Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/2bORAN9rsZR5yUa2PXbzMes-v94.roa
File: 2bORAN9rsZR5yUa2PXbzMes-v94.roa (raw, json)
Hash identifier: nykpjmzXNsU/bl/36s3LgURtxtNK6Ka7DCdlJ1gEZxE=
Subject key identifier: D9:B3:91:00:DF:6B:B1:94:79:C9:46:B6:3D:76:F3:31:EB:3E:BF:DE
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B50
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2bORAN9rsZR5yUa2PXbzMes-v94.roa
Signing time: Sun 02 Feb 2025 17:25:35 +0000
ROA not before: Sun 02 Feb 2025 17:25:35 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2896 (0xb50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 17:25:35 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D9B39100DF6BB19479C946B63D76F331EB3EBFDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e4:c4:5e:d4:3d:cf:43:d9:c7:54:ac:20:38:
e8:a5:93:7a:64:84:a6:a4:01:84:5c:46:d3:0d:0d:
bc:bd:e9:58:ca:5d:cb:a4:8f:73:d3:5a:50:fc:04:
3e:39:c6:b6:07:8b:42:60:37:3e:f2:7c:21:a8:cb:
a9:10:da:5a:47:35:a5:4e:fb:78:f8:63:c3:00:47:
1b:1d:98:cc:a7:32:e0:e7:12:8f:aa:80:67:13:b1:
be:42:66:76:b0:b5:1f:0b:78:60:85:51:70:d9:a2:
99:59:cd:32:ac:8a:2f:65:60:78:27:35:b3:aa:22:
cf:64:10:7e:35:ae:92:10:39:65:d2:dc:b5:fc:a2:
dc:a3:69:85:9c:9e:a6:65:4f:ad:bf:f5:1a:47:25:
81:f7:79:8a:38:87:e5:bd:02:cc:c9:49:e8:a2:05:
27:31:43:15:6f:60:34:a6:67:fd:6a:71:c6:27:65:
b9:f7:75:63:99:e9:cb:0f:45:68:bf:f1:4d:bc:d5:
a1:cd:a0:09:7b:d0:c0:2e:48:93:9e:96:bf:b9:db:
1b:b4:e3:73:06:a8:21:00:c0:a5:51:d8:9d:57:12:
a7:c3:2f:73:44:db:5d:0c:d1:9e:bd:17:cd:5d:03:
fc:e0:9f:a7:5c:c0:3b:12:2c:6d:4f:61:bc:a2:bc:
9f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B3:91:00:DF:6B:B1:94:79:C9:46:B6:3D:76:F3:31:EB:3E:BF:DE
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2bORAN9rsZR5yUa2PXbzMes-v94.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
4a:93:9d:6e:f7:40:02:89:37:42:4f:fc:d4:54:a7:02:99:a0:
11:77:04:a2:fd:86:3c:4a:31:f3:d7:19:ef:d9:64:f9:0b:55:
f4:ad:2b:29:04:c6:a9:b3:16:28:34:21:d4:5b:72:a2:98:48:
20:07:f2:72:8a:0b:1c:eb:92:20:69:78:93:8c:bf:38:45:7c:
6e:d7:97:3f:c2:70:75:44:fb:59:5f:24:09:ae:dd:7b:29:ee:
f7:d5:d3:7b:b6:d9:f9:81:22:f7:ef:83:9c:b2:2b:2a:a4:12:
66:fa:0b:b6:c6:51:59:85:33:3f:8b:4f:cf:a1:c7:69:d0:f5:
25:61:1b:4b:10:6b:6f:ab:45:bd:4f:83:67:79:2b:fb:9a:f8:
b8:c9:f0:61:d8:ae:d1:a4:57:48:f0:e7:fb:c1:c7:ae:d1:93:
b2:58:41:c9:62:e5:20:73:f2:5d:03:c0:72:f0:d4:2c:23:32:
59:e0:f4:1c:be:5b:f9:ab:de:9d:26:4f:43:f0:9f:7b:8e:9d:
69:75:29:0f:21:31:be:19:4f:4f:1b:63:d9:0a:5b:64:6e:2f:
5a:c8:ae:16:ef:c8:20:5f:87:3c:1b:dc:e7:e5:85:48:66:47:
8a:c8:5d:10:63:67:f7:5e:2e:c8:50:49:99:30:c6:ea:54:40:
05:b4:63:0d
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC1AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIx
NzI1MzVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ5QjM5MTAwREY2QkIx
OTQ3OUM5NDZCNjNENzZGMzMxRUIzRUJGREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR5MRe1D3PQ9nHVKwgOOilk3pkhKakAYRcRtMNDby96VjKXcuk
j3PTWlD8BD45xrYHi0JgNz7yfCGoy6kQ2lpHNaVO+3j4Y8MARxsdmMynMuDnEo+q
gGcTsb5CZnawtR8LeGCFUXDZoplZzTKsii9lYHgnNbOqIs9kEH41rpIQOWXS3LX8
otyjaYWcnqZlT62/9RpHJYH3eYo4h+W9AszJSeiiBScxQxVvYDSmZ/1qccYnZbn3
dWOZ6csPRWi/8U281aHNoAl70MAuSJOelr+52xu043MGqCEAwKVR2J1XEqfDL3NE
210M0Z69F81dA/zgn6dcwDsSLG1PYbyivJ+tAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU2bORAN9rsZR5yUa2PXbzMes+v94wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzJiT1JBTjlyc1pSNXlV
YTJQWGJ6TWVzLXY5NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAEqTnW73QAKJN0JP/NRUpwKZ
oBF3BKL9hjxKMfPXGe/ZZPkLVfStKykExqmzFig0IdRbcqKYSCAH8nKKCxzrkiBp
eJOMvzhFfG7Xlz/CcHVE+1lfJAmu3Xsp7vfV03u22fmBIvfvg5yyKyqkEmb6C7bG
UVmFMz+LT8+hx2nQ9SVhG0sQa2+rRb1Pg2d5K/ua+LjJ8GHYrtGkV0jw5/vBx67R
k7JYQcli5SBz8l0DwHLw1CwjMlng9By+W/mr3p0mT0Pwn3uOnWl1KQ8hMb4ZT08b
Y9kKW2RuL1rIrhbvyCBfhzwb3OflhUhmR4rIXRBjZ/deLshQSZkwxupUQAW0Yw0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:46 2025 by rpki-client