Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/I4GPn_QFK1A2aaUUV9gKOPZH9i4.roa
File: I4GPn_QFK1A2aaUUV9gKOPZH9i4.roa (raw, json)
Hash identifier: FBrG24ln3ofqb9OUfdLEIFw7kBVicRL9iOs7iZ/UDco=
Subject key identifier: 23:81:8F:9F:F4:05:2B:50:36:69:A5:14:57:D8:0A:38:F6:47:F6:2E
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B5C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/I4GPn_QFK1A2aaUUV9gKOPZH9i4.roa
Signing time: Sun 02 Feb 2025 20:26:19 +0000
ROA not before: Sun 02 Feb 2025 20:26:19 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2908 (0xb5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 20:26:19 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=23818F9FF4052B503669A51457D80A38F647F62E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:24:31:fb:fa:c0:52:93:94:f0:bd:7a:16:ef:
f2:80:05:8a:0f:d9:1e:c3:c9:7d:0f:ed:83:76:45:
66:cd:0b:ae:1a:24:b3:0b:0d:de:50:ec:ba:d8:c1:
ce:6a:a0:09:79:22:a2:34:d4:ce:b0:96:e7:5a:69:
29:6f:d1:89:4a:85:0d:b6:6f:46:6f:27:e2:01:aa:
5c:4d:6a:28:f4:a0:c1:33:19:60:b0:69:69:56:e5:
d1:79:3a:10:a0:00:fb:d2:66:60:8a:89:21:f4:db:
86:9a:64:01:f5:ed:38:b4:e1:6c:d5:20:d8:59:f2:
5a:04:5e:9b:40:5e:46:4c:b9:20:21:36:3a:dd:ea:
9c:6a:3a:d9:b3:c5:50:4c:ab:cd:c7:94:f3:55:f2:
c9:eb:0b:60:15:b5:23:e7:36:d5:bb:a4:41:42:9d:
7f:a5:83:3f:34:dc:27:98:e2:36:b3:c1:f6:f5:c8:
3f:51:54:6e:e8:4a:11:9b:0e:6a:28:31:68:68:8a:
57:ee:29:3f:94:b7:39:be:11:95:3e:05:1c:86:3c:
df:ea:08:bb:62:58:12:dd:b6:8b:30:41:b0:6c:34:
b0:dd:f7:95:f6:9e:95:53:c5:83:e1:69:5e:01:6d:
ba:22:d0:3f:43:6c:59:3e:3d:f5:d1:87:fa:32:3d:
5a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:81:8F:9F:F4:05:2B:50:36:69:A5:14:57:D8:0A:38:F6:47:F6:2E
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/I4GPn_QFK1A2aaUUV9gKOPZH9i4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
11:3a:17:e5:a7:c2:e6:45:44:24:88:39:bc:7d:a0:6a:33:b6:
61:e6:ce:78:48:4d:4d:33:a3:e0:2a:65:a2:2f:e2:1b:ed:46:
ef:f6:c1:f4:01:82:05:d0:40:ff:26:78:a6:1c:f9:40:ef:17:
2e:25:ce:c0:c3:4f:91:2b:5b:69:55:42:e5:1f:c9:01:f7:d6:
84:7e:e2:6b:b9:23:a6:5c:7a:7c:74:a0:33:75:22:fd:00:7a:
6a:36:c5:85:5e:12:17:11:a6:3b:ab:0b:fe:f5:38:3a:1e:3f:
3f:e0:96:6b:7a:e7:26:07:2d:6d:30:d2:53:cc:44:70:ed:ba:
66:db:a8:9f:02:09:13:b8:6d:16:d9:f7:67:96:d8:9b:6c:a1:
17:62:7f:2d:84:22:6b:76:1d:9b:14:a5:86:b9:f4:80:79:bf:
77:a3:0a:0f:89:90:de:03:5a:26:a1:70:cb:96:b5:23:82:23:
ba:fc:f4:3c:98:3e:80:af:a1:18:25:da:90:c6:2b:be:ed:b5:
08:d2:d2:80:cb:ea:11:11:fd:cf:bf:26:55:17:75:37:c0:b8:
35:7f:9d:a2:3e:a2:bb:49:13:22:5f:f0:7c:42:22:83:ee:e0:
c8:06:2f:8c:08:48:68:11:c2:bb:45:fe:39:3d:9f:a2:13:70:
72:a8:d6:63
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIy
MDI2MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIzODE4RjlGRjQwNTJC
NTAzNjY5QTUxNDU3RDgwQTM4RjY0N0Y2MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjJDH7+sBSk5TwvXoW7/KABYoP2R7DyX0P7YN2RWbNC64aJLML
Dd5Q7LrYwc5qoAl5IqI01M6wludaaSlv0YlKhQ22b0ZvJ+IBqlxNaij0oMEzGWCw
aWlW5dF5OhCgAPvSZmCKiSH024aaZAH17Ti04WzVINhZ8loEXptAXkZMuSAhNjrd
6pxqOtmzxVBMq83HlPNV8snrC2AVtSPnNtW7pEFCnX+lgz803CeY4jazwfb1yD9R
VG7oShGbDmooMWhoilfuKT+Utzm+EZU+BRyGPN/qCLtiWBLdtoswQbBsNLDd95X2
npVTxYPhaV4Bbboi0D9DbFk+PfXRh/oyPVqjAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUI4GPn/QFK1A2aaUUV9gKOPZH9i4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0k0R1BuX1FGSzFBMmFh
VVVWOWdLT1BaSDlpNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBABE6F+WnwuZFRCSIObx9oGoz
tmHmznhITU0zo+AqZaIv4hvtRu/2wfQBggXQQP8meKYc+UDvFy4lzsDDT5ErW2lV
QuUfyQH31oR+4mu5I6Zcenx0oDN1Iv0Aemo2xYVeEhcRpjurC/71ODoePz/glmt6
5yYHLW0w0lPMRHDtumbbqJ8CCRO4bRbZ92eW2JtsoRdify2EImt2HZsUpYa59IB5
v3ejCg+JkN4DWiahcMuWtSOCI7r89DyYPoCvoRgl2pDGK77ttQjS0oDL6hER/c+/
JlUXdTfAuDV/naI+ortJEyJf8HxCIoPu4MgGL4wISGgRwrtF/jk9n6ITcHKo1mM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:07 2025 by rpki-client