Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/rJ8JYitfqp6KRWlLRe-yflKocTY.roa
File: rJ8JYitfqp6KRWlLRe-yflKocTY.roa (raw, json)
Hash identifier: Mv0FpnqP4r83ufMCgmTa4z9xJ9OQCJQzsnc46P5nGtg=
Subject key identifier: AC:9F:09:62:2B:5F:AA:9E:8A:45:69:4B:45:EF:B2:7E:52:A8:71:36
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 062E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/rJ8JYitfqp6KRWlLRe-yflKocTY.roa
Signing time: Mon 20 Jan 2025 00:54:50 +0000
ROA not before: Mon 20 Jan 2025 00:54:50 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1582 (0x62e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 20 00:54:50 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AC9F09622B5FAA9E8A45694B45EFB27E52A87136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:23:b9:5b:5b:6f:c5:ed:7a:3b:75:fc:e7:78:
45:2e:69:d8:2d:5b:0b:c3:c1:64:8b:c0:af:41:28:
cb:b3:87:f4:fc:68:66:9b:e5:46:7e:e5:a0:91:d0:
38:5d:b5:72:ec:49:6d:b4:19:a8:b4:63:53:ca:d1:
09:c9:01:ca:e8:cb:42:05:c5:0a:90:b9:04:65:6b:
94:f0:ee:28:87:0b:1b:15:2f:7a:74:2f:72:cc:0e:
c6:1d:56:7f:00:f4:ab:6b:f2:b0:3e:d7:45:b1:fc:
ad:bf:69:48:e4:7c:8b:40:e1:8f:f0:c8:5e:71:6d:
50:76:91:f1:50:58:04:80:cc:54:30:af:82:da:b8:
3d:d8:03:e4:f7:e8:20:29:45:6c:00:06:c1:90:66:
59:a8:13:5b:c7:8f:52:42:4b:57:8e:d2:6d:49:fc:
d9:ec:fb:35:05:08:01:74:af:23:af:95:67:98:bc:
b4:97:f5:0e:f9:21:2c:7a:f6:58:f6:5f:91:44:13:
2a:73:ab:87:4b:b9:e6:c5:8a:6b:e3:d1:63:e1:b6:
b7:aa:78:a3:e3:f9:e7:39:b1:f8:04:a2:af:d7:e8:
a9:a4:64:96:c9:8f:68:7c:9e:3f:58:ca:f5:4a:4f:
bf:95:77:14:cb:2a:3e:fa:3f:88:a2:fd:03:e4:75:
4f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9F:09:62:2B:5F:AA:9E:8A:45:69:4B:45:EF:B2:7E:52:A8:71:36
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/rJ8JYitfqp6KRWlLRe-yflKocTY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
96:6d:1f:42:3f:60:bc:dd:03:3c:b0:69:c8:79:23:a1:e3:40:
be:cc:53:ae:58:69:01:08:27:24:dd:28:87:e3:14:21:0d:de:
3e:a2:08:32:74:76:4c:d7:ee:0b:d3:e0:f8:18:6c:16:74:30:
8e:eb:55:47:78:db:ed:48:61:69:d0:5a:78:39:cf:f6:83:9d:
9b:4a:bd:80:47:1d:8b:1f:99:6b:43:b4:6e:80:52:4a:db:29:
c7:fe:d8:fe:7f:8c:2a:7d:10:aa:0b:75:e3:8d:d3:9e:1b:84:
c1:2a:bb:6a:15:48:d3:25:29:f2:10:bb:84:ff:9c:97:03:b4:
03:bb:c4:5b:f3:f7:70:35:ac:ac:97:f7:d3:dc:5b:23:b0:55:
74:ea:d0:f6:1e:37:a7:a5:51:55:e5:d7:5c:b4:3e:b3:33:67:
53:f6:e5:1c:8f:9d:88:bb:f7:fe:04:5d:8d:e0:e1:a1:90:4e:
68:73:02:ef:92:1b:fc:3b:cb:7e:01:2c:c9:22:36:df:ed:ce:
b2:15:73:12:e6:11:f7:6f:5e:3c:1a:25:c6:1c:26:5b:db:62:
83:f2:ab:01:b0:08:ed:df:bf:f6:79:36:a3:55:57:02:2a:58:
ca:e5:ef:89:cc:b8:b6:38:db:de:fb:23:ec:18:34:9e:9b:ca:
28:18:e9:bf
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjAw
MDU0NTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFDOUYwOTYyMkI1RkFB
OUU4QTQ1Njk0QjQ1RUZCMjdFNTJBODcxMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVI7lbW2/F7Xo7dfzneEUuadgtWwvDwWSLwK9BKMuzh/T8aGab
5UZ+5aCR0DhdtXLsSW20Gai0Y1PK0QnJAcroy0IFxQqQuQRla5Tw7iiHCxsVL3p0
L3LMDsYdVn8A9Ktr8rA+10Wx/K2/aUjkfItA4Y/wyF5xbVB2kfFQWASAzFQwr4La
uD3YA+T36CApRWwABsGQZlmoE1vHj1JCS1eO0m1J/Nns+zUFCAF0ryOvlWeYvLSX
9Q75ISx69lj2X5FEEypzq4dLuebFimvj0WPhtreqeKPj+ec5sfgEoq/X6KmkZJbJ
j2h8nj9YyvVKT7+VdxTLKj76P4ii/QPkdU9pAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUrJ8JYitfqp6KRWlLRe+yflKocTYwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3JKOEpZaXRmcXA2S1JX
bExSZS15ZmxLb2NUWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAJZtH0I/YLzdAzywach5I6Hj
QL7MU65YaQEIJyTdKIfjFCEN3j6iCDJ0dkzX7gvT4PgYbBZ0MI7rVUd42+1IYWnQ
Wng5z/aDnZtKvYBHHYsfmWtDtG6AUkrbKcf+2P5/jCp9EKoLdeON054bhMEqu2oV
SNMlKfIQu4T/nJcDtAO7xFvz93A1rKyX99PcWyOwVXTq0PYeN6elUVXl11y0PrMz
Z1P25RyPnYi79/4EXY3g4aGQTmhzAu+SG/w7y34BLMkiNt/tzrIVcxLmEfdvXjwa
JcYcJlvbYoPyqwGwCO3fv/Z5NqNVVwIqWMrl74nMuLY42977I+wYNJ6byigY6b8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:12:02 2025 by rpki-client