Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/oLZt2Vq7QNzPB3c7REI6uVj0Jio.roa
File: oLZt2Vq7QNzPB3c7REI6uVj0Jio.roa (raw, json)
Hash identifier: nyZfi1eCZ6+3dHRcKQBPkj5Siu79AXnVIfJZ91vVnps=
Subject key identifier: A0:B6:6D:D9:5A:BB:40:DC:CF:07:77:3B:44:42:3A:B9:58:F4:26:2A
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CB2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/oLZt2Vq7QNzPB3c7REI6uVj0Jio.roa
Signing time: Thu 06 Feb 2025 09:55:43 +0000
ROA not before: Thu 06 Feb 2025 09:55:43 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3250 (0xcb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 09:55:43 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A0B66DD95ABB40DCCF07773B44423AB958F4262A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:fb:a6:a8:3f:70:c3:31:4d:76:97:45:38:
1b:38:57:2a:1f:3e:d2:3d:20:18:a6:36:43:14:5b:
c0:fc:d5:b2:e0:04:f7:e4:7d:fa:99:db:c8:9e:e8:
0b:30:e9:6b:16:05:d2:6f:88:25:69:99:ee:30:de:
4e:33:d1:22:5e:9c:a5:89:30:4e:40:ac:b9:c7:76:
c8:e0:ee:ae:98:f0:c6:45:9f:6d:b4:52:57:c1:1f:
45:6d:e0:3d:a3:b2:6f:65:5d:cd:70:1b:15:05:ed:
0f:96:11:c4:21:f7:8d:b4:b7:76:09:ab:5d:5d:ee:
da:73:d1:77:ae:4b:15:98:e6:42:d2:84:27:f3:6f:
a1:a8:13:0c:d8:50:ce:26:c6:9c:9a:1f:9e:fe:26:
e2:e7:a5:27:e2:6e:6f:7f:3b:fb:92:d9:c0:05:b2:
ac:c3:3f:b9:7e:3b:9b:a5:11:27:8c:48:b1:d3:c0:
f9:8c:ac:8c:8a:c9:b7:12:b3:62:86:b4:40:cc:fa:
06:3f:d5:00:88:de:3d:b1:d1:84:68:90:49:06:c9:
22:82:ef:a3:e7:88:94:cf:dd:a8:0c:90:aa:04:9d:
59:0a:97:70:0c:51:4a:74:6e:72:20:c7:e2:6a:d6:
8a:4e:b0:f6:9c:e7:9c:e6:df:b6:6b:35:c6:16:bd:
66:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B6:6D:D9:5A:BB:40:DC:CF:07:77:3B:44:42:3A:B9:58:F4:26:2A
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/oLZt2Vq7QNzPB3c7REI6uVj0Jio.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:dc:03:83:d6:4f:b8:18:de:2a:b3:e8:8e:6e:70:a0:96:0f:
7d:13:92:aa:1a:ae:a5:9a:76:32:4e:34:9f:04:6d:cf:0f:b6:
e6:fb:1c:80:34:6f:8c:f1:e5:c8:a8:41:ce:a2:29:a6:63:85:
e5:9e:0c:47:5b:5c:ed:61:95:a2:af:9c:66:b3:8d:a3:b3:b8:
ce:58:a3:2a:2f:8c:67:13:94:38:1d:3b:92:2b:aa:37:9b:83:
b8:95:ca:46:ef:7f:2c:a1:a4:93:72:41:69:d5:db:b6:46:a5:
77:33:fd:22:a5:39:ca:a4:09:8b:a1:dc:f4:d5:f8:bc:13:93:
f2:b1:82:5d:78:6e:5b:48:9b:5f:7f:eb:e2:5a:a6:1e:e8:2e:
b4:a7:ff:34:e5:b8:e1:f7:6a:84:a1:09:5c:74:37:f8:32:1b:
fe:10:cf:3d:15:4a:ca:51:1c:36:fd:f2:1a:fd:e3:9d:c1:50:
94:03:2a:29:1f:64:a9:d8:db:85:6b:ac:ea:3b:c7:84:24:9b:
29:08:d8:88:dd:d4:bc:d7:40:fa:67:91:f6:08:c3:11:a6:a2:
ca:c5:ff:1c:ea:56:9e:bd:a9:94:48:23:ac:24:01:9b:03:9b:
7e:1b:d4:1a:db:49:b1:ed:ae:a1:2f:5b:1f:4d:a1:35:e2:ff:
98:d9:bb:68
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYw
OTU1NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEwQjY2REQ5NUFCQjQw
RENDRjA3NzczQjQ0NDIzQUI5NThGNDI2MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3qvumqD9wwzFNdpdFOBs4VyofPtI9IBimNkMUW8D81bLgBPfk
ffqZ28ie6Asw6WsWBdJviCVpme4w3k4z0SJenKWJME5ArLnHdsjg7q6Y8MZFn220
UlfBH0Vt4D2jsm9lXc1wGxUF7Q+WEcQh9420t3YJq11d7tpz0XeuSxWY5kLShCfz
b6GoEwzYUM4mxpyaH57+JuLnpSfibm9/O/uS2cAFsqzDP7l+O5ulESeMSLHTwPmM
rIyKybcSs2KGtEDM+gY/1QCI3j2x0YRokEkGySKC76PniJTP3agMkKoEnVkKl3AM
UUp0bnIgx+Jq1opOsPac55zm37ZrNcYWvWabAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUoLZt2Vq7QNzPB3c7REI6uVj0JiowHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL29MWnQyVnE3UU56UEIz
YzdSRUk2dVZqMEppby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAD7cA4PWT7gY3iqz6I5ucKCW
D30TkqoarqWadjJONJ8Ebc8Ptub7HIA0b4zx5cioQc6iKaZjheWeDEdbXO1hlaKv
nGazjaOzuM5YoyovjGcTlDgdO5Irqjebg7iVykbvfyyhpJNyQWnV27ZGpXcz/SKl
OcqkCYuh3PTV+LwTk/Kxgl14bltIm19/6+Japh7oLrSn/zTluOH3aoShCVx0N/gy
G/4Qzz0VSspRHDb98hr9453BUJQDKikfZKnY24VrrOo7x4QkmykI2Ijd1LzXQPpn
kfYIwxGmosrF/xzqVp69qZRII6wkAZsDm34b1BrbSbHtrqEvWx9NoTXi/5jZu2g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:44 2025 by rpki-client