Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/WeyR5o6_LvCstz6Jx8PI73q0lBk.roa
File: WeyR5o6_LvCstz6Jx8PI73q0lBk.roa (raw, json)
Hash identifier: FnV30XtxXYFeSrT+7jBdhFaW4TK916O0l7rdFgweDNM=
Subject key identifier: 59:EC:91:E6:8E:BF:2E:F0:AC:B7:3E:89:C7:C3:C8:EF:7A:B4:94:19
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D18
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/WeyR5o6_LvCstz6Jx8PI73q0lBk.roa
Signing time: Fri 07 Feb 2025 11:25:51 +0000
ROA not before: Fri 07 Feb 2025 11:25:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3352 (0xd18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 7 11:25:51 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=59EC91E68EBF2EF0ACB73E89C7C3C8EF7AB49419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:54:52:57:2a:d1:f7:b2:33:9c:48:61:fa:ea:
30:a6:e2:32:94:37:1c:6c:bc:97:97:c3:e5:01:22:
1e:cf:df:ba:dc:81:6c:11:f6:2f:de:4c:4f:ce:27:
a7:c6:6f:39:94:a5:5e:fa:64:f8:56:01:2a:db:b5:
42:a5:5a:11:0f:da:2a:f2:5a:1f:4c:9d:4f:58:40:
e4:ad:03:7d:41:fa:24:e8:8c:a2:f4:8a:1c:11:84:
6a:54:e2:04:c8:26:e7:71:c3:f9:5e:46:66:1b:e3:
58:fe:dd:bc:f6:bf:e3:9c:bc:1f:fd:12:fd:f2:ab:
68:c1:00:de:f3:4d:bf:0b:1e:7d:e8:d5:cd:76:6e:
28:41:68:ff:fd:38:33:0a:5f:0e:1b:50:13:9e:48:
6e:3e:63:8f:ab:94:04:d4:0d:ab:f2:55:b6:c4:4e:
1c:bb:fd:e5:e6:f7:84:59:b9:14:11:a1:ac:b2:5a:
87:75:b0:5e:35:0c:47:29:67:6f:46:8b:cc:0f:ab:
c1:1b:14:25:cc:24:4d:53:8e:89:e6:dc:48:69:a9:
6a:7c:93:c0:03:bc:71:4c:b7:5e:7f:8f:88:a8:38:
77:ff:1b:2a:e3:fb:d9:c5:47:9c:e3:68:57:86:45:
67:50:b7:ec:be:83:a9:cd:5b:3b:2e:c3:95:59:12:
a6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EC:91:E6:8E:BF:2E:F0:AC:B7:3E:89:C7:C3:C8:EF:7A:B4:94:19
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/WeyR5o6_LvCstz6Jx8PI73q0lBk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
30:bf:49:c8:5c:ca:bd:48:c0:b6:24:f5:9c:30:75:74:1d:26:
30:d9:2f:d0:e1:ed:b2:6c:6b:2d:11:f9:54:4c:c3:4d:83:28:
38:95:ed:70:ed:71:7a:5d:b3:0b:23:71:79:80:ac:38:e7:5b:
ac:16:ba:0e:89:25:98:fc:65:9c:d2:dc:a3:3f:08:cc:a0:c2:
81:d9:62:cb:ce:4b:3d:fb:f6:32:a1:73:59:d1:93:97:5a:92:
4a:45:4c:9e:8b:38:c4:63:ca:ca:f1:60:b5:b7:57:3c:80:b3:
bb:ae:6b:31:58:28:f2:1c:51:31:78:8c:ae:2e:11:61:82:7e:
6c:e7:a0:8e:bc:9e:39:f9:ed:96:93:c6:cf:15:c7:f8:27:f4:
0d:c8:0c:23:e4:58:c2:67:0a:dc:38:95:17:5b:0b:71:7d:76:
ea:b7:44:2f:3d:49:41:b1:f7:40:8b:82:00:aa:fb:f1:0f:a7:
34:2d:f5:2f:53:ec:16:65:ac:7f:5b:f6:a6:81:9b:95:c8:67:
20:7e:dd:f4:71:6a:7b:4d:8c:f8:21:c9:f6:f3:22:fa:7d:3d:
4f:45:0a:71:34:b4:10:f4:00:aa:18:17:9d:7d:25:22:03:d3:
b3:c8:7a:1d:db:4e:2b:60:47:51:48:68:2e:33:21:ec:40:d5:
38:75:c9:0c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDRgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDcx
MTI1NTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU5RUM5MUU2OEVCRjJF
RjBBQ0I3M0U4OUM3QzNDOEVGN0FCNDk0MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/VFJXKtH3sjOcSGH66jCm4jKUNxxsvJeXw+UBIh7P37rcgWwR
9i/eTE/OJ6fGbzmUpV76ZPhWASrbtUKlWhEP2iryWh9MnU9YQOStA31B+iTojKL0
ihwRhGpU4gTIJudxw/leRmYb41j+3bz2v+OcvB/9Ev3yq2jBAN7zTb8LHn3o1c12
bihBaP/9ODMKXw4bUBOeSG4+Y4+rlATUDavyVbbEThy7/eXm94RZuRQRoayyWod1
sF41DEcpZ29Gi8wPq8EbFCXMJE1Tjonm3EhpqWp8k8ADvHFMt15/j4ioOHf/Gyrj
+9nFR5zjaFeGRWdQt+y+g6nNWzsuw5VZEqYZAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUWeyR5o6/LvCstz6Jx8PI73q0lBkwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1dleVI1bzZfTHZDc3R6
Nkp4OFBJNzNxMGxCay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADC/Schcyr1IwLYk9ZwwdXQd
JjDZL9Dh7bJsay0R+VRMw02DKDiV7XDtcXpdswsjcXmArDjnW6wWug6JJZj8ZZzS
3KM/CMygwoHZYsvOSz379jKhc1nRk5dakkpFTJ6LOMRjysrxYLW3VzyAs7uuazFY
KPIcUTF4jK4uEWGCfmznoI68njn57ZaTxs8Vx/gn9A3IDCPkWMJnCtw4lRdbC3F9
duq3RC89SUGx90CLggCq+/EPpzQt9S9T7BZlrH9b9qaBm5XIZyB+3fRxantNjPgh
yfbzIvp9PU9FCnE0tBD0AKoYF519JSID07PIeh3bTitgR1FIaC4zIexA1Th1yQw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 17:26:19 2025 by rpki-client