Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/NOVHU0h2ENaF2uXoDo3XIJCPoqY.roa
File: NOVHU0h2ENaF2uXoDo3XIJCPoqY.roa (raw, json)
Hash identifier: NaOvrwip8i8+shVxxQrNofTxFGwDyUDjw48zhmumUdg=
Subject key identifier: 34:E5:47:53:48:76:10:D6:85:DA:E5:E8:0E:8D:D7:20:90:8F:A2:A6
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B60
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NOVHU0h2ENaF2uXoDo3XIJCPoqY.roa
Signing time: Sun 02 Feb 2025 21:26:52 +0000
ROA not before: Sun 02 Feb 2025 21:26:52 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2912 (0xb60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 21:26:52 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=34E54753487610D685DAE5E80E8DD720908FA2A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:09:0a:b9:6d:1b:c3:2e:f7:56:96:bc:1b:90:
a6:03:c6:ad:c7:60:c0:73:fe:ba:d1:56:08:df:3a:
c5:86:60:50:a4:53:71:0e:54:33:7f:56:38:ae:f3:
75:b3:5f:30:02:a0:22:ae:08:3f:7a:73:87:28:c5:
c1:d3:9c:18:d0:f9:2f:81:36:9b:09:6d:03:51:c0:
9d:59:fd:ce:56:37:bb:0c:f6:c0:8b:de:69:24:12:
5a:54:a0:9c:31:a3:39:3b:40:96:07:3a:d2:14:dd:
07:c1:36:5c:06:93:b2:02:19:e2:ee:b2:72:b1:31:
6b:08:f5:78:a2:cf:3d:bb:3f:92:7c:2d:cd:16:7a:
e8:36:41:17:05:e4:db:f2:14:5c:2f:27:df:dd:82:
d0:d8:d3:36:d9:04:fc:b8:4d:76:b3:ef:4e:c4:fd:
ab:a4:81:1c:2f:cb:b1:cd:16:6c:3c:aa:59:3b:d9:
c5:c6:65:9d:cd:d8:0f:1e:01:c0:59:f4:6a:89:98:
44:c4:b9:59:7c:c9:24:89:73:fd:11:5a:69:de:27:
2e:40:23:d9:c8:e2:a7:4d:ec:68:32:ae:05:c3:9e:
e5:8c:2f:c4:8e:c1:a0:48:12:11:47:15:cc:d8:ff:
b7:0f:21:ae:a6:08:8b:cf:d3:6f:7a:76:4b:65:ea:
13:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E5:47:53:48:76:10:D6:85:DA:E5:E8:0E:8D:D7:20:90:8F:A2:A6
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NOVHU0h2ENaF2uXoDo3XIJCPoqY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
ac:b9:67:52:d6:d7:68:b2:0a:8f:71:29:ad:d5:e1:0a:b0:f0:
25:36:d6:c4:22:a2:88:7a:35:a1:89:ea:97:fe:f5:b8:12:3b:
b8:f3:6b:88:e5:1f:e6:82:49:61:08:fc:0a:d7:24:3c:55:c4:
07:6c:55:18:28:9b:90:24:d4:6f:fb:da:f3:fa:b4:81:b5:94:
48:3f:82:4e:62:c8:f3:97:3c:fe:f7:a4:69:3e:7b:dd:83:e7:
0a:42:88:d0:78:f3:f0:65:df:d6:b9:5a:7e:8e:e9:b6:18:cc:
10:33:af:fd:ff:7f:f9:98:8a:73:32:b8:41:b7:13:4f:09:bb:
b6:a6:ff:65:18:fa:56:1b:80:40:27:c9:c3:e3:7b:5c:19:35:
a9:a5:ff:17:e8:b9:bd:ed:c0:b5:4f:a6:23:36:d9:42:2e:3b:
69:ad:2e:b1:90:16:9f:80:4b:b1:41:d5:09:92:4f:d8:46:86:
76:2a:bd:ec:d2:e9:38:d4:81:4f:80:18:b6:c5:1e:34:e5:d1:
46:d3:35:88:c5:ab:1d:b1:4b:e6:0e:58:8e:b1:4b:26:c8:c6:
c1:2b:24:c3:3b:9c:bd:c0:72:cc:dd:e6:67:3b:a2:78:32:de:
22:fc:5a:12:72:cf:0c:e1:a2:7b:49:b7:85:bc:d2:29:c4:1c:
eb:1f:d1:7f
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIy
MTI2NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM0RTU0NzUzNDg3NjEw
RDY4NURBRTVFODBFOERENzIwOTA4RkEyQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrCQq5bRvDLvdWlrwbkKYDxq3HYMBz/rrRVgjfOsWGYFCkU3EO
VDN/Vjiu83WzXzACoCKuCD96c4coxcHTnBjQ+S+BNpsJbQNRwJ1Z/c5WN7sM9sCL
3mkkElpUoJwxozk7QJYHOtIU3QfBNlwGk7ICGeLusnKxMWsI9Xiizz27P5J8Lc0W
eug2QRcF5NvyFFwvJ9/dgtDY0zbZBPy4TXaz707E/aukgRwvy7HNFmw8qlk72cXG
ZZ3N2A8eAcBZ9GqJmETEuVl8ySSJc/0RWmneJy5AI9nI4qdN7GgyrgXDnuWML8SO
waBIEhFHFczY/7cPIa6mCIvP0296dktl6hNnAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUNOVHU0h2ENaF2uXoDo3XIJCPoqYwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL05PVkhVMGgyRU5hRjJ1
WG9EbzNYSUpDUG9xWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKy5Z1LW12iyCo9xKa3V4Qqw
8CU21sQiooh6NaGJ6pf+9bgSO7jza4jlH+aCSWEI/ArXJDxVxAdsVRgom5Ak1G/7
2vP6tIG1lEg/gk5iyPOXPP73pGk+e92D5wpCiNB48/Bl39a5Wn6O6bYYzBAzr/3/
f/mYinMyuEG3E08Ju7am/2UY+lYbgEAnycPje1wZNaml/xfoub3twLVPpiM22UIu
O2mtLrGQFp+AS7FB1QmST9hGhnYqvezS6TjUgU+AGLbFHjTl0UbTNYjFqx2xS+YO
WI6xSybIxsErJMM7nL3Acszd5mc7ongy3iL8WhJyzwzhontJt4W80inEHOsf0X8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:33 2025 by rpki-client