Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/KMNw4l_1K_rXDxF5Vjfq-iNITLQ.roa
File: KMNw4l_1K_rXDxF5Vjfq-iNITLQ.roa (raw, json)
Hash identifier: rKlPO1msePpI6btR2f1FY+dYC0JuigkEigPOwN8Enk8=
Subject key identifier: 28:C3:70:E2:5F:F5:2B:FA:D7:0F:11:79:56:37:EA:FA:23:48:4C:B4
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0982
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/KMNw4l_1K_rXDxF5Vjfq-iNITLQ.roa
Signing time: Tue 28 Jan 2025 21:55:24 +0000
ROA not before: Tue 28 Jan 2025 21:55:24 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2434 (0x982)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 28 21:55:24 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=28C370E25FF52BFAD70F11795637EAFA23484CB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9c:92:c5:ff:5e:2c:59:c9:f1:61:c4:65:2b:
94:33:65:a9:ae:13:24:ef:c0:84:67:64:64:0b:e8:
52:f9:d8:b5:91:e3:cf:f1:ed:cf:be:96:a1:97:80:
f2:ea:91:49:22:67:70:10:a1:51:93:b3:4a:e1:b1:
0d:19:61:fa:ae:75:43:80:e5:6c:e3:67:44:8b:fa:
91:1b:20:b8:14:45:6d:31:96:26:87:9c:bc:52:2f:
8d:7d:b3:73:32:ff:e7:9c:60:9b:82:0e:7c:5c:fe:
46:68:63:b5:56:90:35:09:73:14:fd:e1:ef:57:e1:
ab:7e:0f:f5:c3:b3:ff:ee:f0:b5:ca:6d:a9:95:1e:
e2:35:ec:78:12:78:17:0c:f3:c6:85:12:c9:09:d1:
fd:67:6f:88:67:7c:25:07:2a:c4:d4:82:97:cb:6b:
36:80:2c:8b:16:ab:f9:01:f6:db:66:5a:02:0c:73:
3d:eb:3f:a7:90:fe:59:1d:9c:27:e1:ed:a6:21:09:
03:b1:c3:68:15:a5:27:32:62:e0:95:96:5c:3b:0a:
64:91:ac:43:3e:d1:bf:7d:28:59:91:54:b9:9e:9c:
bb:0d:43:68:f1:17:e3:2f:3f:90:44:b2:e2:f0:14:
28:0e:aa:9b:28:18:6e:a6:22:a8:8c:02:56:7c:c6:
f0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C3:70:E2:5F:F5:2B:FA:D7:0F:11:79:56:37:EA:FA:23:48:4C:B4
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/KMNw4l_1K_rXDxF5Vjfq-iNITLQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
48:84:11:0f:f0:87:21:e5:28:65:4f:98:c8:c8:cc:0c:c2:e9:
fb:f7:a0:61:7e:e7:81:c1:6e:03:c5:b0:46:20:32:c8:b5:c6:
73:60:e0:2a:fb:ed:05:a7:38:0a:b1:b3:9f:d4:7e:2a:f2:7b:
b5:32:a9:49:70:5d:81:e7:47:2c:3d:8d:9a:45:5f:4d:de:8e:
77:71:d1:34:9c:e5:b8:9a:37:46:ff:f7:53:ee:8a:f4:e4:62:
01:4a:bd:fb:6e:20:92:c8:8a:22:d3:3e:a4:0a:89:75:45:fc:
59:89:22:b0:12:8d:3b:7a:91:8f:2a:5e:ee:e7:a8:8f:0b:bd:
0e:1f:90:0e:b2:e6:76:a0:f4:da:38:9d:26:80:52:f5:56:01:
dd:4a:7b:63:bd:a4:4d:37:cf:67:f2:3b:9f:88:9e:c5:3a:96:
b8:47:d1:21:07:16:18:be:e3:a8:29:0e:1d:8c:06:30:bc:2e:
b0:21:9c:d2:f6:1f:fb:86:a1:ae:3b:fd:a0:eb:0c:45:e8:bc:
75:50:6b:39:0c:b7:56:c4:47:7f:f0:55:b6:2f:41:b9:83:dc:
9f:2c:b7:2b:7c:24:6f:ed:72:54:b0:20:94:06:14:14:23:57:
b1:e9:54:c7:29:75:90:35:71:b4:b5:d6:c3:4b:81:62:7c:2c:
f9:0d:e9:e6
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjgy
MTU1MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI4QzM3MEUyNUZGNTJC
RkFENzBGMTE3OTU2MzdFQUZBMjM0ODRDQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnnJLF/14sWcnxYcRlK5QzZamuEyTvwIRnZGQL6FL52LWR48/x
7c++lqGXgPLqkUkiZ3AQoVGTs0rhsQ0ZYfqudUOA5WzjZ0SL+pEbILgURW0xliaH
nLxSL419s3My/+ecYJuCDnxc/kZoY7VWkDUJcxT94e9X4at+D/XDs//u8LXKbamV
HuI17HgSeBcM88aFEskJ0f1nb4hnfCUHKsTUgpfLazaALIsWq/kB9ttmWgIMcz3r
P6eQ/lkdnCfh7aYhCQOxw2gVpScyYuCVllw7CmSRrEM+0b99KFmRVLmenLsNQ2jx
F+MvP5BEsuLwFCgOqpsoGG6mIqiMAlZ8xvC/AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUKMNw4l/1K/rXDxF5Vjfq+iNITLQwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0tNTnc0bF8xS19yWER4
RjVWamZxLWlOSVRMUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAEiEEQ/whyHlKGVPmMjIzAzC
6fv3oGF+54HBbgPFsEYgMsi1xnNg4Cr77QWnOAqxs5/Ufirye7UyqUlwXYHnRyw9
jZpFX03ejndx0TSc5biaN0b/91PuivTkYgFKvftuIJLIiiLTPqQKiXVF/FmJIrAS
jTt6kY8qXu7nqI8LvQ4fkA6y5nag9No4nSaAUvVWAd1Ke2O9pE03z2fyO5+InsU6
lrhH0SEHFhi+46gpDh2MBjC8LrAhnNL2H/uGoa47/aDrDEXovHVQazkMt1bER3/w
VbYvQbmD3J8styt8JG/tclSwIJQGFBQjV7HpVMcpdZA1cbS11sNLgWJ8LPkN6eY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:37 2025 by rpki-client