Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/iZfaN5hk6TykQbBGfqAydAIiV8k.roa
File: iZfaN5hk6TykQbBGfqAydAIiV8k.roa (raw, json)
Hash identifier: FJzDxNCgWeYp8Rqj6Olp3oe7KOETwwLn/qv779dJ5oc=
Subject key identifier: 89:97:DA:37:98:64:E9:3C:A4:41:B0:46:7E:A0:32:74:02:22:57:C9
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 091A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/iZfaN5hk6TykQbBGfqAydAIiV8k.roa
Signing time: Mon 27 Jan 2025 19:55:18 +0000
ROA not before: Mon 27 Jan 2025 19:55:18 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2330 (0x91a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 27 19:55:18 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8997DA379864E93CA441B0467EA03274022257C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4c:d4:82:d9:29:44:42:e8:5b:f8:d0:aa:9e:
46:09:48:7a:be:7d:da:cc:7d:5a:b9:7f:0d:46:f7:
a1:b9:8b:c1:f3:6c:ae:97:25:ef:f2:4a:3c:44:33:
ab:dc:26:8d:15:54:5f:59:3f:d9:93:2a:f1:bb:f8:
e6:0b:a0:70:d0:e7:65:55:14:c0:c2:37:be:93:ce:
73:0b:f5:f0:fe:02:a5:d1:c8:89:e7:a9:04:69:86:
7e:d6:03:b0:6c:3d:ce:4f:c4:3a:48:e6:d5:83:c1:
45:6f:65:55:9b:93:48:48:2f:bb:70:a3:21:f9:87:
45:d0:0c:b6:e4:3e:4a:1b:8c:ca:a7:9a:da:88:5d:
e9:63:bc:89:f9:0b:e4:a7:69:9a:36:90:46:34:ed:
8a:48:b0:e2:38:18:85:54:ff:7b:1a:93:72:3e:aa:
20:5f:7b:3d:b3:3f:48:00:c9:65:ae:b6:7c:82:18:
41:85:08:b5:50:1c:0b:af:1d:ac:98:bc:65:df:54:
0e:2e:4b:74:b0:ab:fb:90:99:5c:69:6a:97:3d:07:
34:51:c2:2b:00:01:a1:bf:f6:99:1f:d0:d3:6d:83:
e1:cc:5b:49:d0:70:e3:c2:3f:58:80:5d:cb:91:89:
bd:ad:ab:61:c6:f7:dd:32:0b:82:d7:d8:66:3b:47:
de:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:97:DA:37:98:64:E9:3C:A4:41:B0:46:7E:A0:32:74:02:22:57:C9
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/iZfaN5hk6TykQbBGfqAydAIiV8k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:f6:8b:ec:1e:51:c4:03:ff:fa:ae:0c:00:81:db:72:bb:d7:
00:3c:af:76:a6:7d:8e:ec:98:85:c9:78:9f:e3:c2:35:0d:55:
97:5b:59:9f:55:69:69:4b:d5:fa:45:46:05:67:91:8e:b6:06:
00:18:e9:46:7e:58:44:66:f7:42:fe:24:ca:5a:20:05:66:9a:
79:ad:9c:03:ef:df:d2:49:59:c4:ea:24:84:8a:a4:8e:ad:bd:
ac:16:c0:7b:83:62:03:24:e7:c1:92:c6:c0:f4:70:3d:19:df:
0b:e0:36:b6:59:b2:75:fb:22:21:39:74:38:7d:1b:8a:4c:e0:
5b:b6:19:32:a8:f7:3a:84:4f:d1:39:b9:7c:66:8d:4f:5d:89:
11:01:c4:e8:67:a8:d5:e4:16:b2:39:29:1b:41:64:a4:1c:7a:
99:15:00:d8:c8:9d:65:49:1b:56:a3:ae:03:f6:04:14:97:88:
67:02:10:a3:57:67:57:bb:82:db:26:a8:2b:83:e9:b2:6e:56:
a9:26:cd:43:3d:85:1f:5a:8a:03:7a:eb:11:8c:da:4c:01:15:
c5:e7:be:c3:f9:6f:7f:39:fd:77:56:e3:20:1d:ff:ce:89:67:
31:b1:c4:61:e6:c5:6d:72:80:ba:2c:c2:f7:e6:9e:d7:67:21:
cb:55:28:ea
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjcx
OTU1MThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg5OTdEQTM3OTg2NEU5
M0NBNDQxQjA0NjdFQTAzMjc0MDIyMjU3QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaTNSC2SlEQuhb+NCqnkYJSHq+fdrMfVq5fw1G96G5i8HzbK6X
Je/ySjxEM6vcJo0VVF9ZP9mTKvG7+OYLoHDQ52VVFMDCN76TznML9fD+AqXRyInn
qQRphn7WA7BsPc5PxDpI5tWDwUVvZVWbk0hIL7twoyH5h0XQDLbkPkobjMqnmtqI
XeljvIn5C+SnaZo2kEY07YpIsOI4GIVU/3sak3I+qiBfez2zP0gAyWWutnyCGEGF
CLVQHAuvHayYvGXfVA4uS3Swq/uQmVxpapc9BzRRwisAAaG/9pkf0NNtg+HMW0nQ
cOPCP1iAXcuRib2tq2HG990yC4LX2GY7R96XAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUiZfaN5hk6TykQbBGfqAydAIiV8kwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2laZmFONWhrNlR5a1Fi
QkdmcUF5ZEFJaVY4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAB72i+weUcQD//quDACB23K7
1wA8r3amfY7smIXJeJ/jwjUNVZdbWZ9VaWlL1fpFRgVnkY62BgAY6UZ+WERm90L+
JMpaIAVmmnmtnAPv39JJWcTqJISKpI6tvawWwHuDYgMk58GSxsD0cD0Z3wvgNrZZ
snX7IiE5dDh9G4pM4Fu2GTKo9zqET9E5uXxmjU9diREBxOhnqNXkFrI5KRtBZKQc
epkVANjInWVJG1ajrgP2BBSXiGcCEKNXZ1e7gtsmqCuD6bJuVqkmzUM9hR9aigN6
6xGM2kwBFcXnvsP5b385/XdW4yAd/86JZzGxxGHmxW1ygLoswvfmntdnIctVKOo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:40 2025 by rpki-client