Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/ZzBkdR4QAe9SPFV_B01-lnqObTg.roa
File: ZzBkdR4QAe9SPFV_B01-lnqObTg.roa (raw, json)
Hash identifier: /PLisCS60NATaW6I3EgAHG5OyZC/1RVbWrX4JTzfSBk=
Subject key identifier: 67:30:64:75:1E:10:01:EF:52:3C:55:7F:07:4D:7E:96:7A:8E:6D:38
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0A5A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ZzBkdR4QAe9SPFV_B01-lnqObTg.roa
Signing time: Fri 31 Jan 2025 03:55:32 +0000
ROA not before: Fri 31 Jan 2025 03:55:32 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2650 (0xa5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 31 03:55:32 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=673064751E1001EF523C557F074D7E967A8E6D38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:89:af:f9:aa:42:91:23:d8:1c:44:f0:7b:ef:
3e:2d:b9:60:a5:95:1b:8a:8d:6f:ac:dd:22:4b:dd:
70:3d:8a:98:83:4f:f9:47:a0:1d:29:52:3c:d9:8b:
b5:1c:35:a8:29:ec:47:26:f7:fc:33:e8:90:ee:f4:
68:9a:4c:18:b2:09:7d:a6:8d:63:9b:d2:ff:c5:27:
6b:12:6e:51:58:3b:f6:8c:a1:2a:4f:1b:59:f1:73:
8d:3b:d4:bc:49:c2:63:cd:88:0c:e3:c5:aa:14:38:
3b:cc:e9:90:d0:77:83:78:95:a4:a9:a3:8f:b2:fc:
8f:c2:89:fc:4e:cb:d5:38:6f:aa:d9:45:c4:de:d0:
5e:46:17:a7:ec:a8:94:1e:6f:ea:28:0f:23:05:a6:
36:1f:b3:1a:81:48:6b:d5:8e:0a:fe:46:84:12:24:
49:67:18:ce:fb:8d:ba:89:b6:30:ee:43:4e:28:06:
11:34:00:54:ac:f5:f3:f3:2c:57:cb:6a:d3:10:d9:
92:ba:bc:e8:b7:6f:9e:ae:30:75:25:61:62:e7:ff:
31:db:97:80:ba:79:7d:9b:ab:32:fc:8d:a7:d3:04:
f5:6c:9f:50:26:52:2a:b2:44:b8:af:85:94:73:d5:
48:05:43:39:61:13:74:8b:4f:68:cf:64:65:1f:69:
10:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:30:64:75:1E:10:01:EF:52:3C:55:7F:07:4D:7E:96:7A:8E:6D:38
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ZzBkdR4QAe9SPFV_B01-lnqObTg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:9f:82:4a:d6:f2:ba:3c:71:95:af:f5:5d:1e:67:d0:73:a1:
3e:5e:9c:e7:c3:05:dd:99:1e:66:d2:31:48:04:75:65:3a:f2:
0d:10:d4:82:c6:4f:a3:51:f8:7a:d8:66:a7:f9:71:2c:c8:22:
8f:d4:83:85:b8:d3:98:eb:93:52:b3:d8:3c:0e:b7:28:0f:c4:
05:73:4b:d5:3a:be:fc:f5:8b:8e:c8:26:0c:ea:9e:86:51:4e:
71:d3:13:35:c1:73:78:58:ab:60:a7:da:c7:fa:01:4f:9c:e3:
7c:69:f9:e0:5e:79:81:54:cd:f3:01:cf:09:cd:6d:1b:91:bc:
65:2b:d6:33:96:c2:37:1e:d6:43:45:33:f9:15:7f:bf:dc:ff:
1c:ef:22:9d:0a:bb:98:71:11:78:e2:e2:4a:d8:a6:6c:bb:f5:
34:ae:e4:94:ee:b8:30:3c:69:c3:5b:b3:61:d5:a1:89:24:a2:
97:3c:aa:8f:35:94:d1:46:54:9c:23:28:9d:6b:32:0f:a9:53:
ab:ca:54:50:20:ba:1a:87:9f:61:52:4f:59:30:2a:4b:ad:d0:
01:0b:4b:3c:1a:31:f3:bf:20:8b:10:ef:d8:10:46:17:66:94:
ea:8e:86:87:48:95:e1:5f:60:87:fc:5b:9b:fc:8a:86:d1:90:
c1:7b:a5:5d
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICClowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzEw
MzU1MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY3MzA2NDc1MUUxMDAx
RUY1MjNDNTU3RjA3NEQ3RTk2N0E4RTZEMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYia/5qkKRI9gcRPB77z4tuWCllRuKjW+s3SJL3XA9ipiDT/lH
oB0pUjzZi7UcNagp7Ecm9/wz6JDu9GiaTBiyCX2mjWOb0v/FJ2sSblFYO/aMoSpP
G1nxc4071LxJwmPNiAzjxaoUODvM6ZDQd4N4laSpo4+y/I/CifxOy9U4b6rZRcTe
0F5GF6fsqJQeb+ooDyMFpjYfsxqBSGvVjgr+RoQSJElnGM77jbqJtjDuQ04oBhE0
AFSs9fPzLFfLatMQ2ZK6vOi3b56uMHUlYWLn/zHbl4C6eX2bqzL8jafTBPVsn1Am
UiqyRLivhZRz1UgFQzlhE3SLT2jPZGUfaRC5AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUZzBkdR4QAe9SPFV/B01+lnqObTgwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1p6QmtkUjRRQWU5U1BG
Vl9CMDEtbG5xT2JUZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIufgkrW8ro8cZWv9V0eZ9Bz
oT5enOfDBd2ZHmbSMUgEdWU68g0Q1ILGT6NR+HrYZqf5cSzIIo/Ug4W405jrk1Kz
2DwOtygPxAVzS9U6vvz1i47IJgzqnoZRTnHTEzXBc3hYq2Cn2sf6AU+c43xp+eBe
eYFUzfMBzwnNbRuRvGUr1jOWwjce1kNFM/kVf7/c/xzvIp0Ku5hxEXji4krYpmy7
9TSu5JTuuDA8acNbs2HVoYkkopc8qo81lNFGVJwjKJ1rMg+pU6vKVFAguhqHn2FS
T1kwKkut0AELSzwaMfO/IIsQ79gQRhdmlOqOhodIleFfYIf8W5v8iobRkMF7pV0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:11:11 2025 by rpki-client