Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/FsE3AxLsAIn6TMAYzr9celIr7OI.roa
File: FsE3AxLsAIn6TMAYzr9celIr7OI.roa (raw, json)
Hash identifier: ERb5tYYA/Ma8CWs1GWpLSALJchiunw92oJRYurremg8=
Subject key identifier: 16:C1:37:03:12:EC:00:89:FA:4C:C0:18:CE:BF:5C:7A:52:2B:EC:E2
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0A1E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/FsE3AxLsAIn6TMAYzr9celIr7OI.roa
Signing time: Thu 30 Jan 2025 12:55:30 +0000
ROA not before: Thu 30 Jan 2025 12:55:30 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2590 (0xa1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 30 12:55:30 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=16C1370312EC0089FA4CC018CEBF5C7A522BECE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a0:ce:7e:52:62:d7:ac:1e:2d:c7:38:d0:b5:
29:f0:d2:ef:46:be:3d:70:5d:06:4d:9a:4c:43:63:
f5:e9:15:d5:a8:37:9f:40:23:91:95:52:98:2c:97:
2f:fa:f8:86:81:60:a8:fd:63:05:28:a0:78:74:ab:
c5:d6:f0:2b:0d:9c:16:1a:3a:80:76:08:dd:19:af:
1a:37:06:60:b7:6d:4e:cd:29:ff:51:dc:c0:07:45:
85:86:b2:9f:0e:56:a9:32:2b:2e:2c:cd:18:ef:21:
77:4c:a1:75:44:68:e4:0d:31:e8:39:be:ac:a6:ae:
2b:be:94:72:56:20:c2:0d:3a:30:27:dd:f2:79:58:
e6:4d:29:40:94:b8:16:c5:46:7e:df:10:24:6a:01:
d8:1c:c4:0c:4b:2d:c3:21:dd:8f:b1:cc:6a:db:40:
d3:9e:a4:be:d3:cd:b6:68:37:c7:f7:2b:a0:3f:af:
c6:c0:b1:7f:66:67:66:55:3e:db:82:d4:74:a7:41:
fa:66:74:79:62:85:00:e2:e6:99:e3:dd:cc:05:b7:
84:83:50:6a:f6:bf:5b:e5:22:07:58:75:97:4a:3e:
58:a1:9f:18:bf:48:a5:96:94:a3:3a:03:30:97:a0:
08:47:c2:e3:4f:5f:75:96:f7:91:2b:ad:7c:60:6f:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C1:37:03:12:EC:00:89:FA:4C:C0:18:CE:BF:5C:7A:52:2B:EC:E2
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/FsE3AxLsAIn6TMAYzr9celIr7OI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:dd:73:0c:4f:37:3f:a6:e0:4c:c1:37:30:2f:00:6b:35:a1:
f9:66:ce:40:35:5d:30:f2:68:93:28:27:20:4c:7d:28:f1:56:
e8:c8:6f:e4:80:34:4a:21:5e:15:bb:6c:7a:1b:f4:e8:ab:81:
57:b8:7d:ad:1a:09:44:21:62:46:c7:aa:8b:71:af:a0:5c:61:
4e:a9:8e:93:c3:25:b1:29:a0:b5:6f:dc:f8:fe:b0:ed:0b:d7:
49:ee:7e:87:b0:dc:24:ea:e0:ee:79:20:55:33:b4:af:73:2c:
43:e2:fa:5d:73:25:63:4e:dd:27:9e:64:39:bd:9b:25:86:c6:
4e:ef:1b:ad:d0:57:7f:20:c9:0b:33:93:c6:b6:92:15:5c:1b:
92:a9:c2:82:36:92:f1:7d:a9:d2:f9:0b:a7:13:ce:8e:fa:6c:
44:e4:8f:bd:e8:cf:27:17:ed:4d:33:45:00:7b:2c:a4:62:33:
5a:fc:04:12:13:e6:d9:94:d4:bd:53:33:78:30:6b:b5:f5:6a:
cf:ef:58:b4:68:91:27:08:58:86:c9:3c:8b:b3:7f:9f:7e:2e:
38:c7:e8:d0:9f:bf:db:e5:da:dc:87:9e:9c:23:a3:ce:b9:a4:
b2:32:26:19:c3:5e:67:c2:e8:2f:35:70:a7:5a:4e:1a:ee:f9:
a6:79:08:28
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzAx
MjU1MzBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE2QzEzNzAzMTJFQzAw
ODlGQTRDQzAxOENFQkY1QzdBNTIyQkVDRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8oM5+UmLXrB4txzjQtSnw0u9Gvj1wXQZNmkxDY/XpFdWoN59A
I5GVUpgsly/6+IaBYKj9YwUooHh0q8XW8CsNnBYaOoB2CN0Zrxo3BmC3bU7NKf9R
3MAHRYWGsp8OVqkyKy4szRjvIXdMoXVEaOQNMeg5vqymriu+lHJWIMINOjAn3fJ5
WOZNKUCUuBbFRn7fECRqAdgcxAxLLcMh3Y+xzGrbQNOepL7TzbZoN8f3K6A/r8bA
sX9mZ2ZVPtuC1HSnQfpmdHlihQDi5pnj3cwFt4SDUGr2v1vlIgdYdZdKPlihnxi/
SKWWlKM6AzCXoAhHwuNPX3WW95ErrXxgb/2RAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUFsE3AxLsAIn6TMAYzr9celIr7OIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0ZzRTNBeExzQUluNlRN
QVl6cjljZWxJcjdPSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAD7dcwxPNz+m4EzBNzAvAGs1
oflmzkA1XTDyaJMoJyBMfSjxVujIb+SANEohXhW7bHob9OirgVe4fa0aCUQhYkbH
qotxr6BcYU6pjpPDJbEpoLVv3Pj+sO0L10nufoew3CTq4O55IFUztK9zLEPi+l1z
JWNO3SeeZDm9myWGxk7vG63QV38gyQszk8a2khVcG5KpwoI2kvF9qdL5C6cTzo76
bETkj73ozycX7U0zRQB7LKRiM1r8BBIT5tmU1L1TM3gwa7X1as/vWLRokScIWIbJ
PIuzf59+LjjH6NCfv9vl2tyHnpwjo865pLIyJhnDXmfC6C81cKdaThru+aZ5CCg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:21:25 2025 by rpki-client