Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/OIJW-RsGO5RwTbPmwT0oWVGl8Z8.roa
File: OIJW-RsGO5RwTbPmwT0oWVGl8Z8.roa (raw, json)
Hash identifier: iNUw8zkLDUHti6V4hPFJlCYiTgRj7XZVyq6Eg9mWh3w=
Subject key identifier: 38:82:56:F9:1B:06:3B:94:70:4D:B3:E6:C1:3D:28:59:51:A5:F1:9F
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BCC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/OIJW-RsGO5RwTbPmwT0oWVGl8Z8.roa
Signing time: Tue 04 Feb 2025 00:25:40 +0000
ROA not before: Tue 04 Feb 2025 00:25:40 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3020 (0xbcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 4 00:25:40 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=388256F91B063B94704DB3E6C13D285951A5F19F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:56:87:63:f5:53:eb:83:e4:9c:8d:47:3c:14:
a3:64:a7:e7:98:e4:f5:ed:35:5b:5a:dc:ea:a1:b6:
37:f8:9a:53:a7:55:94:3b:57:67:35:8a:f6:ed:3a:
27:bb:ac:6b:59:c9:92:74:b6:ef:7a:30:64:34:ff:
52:e5:6e:74:cc:33:f1:ab:98:79:7c:02:73:fe:1d:
5d:af:72:c6:46:45:80:a3:d3:61:1d:e1:66:7f:56:
56:b2:ec:4f:70:51:b8:b7:83:37:3a:5f:b8:bb:2b:
4d:c4:a9:5c:6b:5c:da:03:a4:19:ee:44:af:73:fd:
27:d7:3d:8a:fa:7e:5f:8c:63:49:0d:1e:6a:7b:7a:
ce:7e:b3:63:32:eb:6c:ee:c3:58:44:5f:df:65:66:
4d:1d:14:8a:aa:9a:fe:31:41:1d:fe:e3:80:1c:19:
8e:e5:7b:24:e9:80:97:c1:d4:ec:e5:db:0a:70:63:
e7:87:78:01:af:d3:24:ba:af:6f:1e:0d:1b:f5:e7:
35:53:62:fd:9f:cb:59:62:23:3c:11:bf:7e:d4:1c:
7a:5c:5b:83:b1:b4:53:1a:5d:7b:27:a4:fd:ff:4e:
e1:72:95:85:cf:1a:fc:08:f4:29:5e:05:8e:16:4a:
ff:8a:86:b2:3c:4b:ad:7e:65:b7:c1:50:82:7e:a6:
9d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:82:56:F9:1B:06:3B:94:70:4D:B3:E6:C1:3D:28:59:51:A5:F1:9F
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/OIJW-RsGO5RwTbPmwT0oWVGl8Z8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
33:f6:6c:ac:fa:66:f6:31:af:52:85:a0:ee:27:18:23:f0:8e:
27:bd:cf:4b:85:a3:36:c9:e1:ea:ef:6d:db:3f:50:c0:9c:ae:
40:9e:61:a9:3f:e8:6d:36:e2:fb:66:78:c4:98:16:c5:6f:86:
cb:25:35:92:fa:58:37:ef:68:c8:24:43:df:bd:0a:2d:44:72:
fa:bf:00:a4:01:d0:01:0a:c9:e2:4c:dc:80:11:b3:76:bd:d5:
4a:90:30:1f:88:43:75:82:21:e9:f0:bf:e9:cb:eb:cc:e9:68:
88:8b:f5:fe:fe:9e:2c:2e:95:39:66:97:aa:0e:ec:72:70:d3:
49:ee:27:41:4b:0a:72:a1:74:02:ed:d9:6c:73:75:b3:40:0d:
66:f2:1b:95:38:4a:3a:fd:35:02:87:1b:dc:d6:81:82:0e:e3:
3a:62:bf:59:f9:1b:ea:af:91:f0:15:73:a9:92:01:8a:75:20:
78:84:c0:33:08:c0:27:d4:a8:ad:05:8b:93:16:c2:4b:5f:cb:
42:ae:6a:9a:64:c5:57:3c:55:8d:f5:69:f5:38:8b:32:97:90:
2d:ae:48:4f:76:3f:57:87:f3:0b:0c:5f:00:e7:39:57:7d:b8:
76:46:9e:ee:85:a2:e1:7e:d9:39:6e:66:41:19:07:19:2a:3c:
ae:8f:21:ca
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDQw
MDI1NDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM4ODI1NkY5MUIwNjNC
OTQ3MDREQjNFNkMxM0QyODU5NTFBNUYxOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkVodj9VPrg+ScjUc8FKNkp+eY5PXtNVta3Oqhtjf4mlOnVZQ7
V2c1ivbtOie7rGtZyZJ0tu96MGQ0/1LlbnTMM/GrmHl8AnP+HV2vcsZGRYCj02Ed
4WZ/Vlay7E9wUbi3gzc6X7i7K03EqVxrXNoDpBnuRK9z/SfXPYr6fl+MY0kNHmp7
es5+s2My62zuw1hEX99lZk0dFIqqmv4xQR3+44AcGY7leyTpgJfB1Ozl2wpwY+eH
eAGv0yS6r28eDRv15zVTYv2fy1liIzwRv37UHHpcW4OxtFMaXXsnpP3/TuFylYXP
GvwI9CleBY4WSv+KhrI8S61+ZbfBUIJ+pp3vAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUOIJW+RsGO5RwTbPmwT0oWVGl8Z8wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL09JSlctUnNHTzVSd1Ri
UG13VDBvV1ZHbDhaOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADP2bKz6ZvYxr1KFoO4nGCPw
jie9z0uFozbJ4ervbds/UMCcrkCeYak/6G024vtmeMSYFsVvhsslNZL6WDfvaMgk
Q9+9Ci1Ecvq/AKQB0AEKyeJM3IARs3a91UqQMB+IQ3WCIenwv+nL68zpaIiL9f7+
niwulTlml6oO7HJw00nuJ0FLCnKhdALt2WxzdbNADWbyG5U4Sjr9NQKHG9zWgYIO
4zpiv1n5G+qvkfAVc6mSAYp1IHiEwDMIwCfUqK0Fi5MWwktfy0KuappkxVc8VY31
afU4izKXkC2uSE92P1eH8wsMXwDnOVd9uHZGnu6FouF+2TluZkEZBxkqPK6PIco=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:44:51 2025 by rpki-client