Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/tKG_fafe1t7x_8TAfWRFdzFvIt8.roa
File: tKG_fafe1t7x_8TAfWRFdzFvIt8.roa (raw, json)
Hash identifier: WObgf3Nr9bIBBsXmt/JQIdytPvZayJDZUW3PD9fC05k=
Subject key identifier: B4:A1:BF:7D:A7:DE:D6:DE:F1:FF:C4:C0:7D:64:45:77:31:6F:22:DF
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0C2C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/tKG_fafe1t7x_8TAfWRFdzFvIt8.roa
Signing time: Wed 05 Feb 2025 00:25:42 +0000
ROA not before: Wed 05 Feb 2025 00:25:42 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3116 (0xc2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 5 00:25:42 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B4A1BF7DA7DED6DEF1FFC4C07D644577316F22DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4c:55:10:d1:d9:36:66:74:77:25:ac:8d:2c:
27:b8:e5:d6:3a:ca:6e:de:8a:9c:0c:21:b1:a9:d4:
28:f5:87:27:be:b9:b3:f6:09:ae:6d:07:b7:79:2c:
a3:43:6c:7b:57:4b:4a:1e:2e:f0:d4:97:02:e7:b1:
b9:fe:e4:04:37:47:66:b7:db:50:7e:a8:e6:ad:fc:
6e:dd:29:82:0f:15:ba:8d:d6:3b:04:09:69:21:cd:
4e:1b:9d:a7:24:04:60:0f:ea:37:21:07:e1:05:b5:
4b:fb:84:36:d2:8e:79:fd:68:64:0d:96:06:ef:cd:
4d:31:d9:32:14:d7:06:86:7f:d3:b0:40:43:7b:a6:
a1:32:6b:18:fb:c3:92:94:6e:3c:63:7b:6b:14:f4:
95:21:4e:5c:e9:aa:6f:39:ef:7d:10:8c:67:2a:03:
15:03:26:d2:d1:11:59:e3:38:37:cb:21:8c:89:fd:
7a:70:90:da:d9:da:1e:0c:0b:c4:62:a7:3e:10:9d:
41:e9:b4:1c:b2:54:e0:3b:08:06:14:fe:43:e2:49:
03:53:09:e7:04:c6:fc:86:38:8b:0f:d7:7b:be:6c:
23:78:15:67:a5:7d:46:56:bd:f5:c3:1f:6b:52:ef:
b8:df:89:52:d1:88:0c:a3:43:24:11:2f:3e:74:1c:
5f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A1:BF:7D:A7:DE:D6:DE:F1:FF:C4:C0:7D:64:45:77:31:6F:22:DF
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/tKG_fafe1t7x_8TAfWRFdzFvIt8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:61:1d:52:3d:4b:75:f1:d4:52:13:af:ec:c1:98:f6:23:da:
6c:f8:f6:d6:bb:fe:63:d8:53:0c:bf:9b:2c:cb:bd:d5:b9:e8:
c6:32:a2:08:40:2e:6e:7a:85:ea:d2:a2:af:ab:cc:2e:5d:81:
3a:71:fe:6a:5b:52:b0:f0:f0:a3:7e:82:7d:5e:31:22:c4:82:
86:b3:94:f4:ce:be:0a:40:b9:33:59:5c:1e:b9:96:22:42:fe:
6b:80:4d:8b:69:5e:48:fb:c9:50:93:b9:61:67:17:b5:8c:09:
38:e7:65:da:02:ae:f7:a8:c3:89:ba:47:6b:fb:70:71:cd:61:
f0:c8:b1:10:cf:af:9d:30:85:d8:9f:84:18:b0:ab:39:48:cf:
cb:c6:c2:8a:78:19:f1:e7:79:3d:72:15:42:ad:c8:1e:77:46:
02:01:c7:48:92:69:cc:50:9b:85:35:d3:44:8a:01:c2:5f:92:
10:f7:f5:0d:1f:4c:5b:fc:e1:2c:6c:bb:18:7a:da:0c:e6:68:
5c:6b:99:80:0e:b1:d5:d2:83:04:c8:ec:58:23:e9:7c:ca:1c:
5e:d9:0f:0a:23:d7:a4:fb:3c:7e:d5:0e:9a:88:3c:04:d1:7c:
3e:a4:6a:04:21:a9:76:67:48:c6:da:30:01:f5:bd:af:14:40:
1a:49:bc:fb
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDCwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDUw
MDI1NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI0QTFCRjdEQTdERUQ2
REVGMUZGQzRDMDdENjQ0NTc3MzE2RjIyREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDATFUQ0dk2ZnR3JayNLCe45dY6ym7eipwMIbGp1Cj1hye+ubP2
Ca5tB7d5LKNDbHtXS0oeLvDUlwLnsbn+5AQ3R2a321B+qOat/G7dKYIPFbqN1jsE
CWkhzU4bnackBGAP6jchB+EFtUv7hDbSjnn9aGQNlgbvzU0x2TIU1waGf9OwQEN7
pqEyaxj7w5KUbjxje2sU9JUhTlzpqm85730QjGcqAxUDJtLREVnjODfLIYyJ/Xpw
kNrZ2h4MC8Ripz4QnUHptByyVOA7CAYU/kPiSQNTCecExvyGOIsP13u+bCN4FWel
fUZWvfXDH2tS77jfiVLRiAyjQyQRLz50HF+TAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUtKG/fafe1t7x/8TAfWRFdzFvIt8wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3RLR19mYWZlMXQ3eF84
VEFmV1JGZHpGdkl0OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKBhHVI9S3Xx1FITr+zBmPYj
2mz49ta7/mPYUwy/myzLvdW56MYyoghALm56herSoq+rzC5dgTpx/mpbUrDw8KN+
gn1eMSLEgoazlPTOvgpAuTNZXB65liJC/muATYtpXkj7yVCTuWFnF7WMCTjnZdoC
rveow4m6R2v7cHHNYfDIsRDPr50whdifhBiwqzlIz8vGwop4GfHneT1yFUKtyB53
RgIBx0iSacxQm4U100SKAcJfkhD39Q0fTFv84Sxsuxh62gzmaFxrmYAOsdXSgwTI
7Fgj6XzKHF7ZDwoj16T7PH7VDpqIPATRfD6kagQhqXZnSMbaMAH1va8UQBpJvPs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:13:04 2025 by rpki-client