Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/0S5kM8QOw93iZkOHr960B9tG7AQ.roa
File: 0S5kM8QOw93iZkOHr960B9tG7AQ.roa (raw, json)
Hash identifier: KPmLtrlLkRIccW9+2Rt3k6TBgS9Ae1orfFUDaiKgRiQ=
Subject key identifier: D1:2E:64:33:C4:0E:C3:DD:E2:66:43:87:AF:DE:B4:07:DB:46:EC:04
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BD8
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/0S5kM8QOw93iZkOHr960B9tG7AQ.roa
Signing time: Tue 04 Feb 2025 03:25:42 +0000
ROA not before: Tue 04 Feb 2025 03:25:42 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3032 (0xbd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 4 03:25:42 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D12E6433C40EC3DDE2664387AFDEB407DB46EC04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:63:52:ed:f2:d6:4a:0f:f1:c9:7f:2b:fe:f7:
6e:7f:5d:55:8e:e4:ac:82:1d:9e:66:f9:7b:66:48:
0b:6a:39:4c:5f:f4:2f:aa:85:e6:ed:32:f7:fb:92:
20:ba:24:1d:ed:86:06:7a:1b:ef:39:44:c1:42:46:
39:e9:40:f1:1e:20:e6:07:56:d5:12:34:33:e3:17:
fc:38:fe:04:d2:3e:25:e3:67:59:b5:c9:fb:91:ff:
b5:f9:ec:65:e4:74:d7:9f:42:a6:08:78:61:28:2a:
ac:9d:5d:43:b5:df:ac:5f:f1:ed:9f:f7:7e:d9:5f:
a8:76:53:f6:57:8e:88:40:12:34:79:24:3c:6c:ec:
39:49:1d:68:c0:50:a7:32:60:9b:04:0c:64:36:16:
f9:bd:c7:13:39:72:e7:41:7e:08:7e:85:e0:92:50:
99:ed:df:e9:db:bc:6c:3d:2c:9a:d4:cc:c7:f1:45:
07:b0:97:38:32:59:8a:50:a9:85:76:91:a7:b9:82:
f7:7f:5f:12:95:3b:36:41:95:17:1b:97:8c:a9:3d:
48:9f:89:e6:03:5a:3f:1d:5b:5c:e0:5c:29:1c:36:
3a:d3:cd:a8:0b:ba:ff:99:5e:7f:33:51:d7:a5:92:
fd:09:f2:ca:1d:7a:15:ae:31:20:66:29:f6:f9:b3:
8e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2E:64:33:C4:0E:C3:DD:E2:66:43:87:AF:DE:B4:07:DB:46:EC:04
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/0S5kM8QOw93iZkOHr960B9tG7AQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
08:51:b1:09:86:35:aa:e6:f9:81:8b:2a:b1:e3:4f:0e:2a:b7:
86:95:5a:3e:61:47:5d:a4:f8:9e:4f:4b:88:cb:c5:f0:3c:60:
94:cf:6b:e3:0a:7e:44:51:c8:88:60:1c:d3:65:84:fd:86:37:
9d:0e:21:4e:75:b6:31:fb:e9:3c:c3:4e:06:cc:50:e7:e7:c4:
e8:73:94:0d:31:3a:7b:6d:db:dd:bd:49:ae:f6:36:8d:70:51:
c4:bd:ea:35:d1:f6:18:1f:51:4e:08:b4:e6:81:68:22:48:53:
27:f9:48:b9:78:ed:41:17:2d:bf:25:3f:3e:d7:54:25:e8:f7:
4c:ef:0d:9a:68:bb:29:c3:aa:f2:61:ab:74:17:5d:92:2b:28:
d2:53:16:3b:f4:6f:26:c8:20:fd:b2:2d:f7:50:ea:d1:e1:a7:
f4:66:37:44:93:cb:3e:9a:27:60:82:5d:fe:c6:6f:50:4f:d5:
5a:3c:f0:f5:06:a7:ba:5a:98:cc:23:c9:60:37:34:b5:4a:56:
d3:88:25:82:0b:5f:a3:82:82:1f:90:09:51:79:75:7b:5c:af:
f7:42:f1:66:77:80:76:7d:56:14:8e:15:80:de:b5:18:d8:14:
bd:c5:e3:32:b7:a3:62:5a:b4:fc:28:0b:20:7c:03:f2:3c:bd:
ac:08:2f:08
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDQw
MzI1NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQxMkU2NDMzQzQwRUMz
RERFMjY2NDM4N0FGREVCNDA3REI0NkVDMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqY1Lt8tZKD/HJfyv+925/XVWO5KyCHZ5m+XtmSAtqOUxf9C+q
hebtMvf7kiC6JB3thgZ6G+85RMFCRjnpQPEeIOYHVtUSNDPjF/w4/gTSPiXjZ1m1
yfuR/7X57GXkdNefQqYIeGEoKqydXUO136xf8e2f937ZX6h2U/ZXjohAEjR5JDxs
7DlJHWjAUKcyYJsEDGQ2Fvm9xxM5cudBfgh+heCSUJnt3+nbvGw9LJrUzMfxRQew
lzgyWYpQqYV2kae5gvd/XxKVOzZBlRcbl4ypPUifieYDWj8dW1zgXCkcNjrTzagL
uv+ZXn8zUdelkv0J8sodehWuMSBmKfb5s47HAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU0S5kM8QOw93iZkOHr960B9tG7AQwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzBTNWtNOFFPdzkzaVpr
T0hyOTYwQjl0RzdBUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAAhRsQmGNarm+YGLKrHjTw4q
t4aVWj5hR12k+J5PS4jLxfA8YJTPa+MKfkRRyIhgHNNlhP2GN50OIU51tjH76TzD
TgbMUOfnxOhzlA0xOntt2929Sa72No1wUcS96jXR9hgfUU4ItOaBaCJIUyf5SLl4
7UEXLb8lPz7XVCXo90zvDZpouynDqvJhq3QXXZIrKNJTFjv0bybIIP2yLfdQ6tHh
p/RmN0STyz6aJ2CCXf7Gb1BP1Vo88PUGp7pamMwjyWA3NLVKVtOIJYILX6OCgh+Q
CVF5dXtcr/dC8WZ3gHZ9VhSOFYDetRjYFL3F4zK3o2JatPwoCyB8A/I8vawILwg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:26 2025 by rpki-client