Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/-NdzSA_CeKbzwUfxPD-Cp3xlqT0.roa
File: -NdzSA_CeKbzwUfxPD-Cp3xlqT0.roa (raw, json)
Hash identifier: shhcQ1KOqodsePLJtJJxXZIzPhE02cW+3GsYk17amCU=
Subject key identifier: F8:D7:73:48:0F:C2:78:A6:F3:C1:47:F1:3C:3F:82:A7:7C:65:A9:3D
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CC2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-NdzSA_CeKbzwUfxPD-Cp3xlqT0.roa
Signing time: Thu 06 Feb 2025 13:55:44 +0000
ROA not before: Thu 06 Feb 2025 13:55:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3266 (0xcc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 13:55:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F8D773480FC278A6F3C147F13C3F82A77C65A93D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e3:bb:26:02:39:07:64:11:2b:84:72:08:a4:
0f:13:49:60:7c:d5:74:70:e5:7e:3a:61:fd:ff:4e:
d4:75:90:43:78:97:1c:5f:55:6d:94:5c:b4:e1:e5:
ab:80:8d:85:8f:da:45:4f:c2:76:ea:fa:52:23:64:
1c:de:c0:c7:57:39:6d:5e:92:40:f6:49:c7:19:78:
ed:a2:13:71:35:56:67:6c:d0:73:d1:b0:37:f4:f6:
fc:37:f4:84:3f:b7:2f:23:85:5f:13:18:1a:6f:04:
41:af:f0:04:f2:60:bb:7d:e9:e4:3b:d9:6e:24:c2:
11:5c:d0:9b:0e:8e:72:24:f7:68:55:33:a3:b1:89:
e6:91:fa:b6:06:de:d7:21:09:12:4b:54:55:31:20:
77:2e:5c:8d:3b:2c:c8:cd:45:45:c2:f4:2d:70:27:
31:32:c1:8b:08:c0:7f:2d:6c:79:05:60:9f:92:dd:
fa:cc:8c:9f:b1:b7:6f:4c:23:96:c3:73:97:57:fb:
f4:03:3b:f6:e0:62:a0:2a:04:f1:62:90:0b:97:e1:
06:63:80:41:58:68:43:ce:40:d9:fe:f4:7c:28:d9:
7e:0b:55:91:08:de:a1:ed:09:4b:3e:36:27:3c:52:
05:f4:f1:d7:dc:af:21:a2:2b:99:79:f8:74:4e:2b:
52:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D7:73:48:0F:C2:78:A6:F3:C1:47:F1:3C:3F:82:A7:7C:65:A9:3D
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-NdzSA_CeKbzwUfxPD-Cp3xlqT0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
78:44:e9:fe:bf:35:23:c8:d5:04:aa:f8:09:00:44:a5:ce:63:
d7:8e:ca:b2:d6:19:ff:aa:45:0c:42:a1:07:11:f1:73:13:0c:
36:dc:da:78:86:cd:94:de:d4:a7:38:36:fc:7a:ce:31:f2:dc:
91:de:2c:e2:a1:ea:10:5e:42:f6:66:b9:33:ad:4e:45:7c:a1:
e6:48:ac:0c:b4:34:8f:0b:44:3d:19:32:40:e9:88:5c:75:d5:
68:d2:bd:92:4e:86:ea:85:05:58:2e:53:6d:9e:b1:ff:13:0b:
28:f6:48:d6:1f:dc:cd:52:f9:a7:6f:1c:26:56:14:8c:0f:de:
b5:a0:b1:42:19:2e:62:ef:13:26:f7:27:24:7b:4b:fe:d3:bb:
c6:9f:9c:42:86:06:f8:e9:35:77:7e:75:0e:ab:73:0f:80:02:
2b:46:8a:0c:ba:61:31:21:6b:d2:cb:4b:00:56:99:6b:e9:e1:
fd:bb:fb:1a:a3:8b:c6:56:8b:d9:20:ab:f0:a5:48:2e:f9:fc:
a8:1f:23:87:dd:37:79:70:53:cb:89:af:15:78:c5:ea:fb:07:
72:16:f3:7c:e3:e0:cb:ea:c4:68:16:6f:98:0d:82:fc:c6:cc:
d1:3e:82:3f:15:32:3d:66:81:81:86:49:5c:20:8b:78:0d:4e:
46:57:ec:e5
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYx
MzU1NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY4RDc3MzQ4MEZDMjc4
QTZGM0MxNDdGMTNDM0Y4MkE3N0M2NUE5M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC447smAjkHZBErhHIIpA8TSWB81XRw5X46Yf3/TtR1kEN4lxxf
VW2UXLTh5auAjYWP2kVPwnbq+lIjZBzewMdXOW1ekkD2SccZeO2iE3E1Vmds0HPR
sDf09vw39IQ/ty8jhV8TGBpvBEGv8ATyYLt96eQ72W4kwhFc0JsOjnIk92hVM6Ox
ieaR+rYG3tchCRJLVFUxIHcuXI07LMjNRUXC9C1wJzEywYsIwH8tbHkFYJ+S3frM
jJ+xt29MI5bDc5dX+/QDO/bgYqAqBPFikAuX4QZjgEFYaEPOQNn+9Hwo2X4LVZEI
3qHtCUs+Nic8UgX08dfcryGiK5l5+HROK1JhAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU+NdzSA/CeKbzwUfxPD+Cp3xlqT0wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLy1OZHpTQV9DZUtiendV
ZnhQRC1DcDN4bHFUMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHhE6f6/NSPI1QSq+AkARKXO
Y9eOyrLWGf+qRQxCoQcR8XMTDDbc2niGzZTe1Kc4Nvx6zjHy3JHeLOKh6hBeQvZm
uTOtTkV8oeZIrAy0NI8LRD0ZMkDpiFx11WjSvZJOhuqFBVguU22esf8TCyj2SNYf
3M1S+advHCZWFIwP3rWgsUIZLmLvEyb3JyR7S/7Tu8afnEKGBvjpNXd+dQ6rcw+A
AitGigy6YTEha9LLSwBWmWvp4f27+xqji8ZWi9kgq/ClSC75/KgfI4fdN3lwU8uJ
rxV4xer7B3IW83zj4MvqxGgWb5gNgvzGzNE+gj8VMj1mgYGGSVwgi3gNTkZX7OU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:26 2025 by rpki-client