Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Z9PT3o0W8Gi6xphcniSQjWjhZ1c.roa
File: Z9PT3o0W8Gi6xphcniSQjWjhZ1c.roa (raw, json)
Hash identifier: UCsrnNcCWtKV3pqP1+QdKZ2q818m5p9REx3SbOTOjP0=
Subject key identifier: 67:D3:D3:DE:8D:16:F0:68:BA:C6:98:5C:9E:24:90:8D:68:E1:67:57
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CFA
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Z9PT3o0W8Gi6xphcniSQjWjhZ1c.roa
Signing time: Fri 07 Feb 2025 03:55:47 +0000
ROA not before: Fri 07 Feb 2025 03:55:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3322 (0xcfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 7 03:55:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=67D3D3DE8D16F068BAC6985C9E24908D68E16757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:31:c1:45:5b:1d:9a:f5:f0:07:9f:4e:8d:76:
9d:fc:6b:89:af:69:89:47:9d:df:0a:0a:f5:86:6a:
66:1a:7d:e9:08:21:52:e8:e2:fa:75:de:f3:2f:d5:
ce:a7:49:cc:cd:e1:64:b3:b1:c0:39:e9:c5:f1:a2:
48:59:98:c4:ad:c7:b9:b5:7c:de:90:65:48:0e:33:
7a:24:40:07:f0:c4:e8:8d:72:b6:ad:2d:c3:73:58:
a6:88:27:ae:3a:ee:11:5b:78:47:e3:8e:d2:84:6a:
ba:4f:c1:32:e1:45:33:4c:75:92:59:b4:b9:21:a3:
1f:e3:26:fa:e0:72:d7:6b:4f:40:c6:69:f2:1d:87:
96:0a:5b:97:9c:91:a5:a0:af:b2:46:15:93:d7:31:
94:63:e6:0e:84:af:e4:62:1a:af:1e:86:d9:86:03:
10:28:da:1d:0b:f9:1f:aa:49:30:91:f7:af:7a:60:
51:13:c0:d7:8c:65:44:bf:f5:1d:3b:79:82:20:3f:
ee:38:86:be:2d:ba:91:0e:17:25:3a:f8:25:e5:24:
39:61:8d:b2:67:76:7c:70:5e:71:92:94:b7:aa:a5:
b4:18:27:b1:f2:2d:a1:37:9c:1e:ff:7c:01:7e:e7:
b0:85:3d:bd:c1:5c:05:03:cf:5a:70:e9:db:6c:5c:
8a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D3:D3:DE:8D:16:F0:68:BA:C6:98:5C:9E:24:90:8D:68:E1:67:57
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Z9PT3o0W8Gi6xphcniSQjWjhZ1c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b9:be:b7:28:16:c5:bb:c5:2d:cb:40:bd:c3:95:f2:92:dd:9a:
00:b5:8f:50:f9:31:56:ea:d2:b7:87:73:2e:a6:20:4c:b1:e4:
16:d2:b7:e9:4e:66:81:7f:f6:db:0e:c0:77:03:d5:98:2f:72:
25:15:11:c7:2d:6e:7b:6b:8c:27:ee:df:c3:2d:b5:f4:79:94:
31:5f:7e:80:19:47:59:e3:2b:1a:58:d1:dc:d9:12:4e:cd:32:
22:c1:cc:6a:70:d7:9c:cc:b5:ac:40:17:1f:fa:02:bf:73:6c:
17:0f:db:b8:9c:c9:3d:8a:38:21:65:94:88:e1:6b:fd:75:ef:
c3:5e:9e:bc:07:90:c7:bc:65:3a:43:f1:b0:b4:5f:65:ff:d9:
61:d5:eb:9d:f7:94:96:31:01:e4:72:2b:27:26:52:b5:73:69:
96:98:62:29:18:60:81:b6:78:f2:8f:b2:64:d2:fb:d1:d6:75:
91:6f:9c:72:a2:ba:d0:fe:36:d0:5c:d2:78:b2:68:98:81:e8:
89:e1:85:4b:48:15:90:12:d2:91:da:7f:84:b8:4b:7d:6b:ef:
94:c8:06:3e:8c:5b:db:5b:d8:5d:bb:8b:01:3e:75:9f:f1:33:
f9:d1:1f:3b:8c:0b:0d:03:05:ce:0c:7d:21:eb:ca:28:7d:73:
4c:6f:af:73
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDcw
MzU1NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY3RDNEM0RFOEQxNkYw
NjhCQUM2OTg1QzlFMjQ5MDhENjhFMTY3NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjMcFFWx2a9fAHn06Ndp38a4mvaYlHnd8KCvWGamYafekIIVLo
4vp13vMv1c6nSczN4WSzscA56cXxokhZmMStx7m1fN6QZUgOM3okQAfwxOiNcrat
LcNzWKaIJ6467hFbeEfjjtKEarpPwTLhRTNMdZJZtLkhox/jJvrgctdrT0DGafId
h5YKW5eckaWgr7JGFZPXMZRj5g6Er+RiGq8ehtmGAxAo2h0L+R+qSTCR9696YFET
wNeMZUS/9R07eYIgP+44hr4tupEOFyU6+CXlJDlhjbJndnxwXnGSlLeqpbQYJ7Hy
LaE3nB7/fAF+57CFPb3BXAUDz1pw6dtsXIpPAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUZ9PT3o0W8Gi6xphcniSQjWjhZ1cwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1o5UFQzbzBXOEdpNnhw
aGNuaVNRaldqaFoxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBALm+tygWxbvFLctAvcOV8pLd
mgC1j1D5MVbq0reHcy6mIEyx5BbSt+lOZoF/9tsOwHcD1ZgvciUVEcctbntrjCfu
38MttfR5lDFffoAZR1njKxpY0dzZEk7NMiLBzGpw15zMtaxAFx/6Ar9zbBcP27ic
yT2KOCFllIjha/1178NenrwHkMe8ZTpD8bC0X2X/2WHV6533lJYxAeRyKycmUrVz
aZaYYikYYIG2ePKPsmTS+9HWdZFvnHKiutD+NtBc0niyaJiB6InhhUtIFZAS0pHa
f4S4S31r75TIBj6MW9tb2F27iwE+dZ/xM/nRHzuMCw0DBc4MfSHryih9c0xvr3M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:20 2025 by rpki-client