Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/VaeQeU37Djq5jfbQ8uC0eiHUor0.roa
File: VaeQeU37Djq5jfbQ8uC0eiHUor0.roa (raw, json)
Hash identifier: F0BAvliBlvbilZkkGnVsJFHEOLngSFaCs9r5qjTLyYs=
Subject key identifier: 55:A7:90:79:4D:FB:0E:3A:B9:8D:F6:D0:F2:E0:B4:7A:21:D4:A2:BD
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D8C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/VaeQeU37Djq5jfbQ8uC0eiHUor0.roa
Signing time: Sat 08 Feb 2025 16:26:39 +0000
ROA not before: Sat 08 Feb 2025 16:26:39 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3468 (0xd8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 8 16:26:39 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=55A790794DFB0E3AB98DF6D0F2E0B47A21D4A2BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:41:d8:c9:e3:32:d0:6e:f8:6d:e0:04:2b:5a:
eb:9f:70:40:17:21:e6:85:30:f2:77:87:6d:b8:64:
09:ce:10:59:d3:8d:4f:6f:47:6e:8d:98:51:1c:95:
0c:49:19:08:14:ec:c3:0d:af:42:0e:ab:38:34:2e:
4a:f9:f7:7e:35:54:70:c7:ea:1c:3a:c1:9b:33:c5:
d4:aa:af:41:10:d3:ef:5a:95:a1:f8:a5:10:96:c0:
e8:30:57:c4:86:42:4f:35:d9:5b:a3:50:56:46:14:
32:bb:d6:04:92:4c:cd:2d:79:ba:05:f8:e4:52:6d:
c3:30:f4:94:40:48:e1:60:4d:b9:48:5a:02:01:0f:
5f:0c:90:b0:1f:97:f7:32:3f:f0:e0:b6:63:0d:4d:
80:45:d3:9a:2c:7f:e7:73:c5:57:70:4c:68:b6:b3:
c4:29:c8:cc:be:50:de:87:ec:8e:23:eb:76:a5:a0:
77:75:8b:a0:fd:ee:a7:6f:7f:31:87:c5:4f:3f:80:
41:46:9c:c4:21:59:6d:ab:1a:14:79:a9:0e:d0:ba:
e0:0e:a2:6e:81:29:cc:44:f7:76:0e:85:80:dd:15:
4b:93:86:2b:29:0a:a4:0f:bb:8b:26:5d:63:48:ed:
57:eb:82:bb:2f:59:10:1d:a1:6a:07:38:18:e2:ff:
23:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A7:90:79:4D:FB:0E:3A:B9:8D:F6:D0:F2:E0:B4:7A:21:D4:A2:BD
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/VaeQeU37Djq5jfbQ8uC0eiHUor0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:d0:91:ed:c7:b7:a3:59:ef:87:e7:b1:aa:94:90:e8:22:3b:
93:1a:56:93:01:c3:b5:af:4b:b6:a5:b3:73:40:37:b8:ef:e5:
3d:aa:4a:db:52:ba:2d:03:a1:5b:09:b8:c3:15:b7:9b:c9:eb:
54:84:d0:13:68:37:16:09:3e:2e:08:51:c3:de:9c:58:c1:13:
1d:63:67:d5:25:10:75:a2:33:49:da:9f:46:b9:83:f1:90:59:
99:24:b1:76:44:06:89:7b:10:0c:9d:49:2e:7e:e5:56:b6:fe:
20:ff:a8:1a:96:31:2c:83:c9:34:15:3a:f7:77:09:ff:06:9a:
02:ea:df:ef:05:49:ff:8f:80:08:5b:79:80:62:bd:22:41:e6:
6f:ba:f7:66:c3:47:37:2a:a5:2c:9f:f3:f8:c1:43:65:b6:a8:
e6:ac:fa:ac:f6:3e:ae:a1:6f:80:6f:c2:69:5d:83:b7:1e:02:
2e:16:d5:3c:f7:fb:41:ce:6e:e0:60:fd:00:17:db:af:36:b6:
06:fc:b7:31:dd:c4:62:94:29:f1:3a:8a:26:90:42:8b:e0:2c:
44:5c:47:71:40:1f:9d:74:0b:65:a1:9c:e5:9a:46:b2:37:7b:
3f:56:4e:ab:bc:12:b8:60:3f:76:a7:b0:18:6b:e0:62:d5:6d:
17:88:b5:07
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDYwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDgx
NjI2MzlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU1QTc5MDc5NERGQjBF
M0FCOThERjZEMEYyRTBCNDdBMjFENEEyQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6QdjJ4zLQbvht4AQrWuufcEAXIeaFMPJ3h224ZAnOEFnTjU9v
R26NmFEclQxJGQgU7MMNr0IOqzg0Lkr59341VHDH6hw6wZszxdSqr0EQ0+9alaH4
pRCWwOgwV8SGQk812VujUFZGFDK71gSSTM0teboF+ORSbcMw9JRASOFgTblIWgIB
D18MkLAfl/cyP/DgtmMNTYBF05osf+dzxVdwTGi2s8QpyMy+UN6H7I4j63aloHd1
i6D97qdvfzGHxU8/gEFGnMQhWW2rGhR5qQ7QuuAOom6BKcxE93YOhYDdFUuThisp
CqQPu4smXWNI7VfrgrsvWRAdoWoHOBji/yP7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUVaeQeU37Djq5jfbQ8uC0eiHUor0wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1ZhZVFlVTM3RGpxNWpm
YlE4dUMwZWlIVW9yMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGvQke3Ht6NZ74fnsaqUkOgi
O5MaVpMBw7WvS7als3NAN7jv5T2qSttSui0DoVsJuMMVt5vJ61SE0BNoNxYJPi4I
UcPenFjBEx1jZ9UlEHWiM0nan0a5g/GQWZkksXZEBol7EAydSS5+5Va2/iD/qBqW
MSyDyTQVOvd3Cf8GmgLq3+8FSf+PgAhbeYBivSJB5m+692bDRzcqpSyf8/jBQ2W2
qOas+qz2Pq6hb4Bvwmldg7ceAi4W1Tz3+0HObuBg/QAX2682tgb8tzHdxGKUKfE6
iiaQQovgLERcR3FAH510C2WhnOWaRrI3ez9WTqu8ErhgP3ansBhr4GLVbReItQc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:33 2025 by rpki-client