Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Zy5OD_U-5w3XOTsE8kU58qlZ6jc.roa
File: Zy5OD_U-5w3XOTsE8kU58qlZ6jc.roa (raw, json)
Hash identifier: 7ILuXmHlIfkM+1yIu1maaRe/0TXKAV84wbqfM/JcYzc=
Subject key identifier: 67:2E:4E:0F:F5:3E:E7:0D:D7:39:3B:04:F2:45:39:F2:A9:59:EA:37
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 09B8
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Zy5OD_U-5w3XOTsE8kU58qlZ6jc.roa
Signing time: Wed 29 Jan 2025 11:25:24 +0000
ROA not before: Wed 29 Jan 2025 11:25:24 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2488 (0x9b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 29 11:25:24 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=672E4E0FF53EE70DD7393B04F24539F2A959EA37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7f:d1:b7:91:74:2b:ef:b2:fd:0c:1e:6b:23:
16:d0:b0:e3:29:19:29:eb:38:f4:c9:25:54:6b:d8:
0b:2d:35:37:30:27:2d:5c:09:b4:37:09:9a:32:fe:
b3:b0:f4:32:97:3f:b2:b7:ee:b5:cf:8a:ec:43:d6:
59:eb:4f:f0:5d:40:5f:4a:a6:4f:44:d2:d6:79:24:
85:c7:aa:16:b5:47:60:84:40:cc:96:15:4e:0f:40:
77:1a:17:18:23:24:27:3e:12:fb:43:24:80:13:9c:
06:05:e6:2a:09:d3:7e:ea:74:99:a8:ea:64:26:86:
28:99:88:11:a6:ac:32:dd:a9:86:2d:ce:81:94:4e:
f3:46:fd:a6:1f:e0:a8:38:41:27:c4:87:3a:80:63:
83:cc:8a:50:5e:79:96:c7:9b:38:45:63:f4:fb:42:
fb:44:fe:83:ac:f9:78:8b:0f:3b:bd:0f:e7:d8:f7:
10:26:d4:f4:75:43:7c:d6:0f:41:c7:32:7a:f0:02:
9e:99:f5:63:15:b2:fc:4e:c3:08:aa:84:80:5f:b0:
36:54:cd:94:58:4d:91:fc:9c:82:f9:61:00:a6:6a:
68:0e:88:f8:a0:73:71:9f:53:64:de:63:53:38:19:
87:42:c8:3d:bf:64:86:26:0b:51:f2:a0:65:ac:f8:
45:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2E:4E:0F:F5:3E:E7:0D:D7:39:3B:04:F2:45:39:F2:A9:59:EA:37
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Zy5OD_U-5w3XOTsE8kU58qlZ6jc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
2a:04:ac:c7:89:44:51:d9:63:50:40:32:b6:3d:99:d3:da:53:
66:0e:01:7d:df:bd:f6:2b:a9:bf:29:86:95:ea:29:06:c9:19:
7c:46:ac:8e:31:91:55:c8:98:d2:fe:e5:7d:26:1e:9a:39:d8:
17:ae:01:68:8c:67:61:e1:ef:54:a6:14:65:aa:c9:20:5a:89:
95:05:35:81:cd:19:94:e4:9e:e7:0e:2d:d1:18:ef:a1:fb:31:
b3:3e:d2:11:5e:86:e7:54:8d:ca:fc:ff:de:2e:7d:48:ac:3a:
a2:58:9a:a7:62:43:c6:49:4b:64:60:60:66:67:10:c2:71:c4:
93:7c:65:4f:84:c0:e9:ea:52:e9:91:ec:be:b3:47:2a:51:cb:
ea:18:a5:6a:54:d7:b4:5c:15:19:f1:47:b3:86:2a:5e:60:a3:
14:c0:19:65:3f:ba:3d:86:cf:94:74:2c:ae:a1:0a:1b:82:9c:
78:3c:bc:a0:ff:c3:6f:ca:90:78:7e:99:e9:bd:d9:45:c2:2c:
ee:62:d4:22:b5:60:17:32:75:db:e7:a6:31:3a:e9:7b:af:39:
a7:cb:97:b0:fb:5c:dc:b4:9e:3f:98:17:d5:16:95:b9:92:e8:
7b:20:a9:f2:f1:5f:61:96:42:d8:fb:05:30:97:ef:cd:af:02:
3e:aa:95:72
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCbgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjkx
MTI1MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY3MkU0RTBGRjUzRUU3
MERENzM5M0IwNEYyNDUzOUYyQTk1OUVBMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKf9G3kXQr77L9DB5rIxbQsOMpGSnrOPTJJVRr2AstNTcwJy1c
CbQ3CZoy/rOw9DKXP7K37rXPiuxD1lnrT/BdQF9Kpk9E0tZ5JIXHqha1R2CEQMyW
FU4PQHcaFxgjJCc+EvtDJIATnAYF5ioJ037qdJmo6mQmhiiZiBGmrDLdqYYtzoGU
TvNG/aYf4Kg4QSfEhzqAY4PMilBeeZbHmzhFY/T7QvtE/oOs+XiLDzu9D+fY9xAm
1PR1Q3zWD0HHMnrwAp6Z9WMVsvxOwwiqhIBfsDZUzZRYTZH8nIL5YQCmamgOiPig
c3GfU2TeY1M4GYdCyD2/ZIYmC1HyoGWs+EW/AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUZy5OD/U+5w3XOTsE8kU58qlZ6jcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1p5NU9EX1UtNXczWE9U
c0U4a1U1OHFsWjZqYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBACoErMeJRFHZY1BAMrY9mdPa
U2YOAX3fvfYrqb8phpXqKQbJGXxGrI4xkVXImNL+5X0mHpo52BeuAWiMZ2Hh71Sm
FGWqySBaiZUFNYHNGZTknucOLdEY76H7MbM+0hFehudUjcr8/94ufUisOqJYmqdi
Q8ZJS2RgYGZnEMJxxJN8ZU+EwOnqUumR7L6zRypRy+oYpWpU17RcFRnxR7OGKl5g
oxTAGWU/uj2Gz5R0LK6hChuCnHg8vKD/w2/KkHh+mem92UXCLO5i1CK1YBcyddvn
pjE66XuvOafLl7D7XNy0nj+YF9UWlbmS6HsgqfLxX2GWQtj7BTCX782vAj6qlXI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:25:54 2025 by rpki-client