Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/lsA9nx40nEgQBdqImHqxySlFO3A.roa
File: lsA9nx40nEgQBdqImHqxySlFO3A.roa (raw, json)
Hash identifier: Aijv8FyEc+PoOWY8EDTDH0nxpHGsvieE+MhyuIb2qkw=
Subject key identifier: 96:C0:3D:9F:1E:34:9C:48:10:05:DA:88:98:7A:B1:C9:29:45:3B:70
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0DC2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/lsA9nx40nEgQBdqImHqxySlFO3A.roa
Signing time: Sun 09 Feb 2025 05:55:53 +0000
ROA not before: Sun 09 Feb 2025 05:55:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3522 (0xdc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 9 05:55:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=96C03D9F1E349C481005DA88987AB1C929453B70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a2:b3:bc:37:fe:3c:a2:57:a7:9f:f5:9b:78:
56:e8:6e:f3:aa:2b:8e:3b:50:bd:03:43:7d:e8:4f:
0d:23:ce:d7:ec:be:60:a8:75:94:e0:87:da:8d:27:
82:89:79:22:aa:4d:c4:c1:b7:73:bf:d8:05:56:96:
68:95:9b:66:34:f2:ba:80:cf:74:ee:92:52:2b:aa:
df:a2:8b:0c:ed:20:02:ae:bd:7c:b4:30:1e:c2:62:
b9:df:76:35:50:6d:e7:38:13:3a:32:b1:44:32:6c:
22:32:4b:37:c8:d4:eb:4a:30:01:2a:7d:ca:e0:b4:
30:a2:d1:e9:84:b9:6c:36:de:eb:dd:e3:b6:be:22:
78:5c:24:b5:50:90:09:da:e2:7f:57:cb:69:66:4a:
04:22:bd:18:ec:64:43:70:9d:3b:39:63:68:51:d0:
09:c6:20:7c:7e:c3:f8:89:23:af:1d:d1:f8:5a:c4:
0a:46:09:08:d4:06:66:eb:0f:8e:f1:a9:cf:91:e7:
a2:1f:8a:cc:59:50:e4:65:b8:61:e3:40:3b:5e:fc:
a6:93:d3:41:92:8f:85:2b:8f:1e:1f:24:d6:a7:27:
53:b3:26:29:1d:f1:50:61:86:07:2e:15:95:22:6d:
90:8b:05:9e:80:0f:7e:f6:bf:10:05:97:55:77:82:
a3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C0:3D:9F:1E:34:9C:48:10:05:DA:88:98:7A:B1:C9:29:45:3B:70
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/lsA9nx40nEgQBdqImHqxySlFO3A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:4f:89:23:a0:ea:b7:a6:e0:4a:64:9f:8b:84:64:4e:28:a7:
dd:40:73:31:35:6d:7d:85:5d:77:45:f1:69:9d:c4:88:df:d0:
dc:80:17:ec:af:02:9f:14:a3:9b:24:53:17:50:c1:78:81:5e:
27:9c:f3:62:ab:ae:8a:1b:a4:57:95:e7:23:87:f2:c2:35:9c:
09:93:89:a7:60:01:a2:0f:de:c0:30:22:1c:13:8a:e4:55:cc:
0a:1c:3b:7a:bd:1b:c0:95:bb:e0:e3:ba:ac:b6:4c:f8:64:19:
99:4d:50:ea:18:41:89:63:6b:d2:38:a3:c8:c3:f5:19:50:67:
a8:0a:07:5a:e1:79:6a:a2:ba:cb:e1:33:f5:45:45:f2:4e:d2:
8d:b4:5f:c9:d4:a3:1b:b6:33:f9:21:8f:61:42:27:60:58:f9:
04:c2:35:0f:ed:10:04:5e:34:c7:b2:a3:be:10:d7:2e:5f:53:
75:ee:3d:4f:a3:9e:c2:96:56:b5:eb:89:3d:9e:1f:e0:4e:24:
43:bf:67:c9:70:02:c1:ce:1f:16:d9:5b:27:8c:9a:40:7b:d1:
26:8c:85:ce:d9:ab:46:8f:13:a6:05:f4:ef:bc:98:13:49:31:
3a:a7:c9:7b:78:a0:87:da:f4:87:b4:7b:40:6a:a0:26:84:54:
fa:3e:ef:a9
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDcIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDkw
NTU1NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk2QzAzRDlGMUUzNDlD
NDgxMDA1REE4ODk4N0FCMUM5Mjk0NTNCNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkorO8N/48olenn/WbeFbobvOqK447UL0DQ33oTw0jztfsvmCo
dZTgh9qNJ4KJeSKqTcTBt3O/2AVWlmiVm2Y08rqAz3TuklIrqt+iiwztIAKuvXy0
MB7CYrnfdjVQbec4EzoysUQybCIySzfI1OtKMAEqfcrgtDCi0emEuWw23uvd47a+
InhcJLVQkAna4n9Xy2lmSgQivRjsZENwnTs5Y2hR0AnGIHx+w/iJI68d0fhaxApG
CQjUBmbrD47xqc+R56IfisxZUORluGHjQDte/KaT00GSj4Urjx4fJNanJ1OzJikd
8VBhhgcuFZUibZCLBZ6AD372vxAFl1V3gqPTAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUlsA9nx40nEgQBdqImHqxySlFO3AwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2xzQTlueDQwbkVnUUJk
cUltSHF4eVNsRk8zQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHpPiSOg6rem4Epkn4uEZE4o
p91AczE1bX2FXXdF8WmdxIjf0NyAF+yvAp8Uo5skUxdQwXiBXiec82KrroobpFeV
5yOH8sI1nAmTiadgAaIP3sAwIhwTiuRVzAocO3q9G8CVu+Djuqy2TPhkGZlNUOoY
QYlja9I4o8jD9RlQZ6gKB1rheWqiusvhM/VFRfJO0o20X8nUoxu2M/khj2FCJ2BY
+QTCNQ/tEAReNMeyo74Q1y5fU3XuPU+jnsKWVrXriT2eH+BOJEO/Z8lwAsHOHxbZ
WyeMmkB70SaMhc7Zq0aPE6YF9O+8mBNJMTqnyXt4oIfa9Ie0e0BqoCaEVPo+76k=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:25:39 2025 by rpki-client