Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/kXRQoTKLUDUT7u2yp71SbPWk21Q.roa
File: kXRQoTKLUDUT7u2yp71SbPWk21Q.roa (raw, json)
Hash identifier: PD1IstEhYUvWLSQJfoQ04lB2u2M5UuIbeKymQvqLs9U=
Subject key identifier: 91:74:50:A1:32:8B:50:35:13:EE:ED:B2:A7:BD:52:6C:F5:A4:DB:54
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BD0
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kXRQoTKLUDUT7u2yp71SbPWk21Q.roa
Signing time: Tue 04 Feb 2025 01:26:23 +0000
ROA not before: Tue 04 Feb 2025 01:26:23 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3024 (0xbd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 4 01:26:23 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=917450A1328B503513EEEDB2A7BD526CF5A4DB54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:af:73:50:62:4e:8c:bc:76:87:27:30:74:c5:
5b:f5:5d:03:07:61:9f:a5:6f:8e:29:de:ae:66:d6:
9e:39:7f:70:f0:b8:3a:21:b4:83:39:ed:58:20:2b:
a3:a9:46:c4:9e:e9:d9:58:ad:51:71:e1:53:2e:2a:
de:cd:4f:7c:d7:9c:02:4e:e0:a0:19:53:74:5f:0f:
a8:c3:60:32:41:ae:e3:7f:11:30:04:0c:98:3e:0b:
ff:84:a2:0a:2e:a2:34:c4:52:b2:00:25:f9:8b:df:
ef:49:46:6a:bc:47:a3:7d:fa:91:cd:29:22:f1:f5:
f9:cd:a9:10:7a:e7:82:dc:55:86:09:fd:7f:bd:e3:
e2:a7:f4:8e:77:2b:df:b5:1e:8f:06:2b:19:4d:4e:
cd:9f:2d:a4:25:a5:6c:68:a8:b0:eb:31:94:fa:4c:
af:4a:d2:72:15:cc:47:6f:d7:27:17:fd:18:4a:07:
26:fe:f8:8a:9a:8b:18:d0:d8:50:4a:e2:9a:dc:2c:
a2:cf:56:44:27:5f:1d:92:be:af:b1:03:10:fa:76:
bd:9c:69:b0:09:9d:ac:f5:19:46:2d:5a:92:fb:57:
34:73:36:89:57:81:5f:83:03:f3:bc:62:05:60:cb:
01:7b:1a:8f:e4:78:d0:7a:10:3c:53:5f:92:4d:2c:
f8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:74:50:A1:32:8B:50:35:13:EE:ED:B2:A7:BD:52:6C:F5:A4:DB:54
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kXRQoTKLUDUT7u2yp71SbPWk21Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:8e:34:c5:49:03:60:97:e4:98:91:4b:0d:eb:92:bd:fe:b0:
ba:eb:b4:21:24:55:a8:cd:50:2d:99:f9:e4:37:89:19:62:03:
ad:59:49:9f:63:c0:19:36:ba:1d:6c:8a:e4:db:fa:c5:d3:75:
be:a5:3a:a5:fb:96:f1:dc:c4:f9:a8:fb:ce:f7:7e:d0:a9:57:
52:99:ef:38:a6:83:1a:86:88:22:bb:c4:7a:e3:c0:d7:36:6a:
ef:02:03:09:ca:6c:78:12:a2:7a:d0:43:58:9e:f6:f0:f4:a2:
78:6b:e4:cb:fd:38:64:3e:22:a5:f5:05:5f:88:a3:71:51:8c:
ba:58:71:5a:ff:f2:ef:99:ca:4b:bc:35:86:c4:a7:e7:7f:ee:
3b:ee:3d:47:3f:9a:2a:6d:c2:1b:4a:2a:1b:c0:24:d9:27:25:
25:eb:46:ba:5b:42:bc:af:b6:dc:81:00:31:0c:bd:43:05:20:
68:dd:58:6d:c1:21:d2:46:f8:32:68:2c:16:a5:2e:b6:bf:02:
eb:6d:b7:93:5a:aa:c5:ee:29:3e:cd:90:0f:5a:7c:38:b9:da:
4e:c0:ae:f8:63:dc:fc:c9:a7:4e:a6:cc:8f:fa:33:2b:91:b8:
17:0e:38:f8:51:e4:c3:17:4c:55:5f:9d:9c:5a:7b:f3:ef:02:
13:23:26:ac
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC9AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDQw
MTI2MjNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkxNzQ1MEExMzI4QjUw
MzUxM0VFRURCMkE3QkQ1MjZDRjVBNERCNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfr3NQYk6MvHaHJzB0xVv1XQMHYZ+lb44p3q5m1p45f3DwuDoh
tIM57VggK6OpRsSe6dlYrVFx4VMuKt7NT3zXnAJO4KAZU3RfD6jDYDJBruN/ETAE
DJg+C/+EogouojTEUrIAJfmL3+9JRmq8R6N9+pHNKSLx9fnNqRB654LcVYYJ/X+9
4+Kn9I53K9+1Ho8GKxlNTs2fLaQlpWxoqLDrMZT6TK9K0nIVzEdv1ycX/RhKByb+
+IqaixjQ2FBK4prcLKLPVkQnXx2Svq+xAxD6dr2cabAJnaz1GUYtWpL7VzRzNolX
gV+DA/O8YgVgywF7Go/keNB6EDxTX5JNLPgxAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUkXRQoTKLUDUT7u2yp71SbPWk21QwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2tYUlFvVEtMVURVVDd1
MnlwNzFTYlBXazIxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAJqONMVJA2CX5JiRSw3rkr3+
sLrrtCEkVajNUC2Z+eQ3iRliA61ZSZ9jwBk2uh1siuTb+sXTdb6lOqX7lvHcxPmo
+873ftCpV1KZ7zimgxqGiCK7xHrjwNc2au8CAwnKbHgSonrQQ1ie9vD0onhr5Mv9
OGQ+IqX1BV+Io3FRjLpYcVr/8u+Zyku8NYbEp+d/7jvuPUc/miptwhtKKhvAJNkn
JSXrRrpbQryvttyBADEMvUMFIGjdWG3BIdJG+DJoLBalLra/Auttt5NaqsXuKT7N
kA9afDi52k7Arvhj3PzJp06mzI/6MyuRuBcOOPhR5MMXTFVfnZxae/PvAhMjJqw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:22:54 2025 by rpki-client