Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/kQiI_fOBXe2kKBHuBRy_Nv-HaIY.roa
File: kQiI_fOBXe2kKBHuBRy_Nv-HaIY.roa (raw, json)
Hash identifier: CxnzkXis0XqMs034get04f8KC0DhVhQ4yA/7NIAaKZI=
Subject key identifier: 91:08:88:FD:F3:81:5D:ED:A4:28:11:EE:05:1C:BF:36:FF:87:68:86
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D72
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kQiI_fOBXe2kKBHuBRy_Nv-HaIY.roa
Signing time: Sat 08 Feb 2025 09:55:54 +0000
ROA not before: Sat 08 Feb 2025 09:55:54 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3442 (0xd72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 8 09:55:54 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=910888FDF3815DEDA42811EE051CBF36FF876886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:af:01:f0:26:89:d5:9b:c2:de:15:a8:d3:27:
39:42:65:90:7e:81:63:e1:5d:1d:e7:b8:f7:45:f7:
40:dd:1b:26:42:53:b5:35:b3:29:e8:b4:50:12:01:
9b:f2:a8:e8:cf:f9:93:67:58:8e:88:6b:a9:eb:4b:
fa:ab:63:39:6b:36:6d:f9:50:af:e3:9c:6b:90:cd:
0c:c6:82:2a:85:86:e1:88:83:e4:d2:7c:7e:2c:18:
d0:c1:0d:66:e6:c5:bc:08:4e:c0:38:ef:a1:d4:ca:
a2:0d:6a:87:0b:1c:86:18:5c:2e:86:29:33:31:1d:
24:ef:a5:c4:cb:47:3d:cb:ff:2d:fa:39:3b:b4:40:
18:fe:e5:72:91:e9:c6:3d:ba:f0:5e:01:9f:b4:f3:
4f:dd:6a:34:68:a3:b2:1c:c7:77:da:a9:59:ed:11:
2a:c5:c8:7b:ca:ae:a3:14:f3:7c:00:b5:88:c4:fe:
06:58:e3:ad:15:10:13:6c:34:3d:bf:d6:2e:7f:0d:
e3:36:84:93:2a:54:49:52:cc:bb:8d:88:88:d5:6a:
f5:fd:32:2e:a1:82:c7:b9:43:f0:1f:7c:79:35:75:
75:8f:9c:89:00:f8:80:46:fc:83:b9:c3:7e:6b:e5:
ea:c8:de:4c:09:1a:9c:3e:a0:b5:f1:b0:e8:2a:cd:
49:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:08:88:FD:F3:81:5D:ED:A4:28:11:EE:05:1C:BF:36:FF:87:68:86
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kQiI_fOBXe2kKBHuBRy_Nv-HaIY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3b:d2:25:65:37:ca:28:fc:de:99:a6:00:37:59:62:85:a3:c3:
dd:9c:cf:c3:d6:36:d0:44:62:49:c4:8f:99:4e:c7:26:c0:ae:
30:89:fb:52:44:ad:bf:85:dc:4a:9f:e8:dd:16:c4:15:3a:62:
03:ad:74:45:06:50:2e:cc:c0:8a:f4:f6:44:81:b3:5d:f3:0b:
86:f3:99:19:d0:7d:af:63:4e:81:f9:c3:f9:c5:cc:00:4f:10:
ea:f8:72:24:e4:36:f0:2e:0f:df:4c:57:11:c5:5a:1a:15:a9:
a4:d0:fb:2e:c9:bd:c5:15:66:45:d1:71:60:a4:ef:69:01:f9:
c5:d0:95:17:e0:05:51:ba:61:db:4d:70:52:d7:68:be:e7:73:
0f:9f:96:03:3b:48:b6:ba:9d:43:5b:70:1e:31:6a:4f:d5:7e:
36:58:ee:6e:c3:f5:f7:dc:94:4b:2b:cf:be:26:3a:b4:e4:8a:
b9:1d:b5:46:9c:ab:11:60:ff:95:97:7a:a3:fc:d6:93:40:94:
3b:f5:0e:c7:c9:4c:8c:56:1a:28:cc:03:1e:2c:dc:64:5c:84:
eb:93:c4:de:63:b6:ba:4a:df:7d:f0:cf:59:71:a3:b8:45:12:
93:e8:14:b0:41:e3:31:c9:b7:fc:3a:93:78:94:da:f1:17:cc:
99:be:0c:f2
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDgw
OTU1NTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkxMDg4OEZERjM4MTVE
RURBNDI4MTFFRTA1MUNCRjM2RkY4NzY4ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsrwHwJonVm8LeFajTJzlCZZB+gWPhXR3nuPdF90DdGyZCU7U1
synotFASAZvyqOjP+ZNnWI6Ia6nrS/qrYzlrNm35UK/jnGuQzQzGgiqFhuGIg+TS
fH4sGNDBDWbmxbwITsA476HUyqINaocLHIYYXC6GKTMxHSTvpcTLRz3L/y36OTu0
QBj+5XKR6cY9uvBeAZ+080/dajRoo7Icx3faqVntESrFyHvKrqMU83wAtYjE/gZY
460VEBNsND2/1i5/DeM2hJMqVElSzLuNiIjVavX9Mi6hgse5Q/AffHk1dXWPnIkA
+IBG/IO5w35r5erI3kwJGpw+oLXxsOgqzUknAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUkQiI/fOBXe2kKBHuBRy/Nv+HaIYwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2tRaUlfZk9CWGUya0tC
SHVCUnlfTnYtSGFJWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBADvSJWU3yij83pmmADdZYoWj
w92cz8PWNtBEYknEj5lOxybArjCJ+1JErb+F3Eqf6N0WxBU6YgOtdEUGUC7MwIr0
9kSBs13zC4bzmRnQfa9jToH5w/nFzABPEOr4ciTkNvAuD99MVxHFWhoVqaTQ+y7J
vcUVZkXRcWCk72kB+cXQlRfgBVG6YdtNcFLXaL7ncw+flgM7SLa6nUNbcB4xak/V
fjZY7m7D9ffclEsrz74mOrTkirkdtUacqxFg/5WXeqP81pNAlDv1DsfJTIxWGijM
Ax4s3GRchOuTxN5jtrpK333wz1lxo7hFEpPoFLBB4zHJt/w6k3iU2vEXzJm+DPI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:27 2025 by rpki-client