Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/ORzAOwDWbt9sRf7N0fqhvue0se4.roa
File: ORzAOwDWbt9sRf7N0fqhvue0se4.roa (raw, json)
Hash identifier: 4EeIQxaM21KjNR5WkGr4TGgoR/7KGmC9DiP0Qef02TU=
Subject key identifier: 39:1C:C0:3B:00:D6:6E:DF:6C:45:FE:CD:D1:FA:A1:BE:E7:B4:B1:EE
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0C60
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ORzAOwDWbt9sRf7N0fqhvue0se4.roa
Signing time: Wed 05 Feb 2025 13:25:43 +0000
ROA not before: Wed 05 Feb 2025 13:25:43 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3168 (0xc60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 5 13:25:43 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=391CC03B00D66EDF6C45FECDD1FAA1BEE7B4B1EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b5:b2:c2:2a:d5:44:67:e1:3c:3c:69:02:7a:
d5:c9:d6:df:eb:f3:7b:d4:eb:02:44:91:d2:40:e8:
cb:50:dc:e3:4f:81:e9:78:f5:51:ad:c5:90:56:d5:
3a:81:91:58:c7:1e:d4:1c:94:71:dc:22:fc:d6:cd:
8f:62:b2:3e:3b:19:19:dc:44:df:01:62:3c:4f:f3:
0b:24:cc:67:e0:59:67:6d:33:93:c3:dc:ce:0c:4f:
94:77:45:45:b6:26:d5:0f:4c:5e:2b:9e:96:18:28:
43:b5:48:0f:7d:6e:88:89:40:c7:a0:e9:7d:8a:f3:
f5:9d:0d:12:dc:cc:e6:ac:a2:90:f0:c9:de:23:9a:
4f:11:8b:3a:f8:1a:b9:d3:9a:70:55:80:dc:ea:00:
ca:8b:fe:c7:f1:f8:8d:3b:c3:29:c9:c4:38:c6:f8:
84:ca:35:b5:40:8a:31:87:73:f8:25:67:19:8c:78:
8a:ab:41:20:c5:79:ad:be:b6:66:54:df:d1:22:b1:
d7:44:b8:2f:cc:34:0c:dc:fa:99:75:39:37:c0:96:
9b:01:0e:72:a0:41:21:a1:3d:ff:f6:69:c7:fc:2a:
42:fa:87:5e:b6:84:d5:91:9b:1e:00:8f:2e:ad:d8:
a9:6c:68:2e:a4:43:d3:62:bc:6c:e0:91:64:12:2f:
25:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1C:C0:3B:00:D6:6E:DF:6C:45:FE:CD:D1:FA:A1:BE:E7:B4:B1:EE
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ORzAOwDWbt9sRf7N0fqhvue0se4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
00:c8:0e:2f:3e:3e:e3:b0:d1:94:47:82:d0:a0:ae:8d:d8:c2:
93:cd:4b:7e:0b:0c:5d:a7:f8:ab:94:0e:f6:b5:7e:46:ae:ec:
0d:e8:69:24:88:7d:f0:c3:f9:a7:2b:7e:b3:2e:2b:f7:e1:31:
3f:fe:1a:36:ed:e8:a9:c7:a4:b3:30:32:57:a2:15:fd:ab:5f:
a9:41:12:5a:ab:41:3f:18:ee:59:c4:8f:57:ae:54:8f:eb:31:
20:93:60:bd:95:05:ce:2c:d3:15:8f:51:4b:ca:59:fc:82:04:
b8:04:19:07:05:25:0c:1e:a5:86:34:9f:48:bf:d3:33:54:51:
a3:7f:19:e6:09:53:bf:a2:07:75:78:f6:e4:a5:91:d1:37:10:
f3:46:73:f7:ff:d5:8a:46:a5:91:65:02:14:27:6b:66:7f:64:
ea:44:6c:a1:8a:83:73:91:c4:18:9f:ce:d9:02:78:ca:aa:bb:
1e:59:35:a4:24:dc:7e:ab:fc:23:3c:a0:40:1d:24:de:74:76:
08:c8:84:06:57:8d:6a:ae:4a:73:f6:b5:8b:01:96:3e:b2:34:
03:f9:ac:21:dd:de:9e:b1:a7:c4:45:1a:a6:3f:f4:21:e8:c0:
94:b3:ba:f3:cd:58:3e:ba:74:e1:74:b5:f3:82:a6:8d:35:d2:
a6:e2:9b:4f
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDUx
MzI1NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM5MUNDMDNCMDBENjZF
REY2QzQ1RkVDREQxRkFBMUJFRTdCNEIxRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJtbLCKtVEZ+E8PGkCetXJ1t/r83vU6wJEkdJA6MtQ3ONPgel4
9VGtxZBW1TqBkVjHHtQclHHcIvzWzY9isj47GRncRN8BYjxP8wskzGfgWWdtM5PD
3M4MT5R3RUW2JtUPTF4rnpYYKEO1SA99boiJQMeg6X2K8/WdDRLczOasopDwyd4j
mk8Rizr4GrnTmnBVgNzqAMqL/sfx+I07wynJxDjG+ITKNbVAijGHc/glZxmMeIqr
QSDFea2+tmZU39EisddEuC/MNAzc+pl1OTfAlpsBDnKgQSGhPf/2acf8KkL6h162
hNWRmx4Ajy6t2KlsaC6kQ9NivGzgkWQSLyVFAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUORzAOwDWbt9sRf7N0fqhvue0se4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL09SekFPd0RXYnQ5c1Jm
N04wZnFodnVlMHNlNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAADIDi8+PuOw0ZRHgtCgro3Y
wpPNS34LDF2n+KuUDva1fkau7A3oaSSIffDD+acrfrMuK/fhMT/+Gjbt6KnHpLMw
MleiFf2rX6lBElqrQT8Y7lnEj1euVI/rMSCTYL2VBc4s0xWPUUvKWfyCBLgEGQcF
JQwepYY0n0i/0zNUUaN/GeYJU7+iB3V49uSlkdE3EPNGc/f/1YpGpZFlAhQna2Z/
ZOpEbKGKg3ORxBifztkCeMqqux5ZNaQk3H6r/CM8oEAdJN50dgjIhAZXjWquSnP2
tYsBlj6yNAP5rCHd3p6xp8RFGqY/9CHowJSzuvPNWD66dOF0tfOCpo010qbim08=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:48 2025 by rpki-client