Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/ZAvtj4yDxeAP0Ha1WYiPD7DOEeg.roa
File: ZAvtj4yDxeAP0Ha1WYiPD7DOEeg.roa (raw, json)
Hash identifier: uRg0k9exA9fs+ifEb9CKk697b1ZVUTDxhLs1ycZAYc8=
Subject key identifier: 64:0B:ED:8F:8C:83:C5:E0:0F:D0:76:B5:59:88:8F:0F:B0:CE:11:E8
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0DD2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ZAvtj4yDxeAP0Ha1WYiPD7DOEeg.roa
Signing time: Sun 09 Feb 2025 09:55:58 +0000
ROA not before: Sun 09 Feb 2025 09:55:58 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3538 (0xdd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 9 09:55:58 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=640BED8F8C83C5E00FD076B559888F0FB0CE11E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d4:97:f3:50:2f:a7:c4:ae:60:df:58:37:9a:
94:5e:f2:94:5b:ac:f3:a2:a3:5b:ef:d2:90:33:71:
39:3c:5b:52:cc:bb:d3:a6:7a:70:9a:26:c4:c3:69:
98:e0:b4:b5:38:96:a0:41:da:87:a7:b8:9f:41:be:
63:ae:9e:6c:06:1c:93:1b:63:01:8d:93:5c:66:36:
6d:82:7d:10:08:ed:a1:b8:e1:a5:e4:f4:85:50:19:
19:0d:1a:6f:38:51:52:11:98:3f:20:03:36:29:d5:
99:63:f4:e6:8a:30:9b:fa:cb:5b:15:2b:b3:73:d2:
fa:b2:8d:cf:20:7f:a0:db:a2:10:89:74:3e:72:35:
46:5b:27:aa:4f:51:b5:80:10:e1:18:d3:02:f8:aa:
20:97:4d:8f:4c:a2:00:f7:3a:17:59:5b:57:c5:ca:
11:6d:de:03:59:0b:b1:70:bf:18:5a:c9:af:04:4d:
b6:20:01:a8:93:c7:d8:cb:de:f7:a8:a0:56:6c:a7:
e8:55:50:36:af:48:69:cd:c3:13:7f:87:06:c2:3a:
e8:9f:76:46:be:cd:40:34:d8:77:90:d1:c1:5d:8f:
f9:6e:06:91:8a:55:fd:84:85:6d:24:88:8d:d4:90:
63:09:51:b2:6c:93:9f:46:ac:57:8c:84:45:8c:cb:
02:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0B:ED:8F:8C:83:C5:E0:0F:D0:76:B5:59:88:8F:0F:B0:CE:11:E8
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ZAvtj4yDxeAP0Ha1WYiPD7DOEeg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:81:e3:2a:68:c9:1a:0c:e4:d5:5f:6a:bd:0f:40:a8:20:80:
d5:d1:4e:fc:3a:17:48:9c:3f:ac:ea:02:cf:a2:d4:6d:55:e4:
14:5d:1d:42:5c:08:ac:2d:cb:96:bc:75:80:09:ea:1e:db:72:
9f:97:d3:32:f5:60:8e:19:65:f8:21:99:b6:b9:1c:f0:67:05:
52:97:25:e2:fa:96:e9:5f:90:62:bb:ee:97:27:dd:5f:74:a5:
c9:e6:cf:3f:9a:70:d2:12:ca:50:8b:8a:a6:d3:53:bf:ea:1e:
8f:80:66:48:ba:cd:5c:9e:89:ad:22:3d:ce:3e:34:22:a6:0b:
8a:3c:52:34:a1:c9:2d:fa:eb:2b:4d:07:a1:3f:53:fe:aa:93:
08:9b:96:83:85:42:f4:cc:8f:f9:16:ed:bf:b2:72:12:f3:6a:
6c:94:c4:60:3d:a3:10:f2:23:6b:e1:4a:10:28:4b:44:2c:a2:
89:13:a6:03:08:d7:f7:61:23:3c:4e:91:43:6b:9b:36:b7:13:
0b:85:f5:37:cf:ab:bd:b2:bb:11:70:a1:ae:7c:24:ff:06:16:
8b:f8:32:8f:24:8f:f6:45:6b:8f:8a:72:d0:b3:ee:0f:99:61:
c0:b0:18:ff:5f:21:a5:05:68:c8:b1:14:6b:ed:69:17:cb:ae:
10:22:05:60
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDkw
OTU1NThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY0MEJFRDhGOEM4M0M1
RTAwRkQwNzZCNTU5ODg4RjBGQjBDRTExRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs1JfzUC+nxK5g31g3mpRe8pRbrPOio1vv0pAzcTk8W1LMu9Om
enCaJsTDaZjgtLU4lqBB2oenuJ9BvmOunmwGHJMbYwGNk1xmNm2CfRAI7aG44aXk
9IVQGRkNGm84UVIRmD8gAzYp1Zlj9OaKMJv6y1sVK7Nz0vqyjc8gf6DbohCJdD5y
NUZbJ6pPUbWAEOEY0wL4qiCXTY9MogD3OhdZW1fFyhFt3gNZC7Fwvxhaya8ETbYg
AaiTx9jL3veooFZsp+hVUDavSGnNwxN/hwbCOuifdka+zUA02HeQ0cFdj/luBpGK
Vf2EhW0kiI3UkGMJUbJsk59GrFeMhEWMywKVAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUZAvtj4yDxeAP0Ha1WYiPD7DOEegwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1pBdnRqNHlEeGVBUDBI
YTFXWWlQRDdET0VlZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAAqB4ypoyRoM5NVfar0PQKgg
gNXRTvw6F0icP6zqAs+i1G1V5BRdHUJcCKwty5a8dYAJ6h7bcp+X0zL1YI4ZZfgh
mba5HPBnBVKXJeL6lulfkGK77pcn3V90pcnmzz+acNISylCLiqbTU7/qHo+AZki6
zVyeia0iPc4+NCKmC4o8UjShyS366ytNB6E/U/6qkwibloOFQvTMj/kW7b+ychLz
amyUxGA9oxDyI2vhShAoS0QsookTpgMI1/dhIzxOkUNrmza3EwuF9TfPq72yuxFw
oa58JP8GFov4Mo8kj/ZFa4+KctCz7g+ZYcCwGP9fIaUFaMixFGvtaRfLrhAiBWA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:22:01 2025 by rpki-client