Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/W2IXbNR4Pf0BlWnZ7N3p-CsXk24.roa
File: W2IXbNR4Pf0BlWnZ7N3p-CsXk24.roa (raw, json)
Hash identifier: RRdZMEe8A2gcJxhNapT/1Vq2YYR8cDP0f6Qck6SZ3nw=
Subject key identifier: 5B:62:17:6C:D4:78:3D:FD:01:95:69:D9:EC:DD:E9:F8:2B:17:93:6E
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0DB0
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/W2IXbNR4Pf0BlWnZ7N3p-CsXk24.roa
Signing time: Sun 09 Feb 2025 01:25:56 +0000
ROA not before: Sun 09 Feb 2025 01:25:56 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3504 (0xdb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 9 01:25:56 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5B62176CD4783DFD019569D9ECDDE9F82B17936E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:99:60:37:64:23:0f:b9:22:d0:f9:33:7e:1b:
ec:46:40:19:56:29:be:cd:b9:2e:c5:37:da:c4:2e:
ab:3c:35:84:15:87:d1:f6:88:8c:6d:64:0f:0c:94:
4a:36:64:9a:d6:70:97:4d:a1:41:c6:a0:fc:e2:96:
9d:63:24:f6:d3:2b:e9:1a:95:f9:b0:e5:3a:ed:56:
e2:6b:9f:f0:91:ae:c2:4a:11:84:cf:ec:3f:89:f5:
b5:8e:47:a7:8c:0e:6b:b3:07:1a:b1:37:a9:ad:68:
46:c8:b2:c2:71:4b:fa:7e:6d:45:9e:94:f3:ed:61:
3e:fd:83:e0:31:64:05:25:84:19:5b:d0:eb:9a:c5:
df:7e:7f:37:82:0e:47:ee:42:04:a6:f7:28:61:f2:
28:bc:85:fc:3a:9e:aa:ce:b8:ef:31:c8:4c:00:cc:
6b:28:4e:8e:7f:1b:5a:4c:da:03:14:95:56:4c:e2:
5f:03:96:7d:d1:b5:b7:e4:69:96:10:fe:49:ef:84:
91:38:1b:42:ca:2c:ca:73:35:15:37:e8:d9:2f:6e:
7b:72:44:1c:f8:b3:ce:e3:64:c1:c8:cb:74:bc:fa:
9f:59:e6:7c:5f:93:92:df:a9:43:ec:3e:71:8b:d7:
90:f3:82:7d:90:66:32:99:33:3d:51:3d:de:68:cc:
63:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:62:17:6C:D4:78:3D:FD:01:95:69:D9:EC:DD:E9:F8:2B:17:93:6E
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/W2IXbNR4Pf0BlWnZ7N3p-CsXk24.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
85:d2:af:d6:19:be:6e:11:49:63:c5:96:64:86:e3:e7:2c:b5:
15:82:a5:83:85:ee:2f:00:5a:43:34:f1:83:b2:31:df:12:bd:
cf:f5:a0:87:59:9a:92:bb:d9:24:2d:e1:b6:b0:df:b5:cc:33:
83:24:03:d9:05:52:2e:05:a6:ab:0a:82:fd:eb:6c:52:5f:0d:
a7:53:7a:fc:af:30:ab:68:34:dd:de:db:0e:84:92:f6:ef:b9:
e1:31:8f:fc:2e:65:9a:f6:cb:b1:50:66:1d:1b:be:b9:c6:e7:
c5:85:43:61:ac:7a:f4:1e:dd:ee:c1:a3:5f:01:54:ca:87:5a:
7e:97:00:08:ac:14:b2:13:df:44:52:54:25:76:b6:b1:2e:25:
da:74:45:fe:98:48:2c:d3:e6:f1:9a:ac:64:87:83:26:17:fc:
7e:fa:04:d5:80:a5:3e:fd:11:e1:09:48:8a:b4:6a:68:39:e4:
11:eb:82:de:a1:00:3e:35:49:e6:d7:08:35:fd:ca:31:92:67:
1b:26:e2:0e:d2:77:36:bc:b7:88:ac:da:74:b5:c2:95:e9:d5:
1e:ff:55:d2:44:ab:d8:f1:c3:72:72:3f:be:7c:77:f1:f8:97:
25:9c:d4:6d:14:d7:04:30:89:25:bc:58:7d:12:c7:ad:23:19:
07:6c:fa:7a
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDkw
MTI1NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVCNjIxNzZDRDQ3ODNE
RkQwMTk1NjlEOUVDRERFOUY4MkIxNzkzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrmWA3ZCMPuSLQ+TN+G+xGQBlWKb7NuS7FN9rELqs8NYQVh9H2
iIxtZA8MlEo2ZJrWcJdNoUHGoPzilp1jJPbTK+kalfmw5TrtVuJrn/CRrsJKEYTP
7D+J9bWOR6eMDmuzBxqxN6mtaEbIssJxS/p+bUWelPPtYT79g+AxZAUlhBlb0Oua
xd9+fzeCDkfuQgSm9yhh8ii8hfw6nqrOuO8xyEwAzGsoTo5/G1pM2gMUlVZM4l8D
ln3RtbfkaZYQ/knvhJE4G0LKLMpzNRU36NkvbntyRBz4s87jZMHIy3S8+p9Z5nxf
k5LfqUPsPnGL15Dzgn2QZjKZMz1RPd5ozGM3AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUW2IXbNR4Pf0BlWnZ7N3p+CsXk24wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1cySVhiTlI0UGYwQmxX
blo3TjNwLUNzWGsyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIXSr9YZvm4RSWPFlmSG4+cs
tRWCpYOF7i8AWkM08YOyMd8Svc/1oIdZmpK72SQt4baw37XMM4MkA9kFUi4FpqsK
gv3rbFJfDadTevyvMKtoNN3e2w6EkvbvueExj/wuZZr2y7FQZh0bvrnG58WFQ2Gs
evQe3e7Bo18BVMqHWn6XAAisFLIT30RSVCV2trEuJdp0Rf6YSCzT5vGarGSHgyYX
/H76BNWApT79EeEJSIq0amg55BHrgt6hAD41SebXCDX9yjGSZxsm4g7Sdza8t4is
2nS1wpXp1R7/VdJEq9jxw3JyP758d/H4lyWc1G0U1wQwiSW8WH0Sx60jGQds+no=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:50 2025 by rpki-client