Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/lI3QS-DoJjn0s6Z6kofyZJW9Q5E.roa
File: lI3QS-DoJjn0s6Z6kofyZJW9Q5E.roa (raw, json)
Hash identifier: uK5LXdgGHv3vqAqLLDBx1zp5CKbEQ3NO6dXzuxeBiL0=
Subject key identifier: 94:8D:D0:4B:E0:E8:26:39:F4:B3:A6:7A:92:87:F2:64:95:BD:43:91
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 058E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/lI3QS-DoJjn0s6Z6kofyZJW9Q5E.roa
Signing time: Sat 18 Jan 2025 08:54:46 +0000
ROA not before: Sat 18 Jan 2025 08:54:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1422 (0x58e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 08:54:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=948DD04BE0E82639F4B3A67A9287F26495BD4391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a9:15:a7:8e:26:3d:32:1a:65:09:e5:e9:50:
05:ed:78:ba:e7:3b:1d:31:e9:e8:cf:2f:78:43:9a:
10:dd:62:23:b3:1b:45:1e:67:3a:7a:96:21:63:23:
b1:a5:4f:95:9f:61:cf:12:51:e7:10:b7:f1:7a:f0:
24:f6:b0:c3:6c:b1:9b:0f:59:b6:fa:d4:66:e5:d1:
89:00:8e:9a:49:15:ae:ea:7d:39:fa:b8:c0:16:57:
d1:ef:84:7a:a8:a0:a0:24:61:43:a6:09:5c:c8:0b:
36:7e:44:f6:f6:25:ea:4e:ed:eb:b3:87:24:07:fa:
10:00:38:3d:10:86:e8:e6:c3:c6:64:17:79:82:c1:
b1:ee:61:07:01:af:94:a2:f0:f5:48:ae:eb:c4:e7:
e0:d2:bf:50:2a:c3:93:64:bc:f7:13:7e:b0:1a:64:
55:50:3b:38:39:9f:d5:93:bc:29:0f:ed:b1:5a:8e:
85:86:26:9b:56:87:ef:c3:47:93:e8:31:e8:b7:46:
47:43:b7:43:36:9a:eb:4d:89:2f:31:54:3b:01:ac:
78:13:4e:3b:c1:15:2f:71:5f:e8:54:fd:f7:56:bb:
24:91:8a:32:b3:1c:2f:5b:dc:83:6a:3c:86:60:46:
9a:bb:3a:1d:e0:d0:e6:b2:31:c3:30:2e:85:d2:ea:
05:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8D:D0:4B:E0:E8:26:39:F4:B3:A6:7A:92:87:F2:64:95:BD:43:91
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/lI3QS-DoJjn0s6Z6kofyZJW9Q5E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:34:81:cd:c9:b4:70:c3:97:53:c4:bb:29:f8:51:f8:0b:55:
00:cd:40:36:38:a1:47:10:f3:d1:44:3b:fe:16:43:c7:d7:cf:
e7:a5:3f:01:96:9f:40:bf:7f:d0:17:85:84:54:db:29:b2:51:
4c:30:63:48:d9:03:4c:c3:5d:ef:cf:b7:c8:55:6b:23:7b:49:
60:b9:09:17:0f:04:f1:1d:1c:f8:62:aa:ca:fc:30:a4:ed:1c:
06:28:e6:80:aa:76:37:4b:25:68:c6:98:9e:f6:00:d9:ad:93:
3f:9b:5e:73:be:3c:c0:e7:20:42:1f:83:4c:59:87:32:b9:b9:
75:91:4d:9a:fa:65:85:10:ef:2e:6a:91:53:2d:6f:1b:07:23:
3c:bd:78:8d:76:40:e3:f4:2e:e1:e6:a4:e8:2c:c4:86:be:4e:
0c:47:6f:48:15:f8:0a:6c:0b:c6:ff:64:d8:b4:43:7c:0c:03:
b0:99:b1:4e:d2:44:de:f6:7a:5c:4c:ec:dc:3c:f1:5b:86:88:
bc:66:b9:ab:4a:f4:64:52:71:8c:d2:d9:a7:df:db:75:ff:d6:
3e:05:d7:de:0b:4f:a0:13:e0:02:fa:f4:65:90:ec:b9:e6:bf:
e4:9d:84:d3:ae:d6:9f:e6:bb:88:ff:84:e0:2c:7c:6f:cc:ef:
c3:cf:4b:14
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgw
ODU0NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk0OEREMDRCRTBFODI2
MzlGNEIzQTY3QTkyODdGMjY0OTVCRDQzOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwqRWnjiY9MhplCeXpUAXteLrnOx0x6ejPL3hDmhDdYiOzG0Ue
Zzp6liFjI7GlT5WfYc8SUecQt/F68CT2sMNssZsPWbb61Gbl0YkAjppJFa7qfTn6
uMAWV9HvhHqooKAkYUOmCVzICzZ+RPb2JepO7euzhyQH+hAAOD0Qhujmw8ZkF3mC
wbHuYQcBr5Si8PVIruvE5+DSv1Aqw5NkvPcTfrAaZFVQOzg5n9WTvCkP7bFajoWG
JptWh+/DR5PoMei3RkdDt0M2mutNiS8xVDsBrHgTTjvBFS9xX+hU/fdWuySRijKz
HC9b3INqPIZgRpq7Oh3g0OayMcMwLoXS6gVDAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUlI3QS+DoJjn0s6Z6kofyZJW9Q5EwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2xJM1FTLURvSmpuMHM2
WjZrb2Z5WkpXOVE1RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAD00gc3JtHDDl1PEuyn4UfgL
VQDNQDY4oUcQ89FEO/4WQ8fXz+elPwGWn0C/f9AXhYRU2ymyUUwwY0jZA0zDXe/P
t8hVayN7SWC5CRcPBPEdHPhiqsr8MKTtHAYo5oCqdjdLJWjGmJ72ANmtkz+bXnO+
PMDnIEIfg0xZhzK5uXWRTZr6ZYUQ7y5qkVMtbxsHIzy9eI12QOP0LuHmpOgsxIa+
TgxHb0gV+ApsC8b/ZNi0Q3wMA7CZsU7SRN72elxM7Nw88VuGiLxmuatK9GRScYzS
2aff23X/1j4F194LT6AT4AL69GWQ7Lnmv+SdhNOu1p/mu4j/hOAsfG/M78PPSxQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:01:47 2025 by rpki-client