Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/ZHGCgHjEe_A1bmWJ9t6HgCFAfaA.roa
File: ZHGCgHjEe_A1bmWJ9t6HgCFAfaA.roa (raw, json)
Hash identifier: /yIP8TQg6F1i+7LBLwYdKnRmEQIVciwRpamzppbHF8M=
Subject key identifier: 64:71:82:80:78:C4:7B:F0:35:6E:65:89:F6:DE:87:80:21:40:7D:A0
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D9E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ZHGCgHjEe_A1bmWJ9t6HgCFAfaA.roa
Signing time: Sat 08 Feb 2025 20:55:52 +0000
ROA not before: Sat 08 Feb 2025 20:55:52 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3486 (0xd9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 8 20:55:52 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=6471828078C47BF0356E6589F6DE878021407DA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:40:53:d2:7b:29:d0:82:b1:81:b7:2c:08:19:
86:10:8b:4f:72:48:e6:bc:bd:46:a3:eb:ad:fc:c5:
5b:3e:e7:bd:8d:57:a1:fa:37:42:d5:2e:68:92:58:
f0:39:d1:b1:4f:5e:4f:f2:eb:5a:11:bb:ce:df:58:
67:ab:94:eb:0a:6d:bd:39:e3:5f:7b:d1:3f:d8:b9:
f3:02:4b:84:f9:33:65:be:97:89:a3:03:69:bb:dd:
34:54:88:80:ff:a3:7c:f8:ea:56:ba:bb:6d:21:ef:
0c:eb:85:f2:43:d1:69:7f:68:ef:88:e1:46:fe:0c:
cb:31:7c:da:8a:6a:42:07:22:03:eb:1e:42:0a:23:
78:3b:56:4b:52:91:bb:79:d9:a8:fe:d5:9d:11:39:
b1:06:c5:c6:e8:59:2e:35:80:aa:d6:74:49:f3:d4:
3c:0c:32:53:cd:a7:02:70:6f:2d:14:9a:1f:4d:c5:
97:25:61:da:8d:66:41:bb:aa:db:7b:c1:e3:92:c0:
1e:58:c2:92:8d:e5:e3:25:cf:8b:6b:c4:6a:ab:a0:
e1:ba:0f:22:88:65:b6:c2:54:50:f4:a2:53:e7:bd:
26:11:85:0d:5e:11:54:19:ae:42:df:9b:3f:89:7c:
62:51:35:15:79:08:f5:39:2f:9b:ae:fa:b0:09:81:
6d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:71:82:80:78:C4:7B:F0:35:6E:65:89:F6:DE:87:80:21:40:7D:A0
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ZHGCgHjEe_A1bmWJ9t6HgCFAfaA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:f1:6c:29:5b:96:00:f3:0f:91:c4:7c:a8:c9:09:16:ae:7c:
01:b3:f9:16:a7:fc:ae:fa:c6:26:37:3e:17:c7:bf:6c:76:9a:
53:4e:f4:9c:38:17:f9:61:c9:0f:64:87:20:8c:ff:e7:e9:3f:
42:69:a2:d9:cd:35:0f:52:55:c7:5a:cd:c3:8e:24:ea:1c:37:
0c:e7:ec:75:6d:3a:56:57:5c:48:d8:b5:1c:68:d0:89:97:ae:
43:12:ad:4d:c6:5a:a9:c3:8a:c0:b5:e8:6d:e7:d3:cb:fd:83:
67:5f:84:83:f8:5e:5b:22:72:8f:8e:9d:d8:48:3f:85:52:0f:
54:90:6a:ee:99:0e:d7:32:e4:66:a8:06:96:12:80:62:88:b0:
b8:04:5d:39:8e:31:3e:0b:ec:2b:47:22:e8:cc:93:55:31:7a:
dd:3c:fe:a8:51:03:e6:ce:f8:61:10:33:b7:f7:76:87:72:59:
e7:b4:f6:d6:01:7a:b8:e1:15:70:8f:02:f2:e5:07:c5:43:85:
52:17:16:db:02:e3:a2:bc:f5:c0:a9:bc:76:30:a1:2d:f2:73:
bc:31:73:b2:84:8f:eb:9e:5a:a0:d3:ea:2a:08:6d:c6:6e:22:
80:e3:a8:f5:b4:1a:33:dc:36:6e:7f:12:cc:62:c7:a5:e9:96:
c9:47:da:72
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDZ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDgy
MDU1NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY0NzE4MjgwNzhDNDdC
RjAzNTZFNjU4OUY2REU4NzgwMjE0MDdEQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkQFPSeynQgrGBtywIGYYQi09ySOa8vUaj6638xVs+572NV6H6
N0LVLmiSWPA50bFPXk/y61oRu87fWGerlOsKbb0541970T/YufMCS4T5M2W+l4mj
A2m73TRUiID/o3z46la6u20h7wzrhfJD0Wl/aO+I4Ub+DMsxfNqKakIHIgPrHkIK
I3g7VktSkbt52aj+1Z0RObEGxcboWS41gKrWdEnz1DwMMlPNpwJwby0Umh9NxZcl
YdqNZkG7qtt7weOSwB5YwpKN5eMlz4trxGqroOG6DyKIZbbCVFD0olPnvSYRhQ1e
EVQZrkLfmz+JfGJRNRV5CPU5L5uu+rAJgW3ZAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUZHGCgHjEe/A1bmWJ9t6HgCFAfaAwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1pIR0NnSGpFZV9BMWJt
V0o5dDZIZ0NGQWZhQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAI/xbClblgDzD5HEfKjJCRau
fAGz+Ran/K76xiY3PhfHv2x2mlNO9Jw4F/lhyQ9khyCM/+fpP0JpotnNNQ9SVcda
zcOOJOocNwzn7HVtOlZXXEjYtRxo0ImXrkMSrU3GWqnDisC16G3n08v9g2dfhIP4
Xlsico+OndhIP4VSD1SQau6ZDtcy5GaoBpYSgGKIsLgEXTmOMT4L7CtHIujMk1Ux
et08/qhRA+bO+GEQM7f3dodyWee09tYBerjhFXCPAvLlB8VDhVIXFtsC46K89cCp
vHYwoS3yc7wxc7KEj+ueWqDT6ioIbcZuIoDjqPW0GjPcNm5/Esxix6XplslH2nI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:13:07 2025 by rpki-client