Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/4J-yBPV18-nmzlDHanDPBr7Jxu4.roa
File: 4J-yBPV18-nmzlDHanDPBr7Jxu4.roa (raw, json)
Hash identifier: AQpmHt+/fP9dnZeHPrbCw5ffHFC5/Jce5/yjYV22dH4=
Subject key identifier: E0:9F:B2:04:F5:75:F3:E9:E6:CE:50:C7:6A:70:CF:06:BE:C9:C6:EE
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B40
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/4J-yBPV18-nmzlDHanDPBr7Jxu4.roa
Signing time: Sun 02 Feb 2025 13:25:34 +0000
ROA not before: Sun 02 Feb 2025 13:25:34 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2880 (0xb40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 13:25:34 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E09FB204F575F3E9E6CE50C76A70CF06BEC9C6EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c6:a5:4d:73:2e:a8:80:74:83:02:12:29:60:
84:32:86:9f:6d:d5:07:8a:ff:30:5f:46:1e:77:27:
de:5d:f9:23:00:ee:f6:4c:9b:68:f7:f0:af:49:57:
34:fb:7e:f4:3c:2b:61:53:fc:92:41:5b:e2:2b:bd:
46:ac:01:2b:44:b9:2b:51:1f:b0:87:a1:2e:1b:af:
6b:7d:2f:41:eb:cd:66:ee:8a:4c:69:64:47:2e:0b:
b6:0b:54:a7:5f:b7:64:7d:3b:09:57:aa:a9:83:8c:
25:8b:6c:66:b6:a6:68:10:a9:5b:48:92:0a:7f:d0:
3a:57:73:66:02:ec:d6:95:a2:6a:45:19:08:86:a1:
67:03:19:6d:bf:1f:fd:2a:32:f8:f7:29:2c:51:20:
17:0a:35:89:a4:da:41:e3:09:6c:9e:27:96:9c:10:
b8:13:c3:60:20:23:a4:18:58:13:d0:ec:95:3f:3e:
05:bb:2b:5e:d6:23:fe:86:37:1d:e3:2c:f6:06:c3:
75:77:1d:58:a9:7c:f0:ca:3a:5e:1a:80:2c:2b:74:
77:a6:fc:2e:f4:5c:4f:aa:ce:cd:b0:70:11:08:6e:
62:d7:2e:2c:0d:93:d8:29:9c:04:86:67:7e:d2:8b:
3b:a8:66:68:c8:99:15:00:56:90:61:75:dd:08:09:
7c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:9F:B2:04:F5:75:F3:E9:E6:CE:50:C7:6A:70:CF:06:BE:C9:C6:EE
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/4J-yBPV18-nmzlDHanDPBr7Jxu4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:29:4a:cd:89:7e:b1:02:2f:0e:e8:4b:0f:77:91:3b:c0:5f:
e6:8a:48:7d:7d:fb:24:36:00:7e:48:dd:85:d4:2f:1e:d7:f0:
31:58:ca:4a:d9:cc:0a:91:42:ca:75:69:d3:d5:7f:27:0e:13:
44:34:7e:bf:30:69:b8:a8:ee:a1:8b:12:b7:a3:48:57:0b:42:
a2:cf:53:c3:0d:fc:8e:df:f2:e2:90:70:55:64:f4:df:f9:b6:
50:a2:08:26:9f:ba:86:00:94:05:dc:43:e9:f1:3e:f4:a6:76:
8b:3b:45:b9:9d:75:f0:60:a4:54:54:b9:64:26:be:c0:df:c6:
15:15:16:0a:1b:9c:47:41:1d:49:80:dd:46:a3:f2:dd:28:87:
69:bf:0f:32:43:3f:6e:0f:c5:dc:02:7b:d5:5d:88:64:02:e0:
3c:d9:10:c2:ab:4b:eb:e7:c9:0d:0e:86:99:fd:fd:fe:2b:af:
64:98:ca:22:e0:2d:28:43:3b:98:d5:e6:d7:27:45:0d:ca:11:
db:87:10:53:8f:9a:70:90:48:04:f9:49:9c:1e:c6:ef:0f:04:
33:9f:a9:ed:9c:dc:de:85:1c:1f:ce:14:0f:51:79:08:5d:2c:
4c:5a:8c:3b:18:65:15:3d:39:f5:73:23:de:0f:53:33:fe:9b:
29:90:9c:f4
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC0AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIx
MzI1MzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUwOUZCMjA0RjU3NUYz
RTlFNkNFNTBDNzZBNzBDRjA2QkVDOUM2RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnxqVNcy6ogHSDAhIpYIQyhp9t1QeK/zBfRh53J95d+SMA7vZM
m2j38K9JVzT7fvQ8K2FT/JJBW+IrvUasAStEuStRH7CHoS4br2t9L0HrzWbuikxp
ZEcuC7YLVKdft2R9OwlXqqmDjCWLbGa2pmgQqVtIkgp/0DpXc2YC7NaVompFGQiG
oWcDGW2/H/0qMvj3KSxRIBcKNYmk2kHjCWyeJ5acELgTw2AgI6QYWBPQ7JU/PgW7
K17WI/6GNx3jLPYGw3V3HVipfPDKOl4agCwrdHem/C70XE+qzs2wcBEIbmLXLiwN
k9gpnASGZ37SizuoZmjImRUAVpBhdd0ICXwHAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU4J+yBPV18+nmzlDHanDPBr7Jxu4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzRKLXlCUFYxOC1ubXps
REhhbkRQQnI3Snh1NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAH8pSs2JfrECLw7oSw93kTvA
X+aKSH19+yQ2AH5I3YXULx7X8DFYykrZzAqRQsp1adPVfycOE0Q0fr8wabio7qGL
ErejSFcLQqLPU8MN/I7f8uKQcFVk9N/5tlCiCCafuoYAlAXcQ+nxPvSmdos7Rbmd
dfBgpFRUuWQmvsDfxhUVFgobnEdBHUmA3Uaj8t0oh2m/DzJDP24PxdwCe9VdiGQC
4DzZEMKrS+vnyQ0Ohpn9/f4rr2SYyiLgLShDO5jV5tcnRQ3KEduHEFOPmnCQSAT5
SZwexu8PBDOfqe2c3N6FHB/OFA9ReQhdLExajDsYZRU9OfVzI94PUzP+mymQnPQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:25 2025 by rpki-client