Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/QDhqpx1MxS-FtbQdVPtco6p0oHM.roa
File: QDhqpx1MxS-FtbQdVPtco6p0oHM.roa (raw, json)
Hash identifier: dKBNkZUaYmkuylIieV0/icO+4WTGILUQeZhkBUEd6Fc=
Subject key identifier: 40:38:6A:A7:1D:4C:C5:2F:85:B5:B4:1D:54:FB:5C:A3:AA:74:A0:73
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BB8
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/QDhqpx1MxS-FtbQdVPtco6p0oHM.roa
Signing time: Mon 03 Feb 2025 19:25:36 +0000
ROA not before: Mon 03 Feb 2025 19:25:36 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3000 (0xbb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 3 19:25:36 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=40386AA71D4CC52F85B5B41D54FB5CA3AA74A073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ea:8c:f3:bf:3c:d7:3a:16:09:94:3f:7b:55:
be:71:d1:93:cd:5c:e6:eb:19:b8:6a:b3:5f:fe:43:
c3:91:c2:f0:60:8b:a6:34:77:16:1b:b6:e1:52:dd:
1b:d1:ff:37:5d:83:ad:88:36:22:e6:4e:1c:cb:89:
a2:83:ff:1b:51:6c:11:f8:8f:8e:47:75:93:8c:42:
d6:1c:73:8b:03:b7:28:39:57:9a:35:7b:9b:85:2b:
e4:07:38:58:90:09:53:18:1b:4b:36:f3:6a:0c:13:
38:cd:e4:f5:71:34:34:2e:7c:4c:d1:33:f0:69:6d:
a2:87:1c:26:b3:be:eb:63:97:60:91:da:25:b6:49:
83:15:84:b6:af:23:2c:af:6a:a2:a2:46:fe:cc:78:
1b:7e:ce:a0:6a:d8:42:4b:7f:1f:6b:3f:5f:90:04:
5a:c9:be:0c:46:e4:85:b2:af:c9:86:72:7e:75:5a:
96:7f:d4:d4:e5:1e:55:0b:7f:8c:cf:d5:7c:cb:8b:
76:57:42:ea:2d:4c:68:21:3c:3e:94:7e:96:fb:85:
15:0c:4a:30:da:15:78:4d:24:d2:79:ff:13:20:9f:
6e:4c:da:32:0d:a4:93:26:03:17:22:49:93:d5:4a:
63:77:bf:1e:10:86:f8:9a:f8:32:a4:53:89:46:4b:
5b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:38:6A:A7:1D:4C:C5:2F:85:B5:B4:1D:54:FB:5C:A3:AA:74:A0:73
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/QDhqpx1MxS-FtbQdVPtco6p0oHM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:97:a5:4b:d6:fd:eb:bf:b1:76:f1:29:a8:f5:e6:f0:7d:7c:
b0:24:a0:d2:14:64:a2:95:18:37:0f:d4:15:df:3c:5c:10:44:
f1:ec:f2:1d:23:89:0f:da:07:fb:11:cd:0a:a3:b1:78:81:cf:
01:ac:d5:cd:f1:f0:e0:f8:92:c4:62:87:fb:e2:4a:4f:58:57:
63:f7:32:6f:36:e9:46:c8:b6:a2:37:3a:80:9d:dc:9c:d1:10:
3b:c9:a2:84:26:ae:10:e2:8d:86:b4:d8:d2:d3:6c:d0:b1:21:
2e:ee:8d:97:a1:d3:5c:ff:7e:95:af:19:61:64:29:70:9c:e3:
07:12:49:a1:e3:03:5a:d8:bd:16:47:ac:b5:fd:53:05:dc:37:
2c:dc:19:31:a8:36:be:e2:da:c4:7b:fe:30:f2:3d:f4:b2:36:
2d:e8:8e:b2:8a:ae:3d:8b:8e:e2:31:fe:cc:3b:06:06:13:9d:
92:9a:dd:a0:50:b2:a3:b0:02:ac:4e:01:46:6d:27:e2:73:7f:
59:13:79:25:f6:e0:c5:da:d0:2c:b3:8c:7d:8f:4e:2c:ad:e5:
d2:f8:25:6f:7a:3a:3c:af:81:0a:11:93:6a:7f:1c:3e:cb:40:
5c:ae:84:24:a2:3f:74:5e:81:60:75:61:e7:35:95:7d:e5:de:
8e:65:f8:03
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC7gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDMx
OTI1MzZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQwMzg2QUE3MUQ0Q0M1
MkY4NUI1QjQxRDU0RkI1Q0EzQUE3NEEwNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp6ozzvzzXOhYJlD97Vb5x0ZPNXObrGbhqs1/+Q8ORwvBgi6Y0
dxYbtuFS3RvR/zddg62INiLmThzLiaKD/xtRbBH4j45HdZOMQtYcc4sDtyg5V5o1
e5uFK+QHOFiQCVMYG0s282oMEzjN5PVxNDQufEzRM/BpbaKHHCazvutjl2CR2iW2
SYMVhLavIyyvaqKiRv7MeBt+zqBq2EJLfx9rP1+QBFrJvgxG5IWyr8mGcn51WpZ/
1NTlHlULf4zP1XzLi3ZXQuotTGghPD6Ufpb7hRUMSjDaFXhNJNJ5/xMgn25M2jIN
pJMmAxciSZPVSmN3vx4Qhvia+DKkU4lGS1v1AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUQDhqpx1MxS+FtbQdVPtco6p0oHMwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1FEaHFweDFNeFMtRnRi
UWRWUHRjbzZwMG9ITS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKCXpUvW/eu/sXbxKaj15vB9
fLAkoNIUZKKVGDcP1BXfPFwQRPHs8h0jiQ/aB/sRzQqjsXiBzwGs1c3x8OD4ksRi
h/viSk9YV2P3Mm826UbItqI3OoCd3JzREDvJooQmrhDijYa02NLTbNCxIS7ujZeh
01z/fpWvGWFkKXCc4wcSSaHjA1rYvRZHrLX9UwXcNyzcGTGoNr7i2sR7/jDyPfSy
Ni3ojrKKrj2LjuIx/sw7BgYTnZKa3aBQsqOwAqxOAUZtJ+Jzf1kTeSX24MXa0Cyz
jH2PTiyt5dL4JW96OjyvgQoRk2p/HD7LQFyuhCSiP3RegWB1Yec1lX3l3o5l+AM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:50 2025 by rpki-client