Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/diOtzCfj16hqBHyIB9n1mUqL7zM.roa
File: diOtzCfj16hqBHyIB9n1mUqL7zM.roa (raw, json)
Hash identifier: qyhlrb8AXtlrivfKIjwKWeqbvp+e+jgBnwQcEDQS45U=
Subject key identifier: 76:23:AD:CC:27:E3:D7:A8:6A:04:7C:88:07:D9:F5:99:4A:8B:EF:33
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D64
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/diOtzCfj16hqBHyIB9n1mUqL7zM.roa
Signing time: Sat 08 Feb 2025 06:25:51 +0000
ROA not before: Sat 08 Feb 2025 06:25:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3428 (0xd64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 8 06:25:51 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7623ADCC27E3D7A86A047C8807D9F5994A8BEF33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cf:62:f5:a2:53:42:2e:c8:f0:31:1c:ac:49:
08:34:30:da:06:25:cc:1e:f7:b1:f3:ac:f3:48:d2:
59:13:21:34:33:b7:57:55:b6:20:fc:33:06:80:b6:
57:71:10:42:6d:69:5a:3d:27:0e:93:7b:7b:b3:76:
b5:bf:18:3b:36:25:d1:92:14:b2:c5:8c:cd:72:ca:
0b:33:a0:a0:56:6b:ca:5a:67:db:5a:0e:ca:5b:f0:
e9:e4:94:67:39:04:28:ed:50:12:e4:57:0e:15:41:
96:e7:18:01:54:ab:3b:bd:83:29:07:f3:59:ac:63:
00:1c:0b:0b:a0:84:58:e9:d4:72:91:b2:e3:56:4e:
99:59:9d:8b:87:11:3c:8f:f0:16:82:4e:bf:38:18:
7a:7e:6b:4c:56:db:b7:be:71:37:cf:51:4e:82:cb:
63:fe:8b:0e:3e:e3:b1:23:44:0a:e6:fe:68:cf:27:
0e:61:86:4d:51:7b:eb:dc:62:b2:04:42:04:4b:19:
6f:9c:34:71:f3:c9:b0:0d:46:9f:97:3b:c0:f7:c2:
8c:a7:48:e8:59:3e:e4:e3:4a:7b:fc:14:97:84:1c:
4d:39:95:06:9a:11:6f:08:cd:75:cd:46:76:8f:1a:
20:f5:87:02:2f:1f:e4:6d:a6:9b:85:5a:20:4d:7c:
3d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:23:AD:CC:27:E3:D7:A8:6A:04:7C:88:07:D9:F5:99:4A:8B:EF:33
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/diOtzCfj16hqBHyIB9n1mUqL7zM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:2f:aa:36:79:d2:39:b3:30:96:b6:9f:bf:1f:59:6f:13:7f:
da:93:55:d9:4f:b0:2c:17:63:68:c3:7c:99:6e:be:e9:b8:f3:
66:43:f9:ca:6e:cc:12:bc:af:08:fa:ea:d3:cb:7b:0a:72:9f:
ab:40:55:16:a5:dc:fc:e5:19:d1:81:be:7e:c0:ba:35:f9:34:
ae:f3:cb:1c:1e:fb:72:e7:36:f5:e4:f9:4b:79:43:4a:0a:93:
50:cb:34:41:8c:8c:fc:d5:d8:db:6e:b1:b0:fa:9b:56:32:a1:
e4:4b:d0:a0:3c:37:01:e6:fb:c1:ee:2f:bc:2f:6e:58:9b:33:
38:66:02:62:9a:d4:82:2e:e1:f6:3b:ba:1e:82:a9:0f:dc:29:
57:55:ca:7c:b5:d5:1a:73:0f:5b:22:05:2a:ad:5d:9a:70:24:
42:13:65:b8:db:eb:1d:10:c8:a5:5a:bb:ba:d0:f9:70:ab:32:
de:db:24:76:19:fe:25:f0:62:08:1d:7f:5c:86:25:05:f5:d9:
0c:05:f8:e0:30:cf:9d:2a:b1:e0:58:02:e7:b2:3e:dd:ad:17:
9d:17:3f:34:ae:f8:f9:78:27:0f:a8:78:e6:88:ae:99:10:bd:
bf:29:d5:c8:ec:0a:41:ca:9b:a0:04:9c:a6:e6:2b:cf:3d:6e:
58:98:82:a4
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDWQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDgw
NjI1NTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc2MjNBRENDMjdFM0Q3
QTg2QTA0N0M4ODA3RDlGNTk5NEE4QkVGMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbz2L1olNCLsjwMRysSQg0MNoGJcwe97HzrPNI0lkTITQzt1dV
tiD8MwaAtldxEEJtaVo9Jw6Te3uzdrW/GDs2JdGSFLLFjM1yygszoKBWa8paZ9ta
Dspb8OnklGc5BCjtUBLkVw4VQZbnGAFUqzu9gykH81msYwAcCwughFjp1HKRsuNW
TplZnYuHETyP8BaCTr84GHp+a0xW27e+cTfPUU6Cy2P+iw4+47EjRArm/mjPJw5h
hk1Re+vcYrIEQgRLGW+cNHHzybANRp+XO8D3woynSOhZPuTjSnv8FJeEHE05lQaa
EW8IzXXNRnaPGiD1hwIvH+RtppuFWiBNfD1pAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUdiOtzCfj16hqBHyIB9n1mUqL7zMwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2RpT3R6Q2ZqMTZocUJI
eUlCOW4xbVVxTDd6TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKovqjZ50jmzMJa2n78fWW8T
f9qTVdlPsCwXY2jDfJluvum482ZD+cpuzBK8rwj66tPLewpyn6tAVRal3PzlGdGB
vn7AujX5NK7zyxwe+3LnNvXk+Ut5Q0oKk1DLNEGMjPzV2NtusbD6m1YyoeRL0KA8
NwHm+8HuL7wvblibMzhmAmKa1IIu4fY7uh6CqQ/cKVdVyny11RpzD1siBSqtXZpw
JEITZbjb6x0QyKVau7rQ+XCrMt7bJHYZ/iXwYggdf1yGJQX12QwF+OAwz50qseBY
AueyPt2tF50XPzSu+Pl4Jw+oeOaIrpkQvb8p1cjsCkHKm6AEnKbmK889bliYgqQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:13:38 2025 by rpki-client