Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/NpBnWovGZWuhJL8YgtK8PRTNXXc.roa
File: NpBnWovGZWuhJL8YgtK8PRTNXXc.roa (raw, json)
Hash identifier: 5IetHUHXGAeepIuYJ/3tI7FCW6/yKgGe+/ZDvSZmMCc=
Subject key identifier: 36:90:67:5A:8B:C6:65:6B:A1:24:BF:18:82:D2:BC:3D:14:CD:5D:77
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0838
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NpBnWovGZWuhJL8YgtK8PRTNXXc.roa
Signing time: Sat 25 Jan 2025 11:25:09 +0000
ROA not before: Sat 25 Jan 2025 11:25:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2104 (0x838)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 25 11:25:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3690675A8BC6656BA124BF1882D2BC3D14CD5D77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:dc:c3:d3:02:7e:fb:2f:76:10:52:c5:34:3f:
0c:01:19:25:0b:20:2b:51:d7:8e:f2:c2:a4:65:c7:
9c:3b:70:12:b3:a7:6a:0c:98:7e:f9:98:bd:81:43:
5d:d3:6c:d2:17:38:23:0f:ce:9a:7b:40:85:ad:d6:
50:a7:45:b0:c3:b0:8a:0d:40:78:a5:31:33:f7:fd:
9c:81:72:8b:cc:39:2c:84:15:79:26:70:c1:a3:99:
41:08:8a:5b:de:14:c7:38:34:fa:e2:17:bd:f8:9e:
7c:09:0a:b4:4d:73:01:ca:6a:fa:c2:4e:b5:b3:22:
50:1b:d8:d0:e4:af:00:23:17:b1:8c:b9:ff:fc:71:
7e:b6:27:cd:b6:7e:b2:af:0f:dc:ce:38:59:f9:b1:
54:c8:e6:df:ac:c0:d4:7d:5d:2d:52:8b:04:cf:fe:
ff:e1:c6:db:38:ae:fd:ee:12:f8:cd:14:26:7f:af:
d5:a2:ed:76:76:a8:6c:03:b5:a5:ee:3a:a1:a4:4b:
56:ae:81:4c:9a:67:6a:a1:e1:82:8b:f6:eb:7d:80:
be:d8:d1:35:d2:62:a0:39:cf:6e:85:37:d3:cb:be:
79:51:00:5b:fc:40:1e:6b:cc:b7:b0:b8:1c:16:3d:
a7:7a:07:31:f4:6b:dc:93:46:4a:f8:47:80:9f:e9:
da:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:90:67:5A:8B:C6:65:6B:A1:24:BF:18:82:D2:BC:3D:14:CD:5D:77
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NpBnWovGZWuhJL8YgtK8PRTNXXc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:5c:2d:21:5a:ea:3e:d8:70:38:09:03:e2:03:0f:a9:04:fc:
d6:9f:3f:91:04:45:61:30:a6:46:de:4b:60:76:5e:a9:20:be:
86:b8:2f:84:2a:a2:88:bc:05:12:21:b7:25:3a:a7:57:b3:07:
9e:6e:f2:8e:03:69:38:c9:f6:be:69:fe:b8:2c:b8:52:f5:65:
bf:6b:28:26:d4:45:a0:7f:92:e4:7e:7b:65:40:77:28:b9:d6:
0f:1e:84:de:60:8b:58:00:cd:2b:71:7a:4d:0d:8e:4d:b2:ef:
5c:52:58:fd:7b:3d:05:ee:ce:f7:da:e4:f2:48:4e:76:94:b8:
af:bd:8c:ab:a6:33:73:74:37:b0:1d:92:39:77:f0:d6:35:37:
45:15:27:5f:fc:85:d3:a6:29:79:99:29:3e:88:6e:0e:f5:3b:
a2:bd:1a:53:16:c9:9a:e1:77:9f:42:15:4c:70:70:67:00:06:
b8:c2:cd:6d:52:84:d9:19:a7:06:e5:37:a2:de:a7:bf:f1:38:
34:95:9d:21:a4:56:95:2d:e3:00:aa:97:ec:fb:35:fd:ce:ca:
a6:f9:fc:e0:78:24:bd:4c:b4:72:c3:d3:e5:4f:f1:1c:f3:a5:
e6:48:ac:5d:7a:7c:04:e6:25:f6:86:73:c0:64:b1:ee:e8:46:
c4:85:8d:36
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCDgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjUx
MTI1MDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM2OTA2NzVBOEJDNjY1
NkJBMTI0QkYxODgyRDJCQzNEMTRDRDVENzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw3MPTAn77L3YQUsU0PwwBGSULICtR147ywqRlx5w7cBKzp2oM
mH75mL2BQ13TbNIXOCMPzpp7QIWt1lCnRbDDsIoNQHilMTP3/ZyBcovMOSyEFXkm
cMGjmUEIilveFMc4NPriF734nnwJCrRNcwHKavrCTrWzIlAb2NDkrwAjF7GMuf/8
cX62J822frKvD9zOOFn5sVTI5t+swNR9XS1SiwTP/v/hxts4rv3uEvjNFCZ/r9Wi
7XZ2qGwDtaXuOqGkS1augUyaZ2qh4YKL9ut9gL7Y0TXSYqA5z26FN9PLvnlRAFv8
QB5rzLewuBwWPad6BzH0a9yTRkr4R4Cf6dotAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUNpBnWovGZWuhJL8YgtK8PRTNXXcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL05wQm5Xb3ZHWld1aEpM
OFlndEs4UFJUTlhYYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAA9cLSFa6j7YcDgJA+IDD6kE
/NafP5EERWEwpkbeS2B2Xqkgvoa4L4Qqooi8BRIhtyU6p1ezB55u8o4DaTjJ9r5p
/rgsuFL1Zb9rKCbURaB/kuR+e2VAdyi51g8ehN5gi1gAzStxek0Njk2y71xSWP17
PQXuzvfa5PJITnaUuK+9jKumM3N0N7Adkjl38NY1N0UVJ1/8hdOmKXmZKT6Ibg71
O6K9GlMWyZrhd59CFUxwcGcABrjCzW1ShNkZpwblN6Lep7/xODSVnSGkVpUt4wCq
l+z7Nf3Oyqb5/OB4JL1MtHLD0+VP8RzzpeZIrF16fATmJfaGc8Bkse7oRsSFjTY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:34 2025 by rpki-client