Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/_mbSw-H8GvE8pEaDmTpKRBDpeD0.roa
File: _mbSw-H8GvE8pEaDmTpKRBDpeD0.roa (raw, json)
Hash identifier: Z5VzBGDgqmycvfezGhfJzxNwyMhlIR5+l9WmjQNwN3g=
Subject key identifier: FE:66:D2:C3:E1:FC:1A:F1:3C:A4:46:83:99:3A:4A:44:10:E9:78:3D
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 068C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/_mbSw-H8GvE8pEaDmTpKRBDpeD0.roa
Signing time: Tue 21 Jan 2025 00:24:54 +0000
ROA not before: Tue 21 Jan 2025 00:24:54 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1676 (0x68c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 21 00:24:54 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FE66D2C3E1FC1AF13CA44683993A4A4410E9783D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f4:14:cc:2f:5a:4f:89:82:0e:03:e6:03:3e:
ad:d6:d0:44:0a:b0:89:d6:a9:b4:7e:e4:46:03:80:
47:05:4b:f3:80:66:27:7d:cb:a1:0e:7b:b0:54:01:
f4:d7:60:cc:be:1b:39:82:47:61:0b:a6:a9:53:87:
a4:c4:9b:bc:c7:51:33:d3:5e:6f:ea:fd:79:56:0c:
42:28:2a:63:f2:38:41:5f:24:74:5d:0d:d3:5e:33:
70:56:70:f6:57:e4:7c:63:c3:b9:96:cf:62:de:2d:
ef:48:7e:40:90:82:6e:c3:03:4c:c4:d9:48:01:74:
7f:35:41:82:56:0b:fb:6c:5c:8a:cb:92:07:13:fe:
72:55:28:98:fd:54:70:14:4e:37:fd:7e:74:bd:18:
08:84:e3:f5:86:43:37:68:e8:e7:a7:99:11:27:44:
48:d7:c1:74:b7:78:c3:24:41:8e:ea:e0:e9:bc:aa:
24:3c:0d:25:53:f3:12:97:72:4b:56:b9:e5:09:36:
96:d3:73:b9:1f:2b:dc:f4:4a:27:be:f5:ff:a6:a2:
a9:d8:49:35:7c:0e:cd:48:82:79:8b:1d:d7:52:69:
84:cb:b4:ce:03:b0:c8:bb:0f:0b:cd:57:8b:23:fa:
37:81:cf:ce:8e:1f:a1:a1:93:94:fe:d1:95:30:8d:
85:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:66:D2:C3:E1:FC:1A:F1:3C:A4:46:83:99:3A:4A:44:10:E9:78:3D
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/_mbSw-H8GvE8pEaDmTpKRBDpeD0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
04:eb:05:36:69:98:d1:b5:af:28:9d:d5:fe:d8:1b:17:38:19:
98:a9:3e:66:cd:de:e4:d9:69:f4:d1:62:11:83:25:82:80:af:
81:ed:cd:ff:23:4b:60:38:54:d8:f5:ec:2f:be:e0:c0:b7:b6:
63:bf:0e:31:94:a2:cc:30:c1:30:f5:ff:46:6e:d9:30:d9:66:
3e:8c:f9:e6:ca:18:5a:f8:72:4b:7b:4e:06:43:ed:0c:2c:bd:
2d:ea:eb:50:e0:c4:ae:3a:e8:ef:12:2c:2a:e8:d4:4c:dc:27:
fe:d5:f6:6a:2e:aa:50:c8:7d:a4:fd:55:6a:1a:cf:fc:64:6a:
ee:0d:2c:70:5e:66:f0:16:f8:1e:81:69:aa:63:66:ae:ce:88:
f1:bb:37:26:d6:17:be:21:d4:e1:57:da:2b:1c:47:99:a2:0b:
84:55:c8:90:5c:34:48:3f:dc:97:79:b2:fd:e2:03:de:24:29:
dd:15:c6:15:0f:09:0e:00:f1:a9:14:71:75:2a:4e:b7:21:3c:
5c:b0:dc:30:d3:78:da:7a:68:9e:68:7b:b9:25:a5:6c:0e:e6:
e8:69:23:80:0e:ca:16:cb:43:6c:ed:01:72:18:f9:b1:19:7d:
21:0b:0f:8d:fb:91:d0:b2:fd:a1:72:3c:eb:a1:84:59:81:a7:
04:4a:74:b7
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjEw
MDI0NTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZFNjZEMkMzRTFGQzFB
RjEzQ0E0NDY4Mzk5M0E0QTQ0MTBFOTc4M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCh9BTML1pPiYIOA+YDPq3W0EQKsInWqbR+5EYDgEcFS/OAZid9
y6EOe7BUAfTXYMy+GzmCR2ELpqlTh6TEm7zHUTPTXm/q/XlWDEIoKmPyOEFfJHRd
DdNeM3BWcPZX5Hxjw7mWz2LeLe9IfkCQgm7DA0zE2UgBdH81QYJWC/tsXIrLkgcT
/nJVKJj9VHAUTjf9fnS9GAiE4/WGQzdo6OenmREnREjXwXS3eMMkQY7q4Om8qiQ8
DSVT8xKXcktWueUJNpbTc7kfK9z0Sie+9f+moqnYSTV8Ds1IgnmLHddSaYTLtM4D
sMi7DwvNV4sj+jeBz86OH6Ghk5T+0ZUwjYUNAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU/mbSw+H8GvE8pEaDmTpKRBDpeD0wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL19tYlN3LUg4R3ZFOHBF
YURtVHBLUkJEcGVEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAATrBTZpmNG1ryid1f7YGxc4
GZipPmbN3uTZafTRYhGDJYKAr4Htzf8jS2A4VNj17C++4MC3tmO/DjGUoswwwTD1
/0Zu2TDZZj6M+ebKGFr4ckt7TgZD7QwsvS3q61DgxK466O8SLCro1EzcJ/7V9mou
qlDIfaT9VWoaz/xkau4NLHBeZvAW+B6BaapjZq7OiPG7NybWF74h1OFX2iscR5mi
C4RVyJBcNEg/3Jd5sv3iA94kKd0VxhUPCQ4A8akUcXUqTrchPFyw3DDTeNp6aJ5o
e7klpWwO5uhpI4AOyhbLQ2ztAXIY+bEZfSELD437kdCy/aFyPOuhhFmBpwRKdLc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:14:08 2025 by rpki-client