Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/uZZxj4UYb7UIGB7MQ9KRrOtuD8M.roa
File: uZZxj4UYb7UIGB7MQ9KRrOtuD8M.roa (raw, json)
Hash identifier: nsiuyUJFIz11hqIJ45q1bzwieYjQPQ8wlgoWtVP0ovQ=
Subject key identifier: B9:96:71:8F:85:18:6F:B5:08:18:1E:CC:43:D2:91:AC:EB:6E:0F:C3
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D3E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/uZZxj4UYb7UIGB7MQ9KRrOtuD8M.roa
Signing time: Fri 07 Feb 2025 20:55:51 +0000
ROA not before: Fri 07 Feb 2025 20:55:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3390 (0xd3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 7 20:55:51 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B996718F85186FB508181ECC43D291ACEB6E0FC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:67:1f:7d:4a:d5:30:c5:d4:99:ee:bc:79:08:
ca:64:e5:7f:58:a7:43:f2:0a:e1:76:e1:ff:b6:d6:
fe:55:ad:78:c7:38:63:7a:03:0c:8a:78:22:2a:ed:
a0:07:08:9e:ff:e4:ab:b9:28:68:73:b7:47:6e:b8:
ca:b1:3b:af:f2:0e:2c:e9:d7:df:d4:1e:b8:21:5c:
0e:f1:8c:0c:d1:6a:aa:9e:30:b0:d7:2e:3d:25:8c:
24:ba:11:25:db:1e:f4:89:e7:c4:14:56:78:f4:68:
9e:78:70:9e:c8:5b:f3:a1:1d:4b:84:33:95:59:ca:
3d:64:7c:f4:5e:e1:c5:04:36:46:14:27:36:67:c4:
c5:74:16:42:17:60:d6:77:0d:99:d4:36:da:ed:5a:
2e:72:94:2d:74:5b:52:b6:54:72:3a:90:b8:02:0f:
0a:c7:ba:30:92:0e:fa:00:13:e3:75:f6:fc:aa:fd:
f4:d4:c5:f9:27:78:ea:b0:cf:c3:93:65:9d:80:a1:
07:84:96:ee:fb:38:ff:3e:bc:75:f8:1d:95:36:f8:
d4:e2:7c:54:26:1f:43:02:b6:fc:ba:ec:cb:d4:ec:
3d:35:b1:a4:bb:98:a9:f7:ec:55:65:ca:f9:ad:be:
73:c0:2b:91:b6:93:e8:90:11:cd:9f:da:de:d4:d4:
6b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:96:71:8F:85:18:6F:B5:08:18:1E:CC:43:D2:91:AC:EB:6E:0F:C3
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/uZZxj4UYb7UIGB7MQ9KRrOtuD8M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
08:45:fb:dd:5a:64:e1:9c:c7:3d:2d:d3:12:15:d5:9f:5c:87:
31:c7:63:6a:17:54:33:fe:19:49:c0:42:72:d1:33:13:3a:bf:
31:62:8f:9c:0c:1a:b7:50:4a:a4:2d:12:d8:28:50:43:85:e6:
05:ce:cd:c0:64:26:f7:cb:e8:12:a4:a8:8f:e9:95:c2:ea:61:
7f:b3:23:76:51:18:ec:76:14:bb:ec:6b:6e:e5:7a:45:db:b1:
bc:d6:b7:06:49:31:87:58:d8:c7:54:05:63:63:1e:68:27:80:
08:b5:d7:21:c5:cb:32:09:c6:2a:18:16:37:45:4b:97:a1:71:
fa:d9:4d:e1:3c:e3:b2:b5:44:7a:2e:43:7f:02:12:dc:07:db:
73:50:c0:7b:80:f7:de:0b:9d:61:cf:df:ed:61:83:d4:68:2a:
67:61:b9:be:ba:5e:07:3f:25:cc:21:dc:e5:17:31:11:c6:48:
34:fd:99:c4:cf:7b:7c:a6:e4:00:53:1b:f5:f2:65:c0:7d:7e:
eb:bd:5b:5c:22:68:82:ab:cd:e8:a2:c3:ee:08:b9:98:0b:26:
ab:2b:f7:7a:72:79:de:f1:d8:f2:3b:de:34:f6:54:4e:ef:c8:
f2:58:81:2c:8b:af:9e:f4:5a:a4:49:77:e1:60:62:06:76:43:
51:5b:d3:e8
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDT4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDcy
MDU1NTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI5OTY3MThGODUxODZG
QjUwODE4MUVDQzQzRDI5MUFDRUI2RTBGQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQZx99StUwxdSZ7rx5CMpk5X9Yp0PyCuF24f+21v5VrXjHOGN6
AwyKeCIq7aAHCJ7/5Ku5KGhzt0duuMqxO6/yDizp19/UHrghXA7xjAzRaqqeMLDX
Lj0ljCS6ESXbHvSJ58QUVnj0aJ54cJ7IW/OhHUuEM5VZyj1kfPRe4cUENkYUJzZn
xMV0FkIXYNZ3DZnUNtrtWi5ylC10W1K2VHI6kLgCDwrHujCSDvoAE+N19vyq/fTU
xfkneOqwz8OTZZ2AoQeElu77OP8+vHX4HZU2+NTifFQmH0MCtvy67MvU7D01saS7
mKn37FVlyvmtvnPAK5G2k+iQEc2f2t7U1Gv3AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUuZZxj4UYb7UIGB7MQ9KRrOtuD8MwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3VaWnhqNFVZYjdVSUdC
N01ROUtSck90dUQ4TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAAhF+91aZOGcxz0t0xIV1Z9c
hzHHY2oXVDP+GUnAQnLRMxM6vzFij5wMGrdQSqQtEtgoUEOF5gXOzcBkJvfL6BKk
qI/plcLqYX+zI3ZRGOx2FLvsa27lekXbsbzWtwZJMYdY2MdUBWNjHmgngAi11yHF
yzIJxioYFjdFS5ehcfrZTeE847K1RHouQ38CEtwH23NQwHuA994LnWHP3+1hg9Ro
Kmdhub66Xgc/Jcwh3OUXMRHGSDT9mcTPe3ym5ABTG/XyZcB9fuu9W1wiaIKrzeii
w+4IuZgLJqsr93pyed7x2PI73jT2VE7vyPJYgSyLr570WqRJd+FgYgZ2Q1Fb0+g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:14:49 2025 by rpki-client