Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/K-MD3STAXg9-qOXRywVJUIPteUo.roa
File: K-MD3STAXg9-qOXRywVJUIPteUo.roa (raw, json)
Hash identifier: Rxr48ESIHhzbc1q+FSOcRF/q6LyVvhVLGU2EUnqfp58=
Subject key identifier: 2B:E3:03:DD:24:C0:5E:0F:7E:A8:E5:D1:CB:05:49:50:83:ED:79:4A
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D10
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/K-MD3STAXg9-qOXRywVJUIPteUo.roa
Signing time: Fri 07 Feb 2025 09:25:47 +0000
ROA not before: Fri 07 Feb 2025 09:25:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3344 (0xd10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 7 09:25:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2BE303DD24C05E0F7EA8E5D1CB05495083ED794A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:02:3e:3f:12:18:7b:a3:58:b8:c7:5a:b4:d6:
b7:3c:f5:73:98:77:f4:b9:84:d6:42:94:b2:61:24:
0b:42:59:7b:e9:54:20:fb:a1:ab:6b:ca:68:39:83:
18:31:6a:24:a2:ad:ea:09:e4:8b:12:94:78:64:d4:
01:da:77:4b:63:82:4c:8d:2d:d0:d2:1d:2c:bb:9d:
27:43:d1:8f:5f:c8:62:9c:11:d3:08:d7:b1:0a:2b:
5f:11:22:6c:1f:96:67:2c:02:90:e1:86:ba:0a:7b:
55:e6:eb:4e:60:95:db:d7:55:0f:a6:2b:54:92:2c:
d3:09:01:b6:4f:a5:77:93:1a:a4:b8:ec:95:bd:f9:
f0:a4:4d:a0:ef:3c:e1:ba:89:90:5f:23:b2:5d:00:
07:8e:00:e3:67:15:fa:c2:c1:fe:9a:a3:fc:70:52:
26:49:f8:cf:00:71:75:64:4c:09:35:84:18:e8:95:
d9:07:ac:5a:6c:d1:11:48:a3:5c:34:1a:a6:97:d6:
19:95:b1:9c:0f:60:52:17:db:8a:07:92:9b:e6:ba:
b4:09:5e:d9:7f:9a:33:8b:f7:e2:8d:c9:45:f5:4c:
01:73:05:f3:86:96:4c:43:0b:33:6c:ee:3c:cd:fc:
a3:bf:63:09:82:01:29:7f:e4:12:09:c0:c9:f5:88:
98:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E3:03:DD:24:C0:5E:0F:7E:A8:E5:D1:CB:05:49:50:83:ED:79:4A
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/K-MD3STAXg9-qOXRywVJUIPteUo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
03:ab:3c:0b:90:22:50:52:e0:db:a9:d9:b9:74:d9:b9:e7:3a:
f9:5c:11:26:b1:bd:26:b8:40:cc:0e:f0:84:a6:1e:9a:72:75:
fb:21:8a:3f:6d:60:85:4b:c5:39:12:c2:40:95:dd:fe:53:88:
e3:f8:5c:0e:61:c4:96:bd:73:8a:1e:df:06:7a:f1:44:b1:f2:
44:19:f1:79:b2:95:ae:71:fc:9b:83:e9:53:bc:63:60:e3:d0:
22:4a:22:54:67:53:8b:1b:70:23:ec:92:31:e2:3a:77:fc:b5:
4c:75:30:a5:97:00:22:d1:86:c7:e7:96:2d:d9:43:37:72:a6:
58:69:05:96:cf:b4:cd:e2:5f:42:55:6c:a0:5e:f2:6f:c4:05:
49:8b:d4:6f:59:1e:21:fa:33:62:4c:99:07:03:1f:1b:f7:62:
51:fd:57:3b:bf:ec:95:e0:23:e7:e9:de:3b:b9:cf:93:ef:f5:
cb:d9:a6:c0:31:6d:41:27:59:cf:f1:4d:9b:d0:68:80:4b:92:
f0:1b:7d:2a:c4:19:34:ae:78:b4:53:47:12:0d:47:e6:4a:38:
85:81:9f:c7:43:96:f2:28:68:4f:6a:77:6b:ab:1f:83:90:7f:
f2:d4:18:16:07:c6:58:3c:23:f4:55:74:4d:b6:ae:b3:e0:5d:
cc:56:f8:08
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDRAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDcw
OTI1NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJCRTMwM0REMjRDMDVF
MEY3RUE4RTVEMUNCMDU0OTUwODNFRDc5NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQAj4/Ehh7o1i4x1q01rc89XOYd/S5hNZClLJhJAtCWXvpVCD7
oatrymg5gxgxaiSireoJ5IsSlHhk1AHad0tjgkyNLdDSHSy7nSdD0Y9fyGKcEdMI
17EKK18RImwflmcsApDhhroKe1Xm605gldvXVQ+mK1SSLNMJAbZPpXeTGqS47JW9
+fCkTaDvPOG6iZBfI7JdAAeOAONnFfrCwf6ao/xwUiZJ+M8AcXVkTAk1hBjoldkH
rFps0RFIo1w0GqaX1hmVsZwPYFIX24oHkpvmurQJXtl/mjOL9+KNyUX1TAFzBfOG
lkxDCzNs7jzN/KO/YwmCASl/5BIJwMn1iJgnAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUK+MD3STAXg9+qOXRywVJUIPteUowHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0stTUQzU1RBWGc5LXFP
WFJ5d1ZKVUlQdGVVby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAAOrPAuQIlBS4Nup2bl02bnn
OvlcESaxvSa4QMwO8ISmHppydfshij9tYIVLxTkSwkCV3f5TiOP4XA5hxJa9c4oe
3wZ68USx8kQZ8Xmyla5x/JuD6VO8Y2Dj0CJKIlRnU4sbcCPskjHiOnf8tUx1MKWX
ACLRhsfnli3ZQzdyplhpBZbPtM3iX0JVbKBe8m/EBUmL1G9ZHiH6M2JMmQcDHxv3
YlH9Vzu/7JXgI+fp3ju5z5Pv9cvZpsAxbUEnWc/xTZvQaIBLkvAbfSrEGTSueLRT
RxINR+ZKOIWBn8dDlvIoaE9qd2urH4OQf/LUGBYHxlg8I/RVdE22rrPgXcxW+Ag=
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:26:54 2025 by rpki-client