:7e:d3:a4:a0:
f2:0c:d4:e8:24:ab:22:be:d4:8b:0d:4d:c5:9f:b2:
11:dc:a0:5f:01:9d:a2:fc:9b:c3:47:e2:c4:ce:39:
85:79:dc:cc:cf:78:3b:cb:85:62:a3:6e:01:37:6b:
ac:1a:83:cf:5b:ce:2c:04:53:63:89:82:27:1c:f4:
27:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2D:7F:6A:1D:66:AE:D9:68:25:12:90:05:74:7C:DF:CD:ED:A0:04
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Oi1_ah1mrtloJRKQBXR8383toAQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:5a:db:3a:6f:fd:12:01:b6:e1:52:8e:ba:e7:d5:ec:c0:02:
cc:45:f6:d1:ed:1f:b2:67:d4:17:e1:29:ab:da:e0:12:f6:4d:
52:df:51:ee:f9:6b:c8:02:6a:1e:a5:0c:d9:e8:f0:83:51:61:
2c:f4:04:05:ae:b1:21:8d:42:82:32:4b:2a:98:95:ca:bf:ca:
04:9e:61:66:9d:19:d1:1d:20:b0:1b:fe:c4:0a:72:b1:c4:2f:
70:e3:b8:e8:d8:30:9b:97:8d:1d:5c:62:99:57:d0:69:c3:d6:
6c:eb:bf:40:ce:7b:3f:37:1d:6b:98:ad:5c:46:95:18:62:f4:
4f:b2:fe:23:36:a4:c0:8c:db:bf:0c:87:90:15:4b:7a:58:f3:
7f:e9:bc:f2:4b:7b:4b:a0:fb:5b:3b:01:e2:e7:64:1f:65:f2:
bc:d1:b2:cd:d4:0d:4d:00:20:b5:71:7f:b7:04:9a:73:e8:36:
66:02:0d:2a:20:d8:be:b1:5d:ab:8a:aa:14:bc:1b:fe:3f:22:
2c:1f:33:15:94:6c:24:20:b3:0b:17:bb:10:99:1d:5c:0a:9f:
bc:db:dc:1d:d2:cd:a2:b6:c0:2d:e6:ec:37:30:50:5d:90:75:
c3:4f:d2:ba:f6:26:b7:d5:cb:6f:ff:eb:f5:9d:8b:d8:7d:b7:
bd:7c:b8:81
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjkw
MjU1MjZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNBMkQ3RjZBMUQ2NkFF
RDk2ODI1MTI5MDA1NzQ3Q0RGQ0RFREEwMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyGse+IARhtUWIjqgUVdICLqsbIk5fwPaFy/49VmWs8wsPek8o
qooHsEWmpctRoHljDNiU/gb1stDCUMXSYGB3unC6Byb3ifKuCTnIdHfgDqJv75Iv
QaoHUzLd/YsCurVmyeF0IHQIMvML9SDLuD9kj/Jc+42wC6cvrfTlqSBYTVgKk4cj
31FZlYWlsGyKUwqh2mbmoz88/gUXJoNLiIRKqzxeXX8dLd2BGKh9yN9Rsqp260f5
39V2RnQt7hbiftOkoPIM1OgkqyK+1IsNTcWfshHcoF8BnaL8m8NH4sTOOYV53MzP
eDvLhWKjbgE3a6wag89bziwEU2OJgicc9CfZAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUOi1/ah1mrtloJRKQBXR8383toAQwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL09pMV9haDFtcnRsb0pS
S1FCWFI4MzgzdG9BUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAC1a2zpv/RIBtuFSjrrn1ezA
AsxF9tHtH7Jn1BfhKava4BL2TVLfUe75a8gCah6lDNno8INRYSz0BAWusSGNQoIy
SyqYlcq/ygSeYWadGdEdILAb/sQKcrHEL3DjuOjYMJuXjR1cYplX0GnD1mzrv0DO
ez83HWuYrVxGlRhi9E+y/iM2pMCM278Mh5AVS3pY83/pvPJLe0ug+1s7AeLnZB9l
8rzRss3UDU0AILVxf7cEmnPoNmYCDSog2L6xXauKqhS8G/4/IiwfMxWUbCQgswsX
uxCZHVwKn7zb3B3SzaK2wC3m7DcwUF2QdcNP0rr2JrfVy2//6/Wdi9h9t718uIE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:31:42 2025 by rpki-client