Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/-oL7IK352htIOn7unS5DtVU1igc.roa
File: -oL7IK352htIOn7unS5DtVU1igc.roa (raw, json)
Hash identifier: ChyVPL2T0zQ4JU79hdqSkbkAwjvhL06JF3P84uhc3TA=
Subject key identifier: FA:82:FB:20:AD:F9:DA:1B:48:3A:7E:EE:9D:2E:43:B5:55:35:8A:07
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07FA
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-oL7IK352htIOn7unS5DtVU1igc.roa
Signing time: Fri 24 Jan 2025 19:56:02 +0000
ROA not before: Fri 24 Jan 2025 19:56:02 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2042 (0x7fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 19:56:02 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FA82FB20ADF9DA1B483A7EEE9D2E43B555358A07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c5:fd:9f:4c:d9:04:dd:0d:73:18:d1:fd:88:
bb:70:59:d1:5d:f5:44:9e:59:b4:27:fd:a1:d5:62:
e2:3d:48:99:a4:22:82:d8:57:a2:ab:b2:33:92:1b:
18:de:2e:12:86:3d:5c:7d:1b:03:9e:73:15:88:a8:
6a:e8:06:47:d5:cf:2b:04:59:fa:e4:6e:0a:3c:0f:
52:33:2f:56:85:7b:b9:e9:64:9a:9f:8a:0e:a5:d0:
fa:ed:b5:ba:c8:70:24:fb:a8:14:a2:5b:ab:a5:82:
20:b9:d4:ed:9e:d5:b3:5f:29:58:f1:9b:9f:3f:2d:
e3:c0:78:37:fc:dd:e6:1e:9f:99:a2:e7:38:6c:3d:
a3:07:e3:3b:cb:84:8f:8e:d5:74:8d:96:a7:fe:39:
11:6d:e2:72:86:c1:84:4b:49:50:11:03:74:fb:d5:
e6:f4:4b:99:86:8d:35:e1:bb:c4:a9:6f:76:6f:97:
47:a9:d8:40:07:ac:34:d0:8b:10:d8:da:fb:17:67:
9c:46:09:a2:be:47:65:66:9e:ef:ba:db:fe:b7:d0:
de:ce:d3:c5:77:f5:c8:84:59:f9:3e:4c:53:b5:bc:
63:01:ea:08:83:c8:42:b9:4f:e0:c0:ae:19:e3:91:
2c:42:71:7c:cf:e1:16:32:0e:16:67:c1:37:76:cc:
17:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:82:FB:20:AD:F9:DA:1B:48:3A:7E:EE:9D:2E:43:B5:55:35:8A:07
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-oL7IK352htIOn7unS5DtVU1igc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
26:7b:cc:cb:45:58:49:16:83:fc:9c:8c:8d:5b:52:36:23:55:
58:c4:f0:00:82:c9:ba:30:a9:e1:2c:88:2b:71:a1:d9:e0:74:
91:de:cf:f6:e5:5d:df:0f:a2:59:19:cd:39:13:45:57:ea:25:
46:cf:dd:ea:e6:df:e7:7a:23:11:df:17:74:75:3d:83:6c:74:
c2:fe:9f:ef:6f:c5:6d:b0:fa:e3:66:a7:6a:02:97:ad:b3:98:
3d:0e:3c:bb:df:77:b2:4d:8c:1b:b3:cc:e6:c4:f3:ce:78:61:
35:e4:c8:7f:16:92:6f:3a:88:0e:db:29:0e:92:c0:fe:3e:ad:
14:de:66:7b:4e:28:2b:90:fa:cf:f3:56:2e:ef:bb:01:fe:31:
c2:ef:7b:4f:24:63:f2:58:cb:c1:67:f9:5c:6d:f7:65:f0:fa:
1e:c3:08:96:be:12:16:1a:e4:53:2e:ce:38:1a:93:70:f7:dc:
54:5b:94:42:73:55:9c:5b:c2:e7:c8:b0:50:56:87:d9:fc:81:
95:77:a8:f4:58:6d:41:5b:49:b1:ea:ac:09:3a:f2:2f:7a:d2:
bc:5a:8f:8c:b7:70:86:a5:29:9c:40:fc:fc:0a:b5:aa:e8:5f:
ab:c1:0e:27:96:55:14:f7:30:60:cd:30:9b:8b:92:1d:92:31:
cd:ce:59:27
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQx
OTU2MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZBODJGQjIwQURGOURB
MUI0ODNBN0VFRTlEMkU0M0I1NTUzNThBMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpxf2fTNkE3Q1zGNH9iLtwWdFd9USeWbQn/aHVYuI9SJmkIoLY
V6KrsjOSGxjeLhKGPVx9GwOecxWIqGroBkfVzysEWfrkbgo8D1IzL1aFe7npZJqf
ig6l0PrttbrIcCT7qBSiW6ulgiC51O2e1bNfKVjxm58/LePAeDf83eYen5mi5zhs
PaMH4zvLhI+O1XSNlqf+ORFt4nKGwYRLSVARA3T71eb0S5mGjTXhu8Spb3Zvl0ep
2EAHrDTQixDY2vsXZ5xGCaK+R2Vmnu+62/630N7O08V39ciEWfk+TFO1vGMB6giD
yEK5T+DArhnjkSxCcXzP4RYyDhZnwTd2zBelAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU+oL7IK352htIOn7unS5DtVU1igcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLy1vTDdJSzM1Mmh0SU9u
N3VuUzVEdFZVMWlnYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBACZ7zMtFWEkWg/ycjI1bUjYj
VVjE8ACCybowqeEsiCtxodngdJHez/blXd8PolkZzTkTRVfqJUbP3erm3+d6IxHf
F3R1PYNsdML+n+9vxW2w+uNmp2oCl62zmD0OPLvfd7JNjBuzzObE8854YTXkyH8W
km86iA7bKQ6SwP4+rRTeZntOKCuQ+s/zVi7vuwH+McLve08kY/JYy8Fn+Vxt92Xw
+h7DCJa+EhYa5FMuzjgak3D33FRblEJzVZxbwufIsFBWh9n8gZV3qPRYbUFbSbHq
rAk68i960rxaj4y3cIalKZxA/PwKtaroX6vBDieWVRT3MGDNMJuLkh2SMc3OWSc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:29 2025 by rpki-client