Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/3a1furlTaA4NzIX5smoemy50dkU.roa
File: 3a1furlTaA4NzIX5smoemy50dkU.roa (raw, json)
Hash identifier: kNTYjXAYIlAY9qVZ6VlUwikgZG+C2OIzl3z09DauacA=
Subject key identifier: DD:AD:5F:BA:B9:53:68:0E:0D:CC:85:F9:B2:6A:1E:9B:2E:74:76:45
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07A4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3a1furlTaA4NzIX5smoemy50dkU.roa
Signing time: Thu 23 Jan 2025 22:25:46 +0000
ROA not before: Thu 23 Jan 2025 22:25:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1956 (0x7a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 23 22:25:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DDAD5FBAB953680E0DCC85F9B26A1E9B2E747645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:3f:fc:79:80:15:9d:33:63:6c:7e:42:4e:
28:23:6f:2d:db:0a:d8:64:f6:fa:1a:5d:79:3d:cc:
71:0a:24:e3:95:91:a5:2f:03:fd:6d:d6:38:b4:34:
a3:80:2f:33:ae:2e:26:e0:9e:26:e0:30:ed:d6:e6:
eb:d7:38:eb:e3:8f:e1:33:be:f7:a4:d5:15:ea:57:
10:91:91:13:f1:a4:9b:ee:8b:87:a1:e3:40:76:5c:
d0:6f:fb:fb:9a:30:ed:e5:d1:e6:79:f7:81:c0:20:
68:fe:d7:2c:ce:8d:ce:20:45:38:26:52:90:32:2d:
5d:5a:d2:c7:71:e2:ff:47:44:fb:e1:eb:18:dc:2a:
e4:93:74:e5:83:db:5c:fe:9d:a2:ba:f7:55:96:1e:
9a:36:e9:74:76:f0:6f:66:57:a9:38:e0:69:c4:0a:
10:fc:4e:20:fc:7c:27:69:05:76:3f:aa:1f:41:80:
2f:d2:b0:93:2b:8d:36:6f:b6:f8:7d:15:30:74:6e:
14:ed:61:65:bf:f3:69:96:76:eb:42:34:9a:5b:41:
ee:10:b8:69:d6:1e:fa:fc:84:fa:57:b7:f5:dc:82:
f0:f9:4d:c3:bc:f2:43:54:b1:47:31:37:53:45:37:
99:ab:77:02:07:43:d6:36:37:ea:44:c6:7e:ad:b7:
7c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AD:5F:BA:B9:53:68:0E:0D:CC:85:F9:B2:6A:1E:9B:2E:74:76:45
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3a1furlTaA4NzIX5smoemy50dkU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:56:75:eb:b9:2d:a1:94:6d:a8:83:83:5e:aa:3b:cf:71:14:
00:12:84:2d:3c:46:89:5d:fd:7f:58:d0:b1:95:a4:7a:dd:fd:
f8:4e:ad:30:4c:13:a9:df:bd:4e:a7:bb:f1:f0:f3:83:43:a6:
b1:c1:54:5d:da:09:7d:af:97:41:98:d6:7c:cc:b9:0a:8e:31:
d5:c8:4f:9b:ef:3e:55:4d:90:17:f9:6a:01:05:1a:e6:ec:69:
ba:ac:b2:62:30:f9:8c:2c:52:b2:fa:e3:c5:ed:5c:a5:71:f1:
4e:3d:d4:2f:45:7a:6e:73:a5:22:be:66:2c:f2:5f:90:50:0e:
c9:7a:18:f2:ae:df:21:35:91:8f:49:d6:9d:56:da:a5:cf:92:
26:f4:46:a9:55:f6:d5:ae:af:11:2a:35:3a:a5:3b:0c:06:c9:
47:30:68:24:a6:09:d5:6e:bd:c0:d9:b8:4d:dc:26:44:2c:29:
16:d1:c7:ad:45:83:cd:b8:94:d9:bf:0e:ff:ef:04:65:98:46:
41:12:03:48:3f:8d:5b:c6:c4:f5:da:7c:7c:dd:6f:bd:8d:9a:
e2:33:d6:ac:89:91:20:c0:55:15:9a:e7:37:88:80:b9:17:bc:
a3:11:de:ba:01:65:c7:6b:96:2b:51:1d:55:ae:a3:39:3b:63:
39:3c:57:9c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB6QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjMy
MjI1NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEREQUQ1RkJBQjk1MzY4
MEUwRENDODVGOUIyNkExRTlCMkU3NDc2NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo6D/8eYAVnTNjbH5CTigjby3bCthk9voaXXk9zHEKJOOVkaUv
A/1t1ji0NKOALzOuLibgnibgMO3W5uvXOOvjj+Ezvvek1RXqVxCRkRPxpJvui4eh
40B2XNBv+/uaMO3l0eZ594HAIGj+1yzOjc4gRTgmUpAyLV1a0sdx4v9HRPvh6xjc
KuSTdOWD21z+naK691WWHpo26XR28G9mV6k44GnEChD8TiD8fCdpBXY/qh9BgC/S
sJMrjTZvtvh9FTB0bhTtYWW/82mWdutCNJpbQe4QuGnWHvr8hPpXt/XcgvD5TcO8
8kNUsUcxN1NFN5mrdwIHQ9Y2N+pExn6tt3z7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU3a1furlTaA4NzIX5smoemy50dkUwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzNhMWZ1cmxUYUE0TnpJ
WDVzbW9lbXk1MGRrVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGpWdeu5LaGUbaiDg16qO89x
FAAShC08Rold/X9Y0LGVpHrd/fhOrTBME6nfvU6nu/Hw84NDprHBVF3aCX2vl0GY
1nzMuQqOMdXIT5vvPlVNkBf5agEFGubsabqssmIw+YwsUrL648XtXKVx8U491C9F
em5zpSK+ZizyX5BQDsl6GPKu3yE1kY9J1p1W2qXPkib0RqlV9tWurxEqNTqlOwwG
yUcwaCSmCdVuvcDZuE3cJkQsKRbRx61Fg824lNm/Dv/vBGWYRkESA0g/jVvGxPXa
fHzdb72NmuIz1qyJkSDAVRWa5zeIgLkXvKMR3roBZcdrlitRHVWuozk7Yzk8V5w=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:03 2025 by rpki-client