Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/qAYtov1iMpXxzgCBGxwE5NkS7dU.roa
File: qAYtov1iMpXxzgCBGxwE5NkS7dU.roa (raw, json)
Hash identifier: 31C6RoqcgjO1QpOOgtkIn4K69rTzZlgKb+L9QL9sXBo=
Subject key identifier: A8:06:2D:A2:FD:62:32:95:F1:CE:00:81:1B:1C:04:E4:D9:12:ED:D5
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0C98
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qAYtov1iMpXxzgCBGxwE5NkS7dU.roa
Signing time: Thu 06 Feb 2025 03:25:43 +0000
ROA not before: Thu 06 Feb 2025 03:25:43 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3224 (0xc98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 03:25:43 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A8062DA2FD623295F1CE00811B1C04E4D912EDD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:32:36:39:14:98:28:41:35:30:65:ef:74:60:
1b:ac:2b:15:5d:1e:40:92:79:77:78:27:60:18:c3:
5c:d4:2b:30:4c:b0:71:a4:ba:fc:d9:62:6a:7c:10:
9e:a3:05:b5:7f:7f:4b:e5:89:99:89:7a:12:46:05:
74:5a:6c:c4:0e:fa:2c:60:3c:b2:dd:2d:01:8d:ad:
16:a8:b7:0c:b4:90:d8:c6:7b:8c:45:15:6c:2e:fa:
82:52:b8:e7:69:95:09:06:61:04:29:57:10:fc:45:
9e:d0:c9:3e:f1:ff:8a:99:17:1a:a9:1d:80:be:f3:
a8:0b:57:45:99:96:a1:f0:c7:af:72:54:f2:ea:56:
b1:49:52:8a:25:62:3e:f0:ec:4d:3f:8f:01:48:80:
43:1d:48:07:92:dd:ac:fb:d1:29:53:3a:4c:c8:90:
60:37:a3:d6:67:89:c8:8b:0c:4a:53:18:7d:1d:19:
54:ee:7c:b3:90:63:97:f0:0d:7a:62:1c:f0:f9:a6:
d0:7d:80:8e:9c:6b:b6:64:53:bb:23:6a:9a:5a:e7:
ad:3c:d3:1a:38:fa:d8:75:8d:cc:79:bc:4a:2b:66:
e7:f1:c4:a5:43:51:03:ad:9d:cb:e7:e7:63:71:94:
5f:67:86:2e:a1:d8:15:fd:09:2b:d1:45:ea:6f:c7:
50:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:06:2D:A2:FD:62:32:95:F1:CE:00:81:1B:1C:04:E4:D9:12:ED:D5
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qAYtov1iMpXxzgCBGxwE5NkS7dU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:0c:df:5e:b7:42:2d:e4:cb:64:16:65:fa:33:6a:fa:10:31:
de:5d:e0:7d:fe:f3:ef:2a:0c:36:4f:55:0a:0e:c7:d0:86:41:
a2:18:d8:8c:26:71:e1:80:89:f5:e3:9a:63:50:31:24:6e:55:
63:b7:03:d5:48:5c:14:6b:68:67:83:9d:97:f4:b5:59:8f:cc:
63:ff:3d:65:09:35:0a:ab:9c:2b:51:67:51:9d:f2:88:16:e7:
6f:94:d6:da:3d:c7:00:02:70:37:1a:c4:45:5d:f4:36:43:97:
2a:d7:e1:aa:04:f2:2e:df:bc:33:57:b5:4e:cd:08:2d:cc:59:
70:5b:0d:a8:26:0b:29:6d:34:6b:81:2c:37:74:09:b8:8a:80:
f0:01:15:f4:ad:13:60:86:b5:4a:70:5a:ca:4a:0c:b4:bb:8b:
a7:dd:51:18:d9:22:73:f8:46:b7:78:28:50:0a:e9:48:9d:5f:
83:32:df:5a:c7:4c:eb:26:4b:09:7e:d2:fa:38:34:a2:fe:9c:
08:08:f0:7f:c7:11:c3:09:b6:0d:2c:f1:94:7a:3b:4d:ee:ad:
49:b2:78:ad:11:69:24:48:0d:49:c6:20:77:62:f0:9e:04:e1:
34:92:af:88:7d:41:68:1b:99:9a:06:4f:f1:e9:0c:f6:7c:2b:
90:a9:04:3b
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDJgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYw
MzI1NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE4MDYyREEyRkQ2MjMy
OTVGMUNFMDA4MTFCMUMwNEU0RDkxMkVERDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqMjY5FJgoQTUwZe90YBusKxVdHkCSeXd4J2AYw1zUKzBMsHGk
uvzZYmp8EJ6jBbV/f0vliZmJehJGBXRabMQO+ixgPLLdLQGNrRaotwy0kNjGe4xF
FWwu+oJSuOdplQkGYQQpVxD8RZ7QyT7x/4qZFxqpHYC+86gLV0WZlqHwx69yVPLq
VrFJUoolYj7w7E0/jwFIgEMdSAeS3az70SlTOkzIkGA3o9ZniciLDEpTGH0dGVTu
fLOQY5fwDXpiHPD5ptB9gI6ca7ZkU7sjappa56080xo4+th1jcx5vEorZufxxKVD
UQOtncvn52NxlF9nhi6h2BX9CSvRRepvx1DhAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUqAYtov1iMpXxzgCBGxwE5NkS7dUwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3FBWXRvdjFpTXBYeHpn
Q0JHeHdFNU5rUzdkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAK0M3163Qi3ky2QWZfozavoQ
Md5d4H3+8+8qDDZPVQoOx9CGQaIY2IwmceGAifXjmmNQMSRuVWO3A9VIXBRraGeD
nZf0tVmPzGP/PWUJNQqrnCtRZ1Gd8ogW52+U1to9xwACcDcaxEVd9DZDlyrX4aoE
8i7fvDNXtU7NCC3MWXBbDagmCyltNGuBLDd0CbiKgPABFfStE2CGtUpwWspKDLS7
i6fdURjZInP4Rrd4KFAK6UidX4My31rHTOsmSwl+0vo4NKL+nAgI8H/HEcMJtg0s
8ZR6O03urUmyeK0RaSRIDUnGIHdi8J4E4TSSr4h9QWgbmZoGT/HpDPZ8K5CpBDs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:00 2025 by rpki-client