Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/CTiLzZJ43sDp5mOUYJ4pMGMypzg.roa
File: CTiLzZJ43sDp5mOUYJ4pMGMypzg.roa (raw, json)
Hash identifier: 0Ou7ExwLcZwUlLb3SJans1mQJqzuXrXn2Ga8lT8VZPU=
Subject key identifier: 09:38:8B:CD:92:78:DE:C0:E9:E6:63:94:60:9E:29:30:63:32:A7:38
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 05C2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/CTiLzZJ43sDp5mOUYJ4pMGMypzg.roa
Signing time: Sat 18 Jan 2025 21:54:47 +0000
ROA not before: Sat 18 Jan 2025 21:54:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1474 (0x5c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 21:54:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=09388BCD9278DEC0E9E66394609E29306332A738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:15:7f:d9:6e:99:79:53:89:e8:7c:fa:b1:d3:
57:3b:de:fb:84:1b:13:52:f4:4b:f1:30:d7:ec:ea:
eb:f7:59:8b:cb:eb:5c:6d:76:90:73:95:54:f4:36:
60:6c:44:bd:f6:bb:78:bb:33:dd:97:4e:c4:e5:0d:
29:e3:48:b4:b2:ff:b3:13:ee:97:30:4c:16:ea:01:
50:eb:09:3a:2a:2a:61:fe:7a:bd:eb:09:f5:a6:65:
7c:78:34:15:4a:32:3b:5c:04:da:bf:35:62:13:6b:
8f:75:63:51:41:f5:8b:e2:0a:46:e6:63:ab:0e:11:
b5:94:f9:b2:40:99:0a:04:a3:8b:b6:1f:f0:b1:79:
5c:f0:e6:e5:b3:d7:92:19:a9:79:90:6d:12:2b:c7:
72:1d:c1:28:35:49:bb:ca:c6:f4:94:e0:84:02:a7:
0d:d4:6a:22:be:a7:00:4b:f8:3e:46:cb:f3:c1:6c:
46:f9:10:40:fe:ae:10:fa:ad:73:c6:5f:01:4e:8d:
1c:76:c9:90:9c:b3:ac:44:59:43:af:26:e6:de:f2:
cd:a8:31:65:fb:2f:2b:7e:26:10:c1:3a:6e:3f:54:
30:90:35:3e:9c:55:e2:a8:8c:01:87:dc:cc:25:95:
47:48:a3:38:49:1b:13:e9:12:1d:81:15:73:ec:21:
1b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:38:8B:CD:92:78:DE:C0:E9:E6:63:94:60:9E:29:30:63:32:A7:38
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/CTiLzZJ43sDp5mOUYJ4pMGMypzg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3a:ad:50:f5:38:23:c0:b8:aa:41:2f:d2:45:92:72:0e:8d:b2:
b7:3d:54:b2:7e:0e:b9:cd:2a:76:55:1f:ea:cc:59:f7:2f:96:
d4:7c:62:e2:1d:df:26:40:f1:a1:5b:d1:61:a7:d8:db:c9:3d:
44:da:6e:a5:d4:60:84:7c:2f:50:45:7f:70:02:e5:c1:33:41:
0a:63:ff:51:1e:50:ee:85:20:de:2d:30:ee:cf:bb:ad:19:be:
2e:2b:f1:33:31:ee:73:7f:1d:94:c8:6d:86:c4:e8:9b:10:88:
42:8b:37:db:f9:ad:4c:7c:a1:b7:49:10:3e:9a:4b:be:e4:e5:
51:38:4b:3b:9b:b2:14:81:89:1f:bb:a0:f5:67:a6:1b:f5:f7:
2c:a7:8f:26:fd:d3:1d:b6:50:3c:c0:cc:ec:4b:12:2e:43:d1:
34:42:fc:7f:20:49:40:d9:76:c6:f6:50:ac:c6:ce:04:2a:d4:
80:a9:b5:81:d3:0e:1f:9f:33:5a:2b:c1:e2:7f:14:5d:f2:be:
33:4a:6a:79:63:39:23:d8:9b:1e:ea:41:93:41:aa:b1:92:43:
fd:94:a0:bb:14:c9:71:02:5a:cd:37:78:62:ed:34:e5:9d:64:
4f:9b:b7:cb:20:5c:a6:11:eb:9a:43:33:97:87:a5:5f:b2:80:
26:07:02:7f
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBcIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgy
MTU0NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA5Mzg4QkNEOTI3OERF
QzBFOUU2NjM5NDYwOUUyOTMwNjMzMkE3MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjFX/Zbpl5U4nofPqx01c73vuEGxNS9EvxMNfs6uv3WYvL61xt
dpBzlVT0NmBsRL32u3i7M92XTsTlDSnjSLSy/7MT7pcwTBbqAVDrCToqKmH+er3r
CfWmZXx4NBVKMjtcBNq/NWITa491Y1FB9YviCkbmY6sOEbWU+bJAmQoEo4u2H/Cx
eVzw5uWz15IZqXmQbRIrx3IdwSg1SbvKxvSU4IQCpw3UaiK+pwBL+D5Gy/PBbEb5
EED+rhD6rXPGXwFOjRx2yZCcs6xEWUOvJube8s2oMWX7Lyt+JhDBOm4/VDCQNT6c
VeKojAGH3MwllUdIozhJGxPpEh2BFXPsIRtrAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUCTiLzZJ43sDp5mOUYJ4pMGMypzgwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0NUaUx6Wko0M3NEcDVt
T1VZSjRwTUdNeXB6Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADqtUPU4I8C4qkEv0kWScg6N
src9VLJ+DrnNKnZVH+rMWfcvltR8YuId3yZA8aFb0WGn2NvJPUTabqXUYIR8L1BF
f3AC5cEzQQpj/1EeUO6FIN4tMO7Pu60Zvi4r8TMx7nN/HZTIbYbE6JsQiEKLN9v5
rUx8obdJED6aS77k5VE4SzubshSBiR+7oPVnphv19yynjyb90x22UDzAzOxLEi5D
0TRC/H8gSUDZdsb2UKzGzgQq1ICptYHTDh+fM1orweJ/FF3yvjNKanljOSPYmx7q
QZNBqrGSQ/2UoLsUyXECWs03eGLtNOWdZE+bt8sgXKYR65pDM5eHpV+ygCYHAn8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:37 2025 by rpki-client