Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/4kvagPQld4K5GP0nBXwOQLQq318.roa
File: 4kvagPQld4K5GP0nBXwOQLQq318.roa (raw, json)
Hash identifier: +CLzOsoWcD/sHT9KV0H33GGo+njYjdrewZFiBhXqr/c=
Subject key identifier: E2:4B:DA:80:F4:25:77:82:B9:18:FD:27:05:7C:0E:40:B4:2A:DF:5F
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D30
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/4kvagPQld4K5GP0nBXwOQLQq318.roa
Signing time: Fri 07 Feb 2025 17:25:48 +0000
ROA not before: Fri 07 Feb 2025 17:25:48 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3376 (0xd30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 7 17:25:48 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E24BDA80F4257782B918FD27057C0E40B42ADF5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:78:b8:48:29:a9:48:e1:86:fb:b8:27:dc:1c:
d3:f1:de:93:0f:b3:63:82:da:41:87:99:f5:3a:6f:
e6:12:8e:36:08:e9:2f:92:21:36:2e:7c:8d:ea:81:
d7:9f:28:63:f4:3c:05:f7:38:f9:56:1c:0b:21:9f:
9e:f1:06:35:25:60:19:47:55:9a:39:60:78:b9:b6:
c4:ad:2f:40:b8:5d:ea:6c:ba:69:7e:2b:25:c9:16:
ba:5f:f3:7a:62:26:e3:3d:f9:5f:d8:9b:e7:79:ec:
9c:e2:fc:87:b1:62:bb:25:ee:b2:03:3f:cd:cf:f9:
29:e7:09:4e:d3:a5:3d:96:58:e4:06:80:4b:ca:c2:
20:d1:80:e2:53:14:a7:fd:85:0b:dd:5b:9e:a9:7d:
7f:d9:cf:da:10:16:66:50:21:70:31:55:bb:ec:3c:
64:ed:21:2e:f3:ac:33:3d:74:32:34:bf:12:af:44:
e8:b8:52:12:ce:10:0b:36:d5:90:4b:d2:55:c8:85:
2e:44:e3:aa:c1:2c:4d:f5:a5:3f:5b:0a:10:6e:ac:
b4:69:9a:95:71:0b:37:f9:f0:98:05:91:00:c7:0f:
fd:05:51:ea:02:a2:28:3e:a1:b4:07:4f:d2:12:8a:
0e:80:33:8d:bb:bc:72:ff:d4:11:83:5d:7a:da:f8:
11:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4B:DA:80:F4:25:77:82:B9:18:FD:27:05:7C:0E:40:B4:2A:DF:5F
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/4kvagPQld4K5GP0nBXwOQLQq318.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
83:d6:2c:2f:65:88:79:ad:e2:c5:44:1c:e3:01:ed:35:bf:46:
3c:76:fd:5f:ba:cc:44:81:90:89:a2:85:ac:63:68:36:15:7d:
b6:db:2b:d2:d4:86:95:98:c8:f3:dc:d0:b6:0b:74:10:e2:d7:
5c:de:a3:fa:fc:e6:5e:91:65:bb:e2:ca:b5:6e:c4:21:38:28:
03:c9:ac:a2:13:28:88:1f:63:4d:14:cd:99:2e:4f:13:3a:a8:
6c:c1:34:a2:16:97:74:10:b3:83:98:b1:8d:50:87:4c:0b:16:
36:e0:b1:31:ea:b3:de:b8:e6:32:87:e4:22:3c:43:8c:bb:30:
4c:33:36:40:2a:13:3a:61:9b:50:48:2b:16:61:3a:a3:ee:15:
45:5f:2c:02:f9:39:79:64:8d:68:7d:d6:79:55:b5:40:b1:4e:
1d:2d:8b:28:ce:60:2f:ea:cf:69:7d:4a:67:b0:ec:83:f8:ab:
f1:6f:ba:7b:be:fa:a1:fd:c8:ad:6a:cb:17:84:e3:a7:f1:88:
85:50:19:eb:e7:43:60:ac:41:58:67:29:0c:4d:4c:b5:f0:e1:
67:a2:63:69:d7:1c:5a:0b:0f:cf:ef:8e:34:c5:12:8c:18:7d:
b9:43:e0:d6:43:4b:45:ed:89:91:11:d7:22:d6:b9:c2:d5:2c:
3e:5a:67:80
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDTAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDcx
NzI1NDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUyNEJEQTgwRjQyNTc3
ODJCOTE4RkQyNzA1N0MwRTQwQjQyQURGNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCReLhIKalI4Yb7uCfcHNPx3pMPs2OC2kGHmfU6b+YSjjYI6S+S
ITYufI3qgdefKGP0PAX3OPlWHAshn57xBjUlYBlHVZo5YHi5tsStL0C4Xepsuml+
KyXJFrpf83piJuM9+V/Ym+d57Jzi/IexYrsl7rIDP83P+SnnCU7TpT2WWOQGgEvK
wiDRgOJTFKf9hQvdW56pfX/Zz9oQFmZQIXAxVbvsPGTtIS7zrDM9dDI0vxKvROi4
UhLOEAs21ZBL0lXIhS5E46rBLE31pT9bChBurLRpmpVxCzf58JgFkQDHD/0FUeoC
oig+obQHT9ISig6AM427vHL/1BGDXXra+BGlAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU4kvagPQld4K5GP0nBXwOQLQq318wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzRrdmFnUFFsZDRLNUdQ
MG5CWHdPUUxRcTMxOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIPWLC9liHmt4sVEHOMB7TW/
Rjx2/V+6zESBkImihaxjaDYVfbbbK9LUhpWYyPPc0LYLdBDi11zeo/r85l6RZbvi
yrVuxCE4KAPJrKITKIgfY00UzZkuTxM6qGzBNKIWl3QQs4OYsY1Qh0wLFjbgsTHq
s9645jKH5CI8Q4y7MEwzNkAqEzphm1BIKxZhOqPuFUVfLAL5OXlkjWh91nlVtUCx
Th0tiyjOYC/qz2l9Smew7IP4q/Fvunu++qH9yK1qyxeE46fxiIVQGevnQ2CsQVhn
KQxNTLXw4WeiY2nXHFoLD8/vjjTFEowYfblD4NZDS0XtiZER1yLWucLVLD5aZ4A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:11 2025 by rpki-client