Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/DgNTD2sWa3q82IPbLGBzak8zAfI.roa
File: DgNTD2sWa3q82IPbLGBzak8zAfI.roa (raw, json)
Hash identifier: QyEvOQEa6NzLVxRjreA3+/oCSrH4kuNzdZgSdh698ZE=
Subject key identifier: 0E:03:53:0F:6B:16:6B:7A:BC:D8:83:DB:2C:60:73:6A:4F:33:01:F2
Certificate issuer: /CN=DEB86EAADEE1C17ECE2A7FF6388526F7A9260D47
Certificate serial: 0EDF
Authority key identifier: DE:B8:6E:AA:DE:E1:C1:7E:CE:2A:7F:F6:38:85:26:F7:A9:26:0D:47
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3rhuqt7hwX7OKn_2OIUm96kmDUc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/DgNTD2sWa3q82IPbLGBzak8zAfI.roa
Signing time: Fri 21 Mar 2025 03:28:55 +0000
ROA not before: Fri 21 Mar 2025 03:28:55 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4134
IP address blocks: 113.31.90.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3807 (0xedf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEB86EAADEE1C17ECE2A7FF6388526F7A9260D47
Validity
Not Before: Mar 21 03:28:55 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0E03530F6B166B7ABCD883DB2C60736A4F3301F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:29:c7:57:5a:54:b1:12:f3:ea:bc:2d:3d:be:
8b:dc:06:db:e5:13:73:b8:17:06:29:22:f9:34:ca:
d6:92:7b:f4:64:7d:12:f3:f5:b7:b9:52:aa:63:be:
f9:d5:39:8c:ba:22:5d:e2:8d:01:4f:21:09:70:30:
23:59:0b:a5:89:aa:a6:32:19:f2:77:0a:d9:13:b8:
38:d7:16:b1:70:38:48:a3:b4:8f:55:a5:72:02:bc:
0f:af:5c:4a:52:17:fe:fd:df:2f:cf:49:40:fa:5d:
e9:bd:f3:60:e7:64:34:02:b8:90:7c:1f:ed:67:d9:
0b:1b:08:f1:de:63:e1:70:86:dc:ed:df:19:2f:dc:
38:b7:ae:ef:fb:8f:78:15:86:29:43:ef:64:83:25:
79:54:be:0f:c7:05:e7:8c:4f:a0:19:53:10:a7:79:
20:df:aa:3b:6f:03:79:9b:d2:78:96:4e:d5:49:ad:
f6:86:e8:77:57:36:ff:ae:83:3c:46:a6:ed:e8:e7:
61:a7:62:15:a1:e9:a4:dc:45:54:ca:65:52:24:02:
da:b2:37:b6:f8:92:54:d3:a0:99:11:67:a2:e9:d4:
11:30:c8:36:95:5f:9e:b1:c3:83:6b:2c:83:86:6d:
f8:63:d9:fd:9d:e8:15:cc:92:92:01:c6:07:fe:62:
2e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:03:53:0F:6B:16:6B:7A:BC:D8:83:DB:2C:60:73:6A:4F:33:01:F2
X509v3 Authority Key Identifier:
keyid:DE:B8:6E:AA:DE:E1:C1:7E:CE:2A:7F:F6:38:85:26:F7:A9:26:0D:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3rhuqt7hwX7OKn_2OIUm96kmDUc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3rhuqt7hwX7OKn_2OIUm96kmDUc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/DgNTD2sWa3q82IPbLGBzak8zAfI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.90.0/23
Signature Algorithm: sha256WithRSAEncryption
32:7d:2f:5f:f5:40:c9:3a:e1:cc:14:36:69:75:2d:3d:98:95:
c3:49:b1:71:22:89:9f:dc:63:4c:2e:e9:5e:3b:ae:22:d4:2d:
1d:2b:ca:05:b4:0d:71:0c:1e:05:21:af:bf:cb:44:b2:92:a6:
bc:b8:7e:4f:a8:27:b3:7e:41:c4:1f:d9:cb:ab:0b:62:21:18:
42:11:70:34:df:82:e6:94:5b:6a:89:e2:1c:8c:54:ca:35:3b:
95:39:7d:01:ab:30:46:19:bb:ba:9d:61:37:03:e3:bf:0c:ea:
2a:8e:f0:6d:84:f6:1c:d5:8b:b2:85:12:37:e0:81:7f:2f:d9:
61:76:99:91:04:bb:89:dd:11:a3:e8:44:28:56:e2:9a:82:20:
e7:a3:01:f3:53:04:2d:da:ac:4e:e6:cc:1d:9b:3d:7a:13:e5:
3f:6f:e3:7e:32:33:df:b9:f7:51:ff:4d:7b:f2:29:f2:01:72:
e1:25:b4:73:d1:5f:aa:4d:d1:f0:1f:62:af:3b:bd:60:2e:32:
e1:ad:90:48:f4:b9:fb:b7:0a:25:76:09:05:b4:68:39:57:c0:
64:fe:84:1d:78:b6:bc:2c:1e:be:54:af:d9:84:1c:c4:2f:76:
44:f0:be:92:13:f1:4a:09:d5:5e:c0:dc:f5:cd:44:0e:40:d2:
eb:fa:7e:9a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC
ODZFQUFERUUxQzE3RUNFMkE3RkY2Mzg4NTI2RjdBOTI2MEQ0NzAeFw0yNTAzMjEw
MzI4NTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBFMDM1MzBGNkIxNjZC
N0FCQ0Q4ODNEQjJDNjA3MzZBNEYzMzAxRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2KcdXWlSxEvPqvC09vovcBtvlE3O4FwYpIvk0ytaSe/RkfRLz
9be5UqpjvvnVOYy6Il3ijQFPIQlwMCNZC6WJqqYyGfJ3CtkTuDjXFrFwOEijtI9V
pXICvA+vXEpSF/793y/PSUD6Xem982DnZDQCuJB8H+1n2QsbCPHeY+Fwhtzt3xkv
3Di3ru/7j3gVhilD72SDJXlUvg/HBeeMT6AZUxCneSDfqjtvA3mb0niWTtVJrfaG
6HdXNv+ugzxGpu3o52GnYhWh6aTcRVTKZVIkAtqyN7b4klTToJkRZ6Lp1BEwyDaV
X56xw4NrLIOGbfhj2f2d6BXMkpIBxgf+Yi5ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDgNTD2sWa3q82IPbLGBzak8zAfIwHwYDVR0jBBgwFoAU3rhuqt7hwX7OKn/2
OIUm96kmDUcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
LzNyaHVxdDdod1g3T0tuXzJPSVVtOTZrbURVYy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvM3JodXF0N2h3WDdPS25fMk9JVW05NmttRFVjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0RnTlREMnNXYTNxODJJ
UGJMR0J6YWs4ekFmSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFxH1owDQYJKoZIhvcNAQELBQADggEBADJ9L1/1QMk64cwUNml1LT2YlcNJsXEi
iZ/cY0wu6V47riLULR0rygW0DXEMHgUhr7/LRLKSpry4fk+oJ7N+QcQf2curC2Ih
GEIRcDTfguaUW2qJ4hyMVMo1O5U5fQGrMEYZu7qdYTcD478M6iqO8G2E9hzVi7KF
EjfggX8v2WF2mZEEu4ndEaPoRChW4pqCIOejAfNTBC3arE7mzB2bPXoT5T9v434y
M9+591H/TXvyKfIBcuEltHPRX6pN0fAfYq87vWAuMuGtkEj0ufu3CiV2CQW0aDlX
wGT+hB14trwsHr5Ur9mEHMQvdkTwvpIT8UoJ1V7A3PXNRA5A0uv6fpo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:24 2025 by rpki-client