Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/1APFvoR89ZzFUSJHiylNWD4j9fE.roa
File: 1APFvoR89ZzFUSJHiylNWD4j9fE.roa (raw, json)
Hash identifier: Hk78GRSkyvsWXJG0GbgTEP3+vMgjaKKVjagjym+E97Y=
Subject key identifier: D4:03:C5:BE:84:7C:F5:9C:C5:51:22:47:8B:29:4D:58:3E:23:F5:F1
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0C86
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/1APFvoR89ZzFUSJHiylNWD4j9fE.roa
Signing time: Wed 05 Feb 2025 22:55:44 +0000
ROA not before: Wed 05 Feb 2025 22:55:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3206 (0xc86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 5 22:55:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D403C5BE847CF59CC55122478B294D583E23F5F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:25:80:0e:f1:ca:1f:47:2f:b8:17:da:3a:01:
e7:42:b9:f1:d8:c2:3d:6c:1c:db:59:cc:0d:c2:db:
38:02:51:69:eb:05:15:54:82:9b:52:fd:ba:38:8e:
55:23:df:7d:cf:74:15:df:b3:0e:21:b0:84:b9:4a:
3d:f4:00:08:b2:c0:a5:22:ef:8a:1f:de:c5:45:a6:
31:e4:6b:61:37:51:9d:8a:ce:a0:45:ed:4e:69:ed:
fb:d6:34:cb:99:ce:c9:18:57:18:dc:b1:36:b6:cd:
14:9b:58:23:d3:d8:6f:09:ec:8f:a7:53:12:8c:f5:
5e:63:c2:14:80:ff:28:bb:5c:71:83:df:c8:02:4a:
62:e4:9c:d2:79:c4:b1:7a:db:a8:97:af:9b:87:35:
7e:55:19:33:e1:f9:67:01:40:79:28:70:c5:83:f9:
88:79:b1:ac:5d:37:4b:2e:01:26:4d:06:7e:2d:38:
b1:1b:f6:d2:7f:91:ce:3c:45:b4:47:94:7c:2f:44:
e1:0d:92:c0:bf:b4:30:e9:db:a0:08:41:2d:9f:b5:
00:c2:3f:7f:f6:1a:64:39:26:f0:04:8b:07:e7:9a:
79:50:8d:b1:8d:37:25:3d:18:8b:fe:69:ff:39:a4:
08:13:f1:a2:43:fc:8b:a0:60:0f:ce:46:f1:8d:54:
dc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:03:C5:BE:84:7C:F5:9C:C5:51:22:47:8B:29:4D:58:3E:23:F5:F1
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/1APFvoR89ZzFUSJHiylNWD4j9fE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:aa:fa:99:57:42:55:15:6c:21:5f:7d:3d:0b:c3:8b:ba:61:
45:5e:1b:8e:42:74:39:2e:8a:eb:e5:61:47:8d:65:b0:b4:ed:
0e:6e:ca:69:80:ab:97:8a:f2:32:99:90:f6:2e:04:26:40:96:
0a:f6:58:02:6d:54:62:85:22:32:f8:bd:fe:83:21:f9:67:5c:
10:79:d9:9d:ed:26:50:ee:7c:84:22:53:7e:66:c5:22:23:88:
9a:d8:9e:23:40:23:c9:07:12:3c:ca:18:0c:24:8b:8f:a3:78:
ea:3b:65:1e:a6:b7:db:c7:42:05:ab:04:e3:59:e5:66:72:dc:
71:bb:51:75:99:7d:eb:74:a7:d8:48:56:76:ca:31:19:b9:33:
fc:d5:af:4d:44:3b:e4:2d:57:80:4e:2b:86:7c:11:7b:78:0e:
cb:fc:99:7c:44:20:43:59:7f:14:9d:8b:35:be:97:b1:2b:55:
51:1d:8f:c9:58:d7:72:e9:ce:20:77:13:3b:0e:3d:45:87:3d:
e9:46:c3:8a:7e:7f:08:42:62:46:16:60:86:b7:3e:89:25:6e:
6d:c5:c3:9f:84:6b:65:e4:8c:42:8b:09:0b:4a:92:88:25:7c:
54:20:48:8b:fe:62:1f:e6:3f:a4:10:c3:17:89:23:8f:ac:82:
ec:53:d1:9c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDUy
MjU1NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ0MDNDNUJFODQ3Q0Y1
OUNDNTUxMjI0NzhCMjk0RDU4M0UyM0Y1RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+JYAO8cofRy+4F9o6AedCufHYwj1sHNtZzA3C2zgCUWnrBRVU
gptS/bo4jlUj333PdBXfsw4hsIS5Sj30AAiywKUi74of3sVFpjHka2E3UZ2KzqBF
7U5p7fvWNMuZzskYVxjcsTa2zRSbWCPT2G8J7I+nUxKM9V5jwhSA/yi7XHGD38gC
SmLknNJ5xLF626iXr5uHNX5VGTPh+WcBQHkocMWD+Yh5saxdN0suASZNBn4tOLEb
9tJ/kc48RbRHlHwvROENksC/tDDp26AIQS2ftQDCP3/2GmQ5JvAEiwfnmnlQjbGN
NyU9GIv+af85pAgT8aJD/IugYA/ORvGNVNydAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU1APFvoR89ZzFUSJHiylNWD4j9fEwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzFBUEZ2b1I4OVp6RlVT
SkhpeWxOV0Q0ajlmRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAB2q+plXQlUVbCFffT0Lw4u6
YUVeG45CdDkuiuvlYUeNZbC07Q5uymmAq5eK8jKZkPYuBCZAlgr2WAJtVGKFIjL4
vf6DIflnXBB52Z3tJlDufIQiU35mxSIjiJrYniNAI8kHEjzKGAwki4+jeOo7ZR6m
t9vHQgWrBONZ5WZy3HG7UXWZfet0p9hIVnbKMRm5M/zVr01EO+QtV4BOK4Z8EXt4
Dsv8mXxEIENZfxSdizW+l7ErVVEdj8lY13LpziB3EzsOPUWHPelGw4p+fwhCYkYW
YIa3Poklbm3Fw5+Ea2XkjEKLCQtKkoglfFQgSIv+Yh/mP6QQwxeJI4+sguxT0Zw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:57 2025 by rpki-client