Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/qThq9dVhYao6cImOJ2m9XkXHuvU.roa
File: qThq9dVhYao6cImOJ2m9XkXHuvU.roa (raw, json)
Hash identifier: UksR4sA4Vqmj8SsoQNiJw7b7OjsT9kyXb/yuyN5SYdg=
Subject key identifier: A9:38:6A:F5:D5:61:61:AA:3A:70:89:8E:27:69:BD:5E:45:C7:BA:F5
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07B2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qThq9dVhYao6cImOJ2m9XkXHuvU.roa
Signing time: Fri 24 Jan 2025 01:55:03 +0000
ROA not before: Fri 24 Jan 2025 01:55:03 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1970 (0x7b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 01:55:03 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A9386AF5D56161AA3A70898E2769BD5E45C7BAF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:23:9d:82:9d:fa:94:95:b8:d8:4c:d3:8d:29:
43:e1:54:88:dd:62:18:59:61:c4:49:dd:80:ba:f4:
ab:1b:d2:24:3c:a5:df:cf:88:6c:73:9e:f1:42:ba:
38:b3:a1:34:e0:77:99:a0:59:41:95:2c:63:6f:ae:
fe:2c:19:18:73:5e:77:ab:e6:e4:da:d5:e7:9a:7a:
be:66:19:26:2e:b1:9f:84:a6:0f:12:48:b7:b4:80:
f0:f1:8f:a4:72:d4:ea:7e:15:9b:79:02:71:48:4c:
88:a1:ce:7d:90:04:8e:5b:35:e4:83:ee:32:91:fa:
50:98:56:e1:65:1c:4f:52:05:13:2c:c0:7f:54:4d:
71:da:2a:30:10:97:8a:52:b5:6a:41:22:8a:46:9e:
27:fb:3c:04:05:66:91:15:a5:d3:60:38:42:3f:b1:
05:d2:c5:a1:ed:93:5e:32:5f:08:53:08:c9:1d:4d:
13:0f:0c:95:7d:06:7d:03:13:08:4f:57:b0:00:71:
88:da:93:82:66:be:8e:08:35:36:8b:a1:34:c0:35:
2d:77:62:0c:61:20:b9:c4:0b:b3:03:6a:5a:19:05:
8f:c7:25:ee:49:ca:cb:e4:2f:60:a4:0b:48:cb:b9:
1f:af:e6:ac:a7:98:2b:f4:d4:a1:83:91:70:cb:2b:
b6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:38:6A:F5:D5:61:61:AA:3A:70:89:8E:27:69:BD:5E:45:C7:BA:F5
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qThq9dVhYao6cImOJ2m9XkXHuvU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:78:44:0f:7f:08:1e:42:e1:98:85:e0:8d:a9:59:08:8c:82:
a9:1d:15:a2:0f:06:08:1e:a3:55:6b:1f:d2:b7:d9:a2:55:a6:
5c:82:4b:47:8f:d1:f7:ab:f5:93:0f:44:96:db:6e:f2:c2:28:
c6:e4:71:1e:ab:04:ff:13:aa:76:49:bc:7d:ec:84:c8:a4:0a:
80:24:52:62:d8:75:50:33:9b:51:20:5c:5a:9f:80:b7:2d:1f:
81:09:03:42:82:45:88:74:2c:38:3f:df:da:03:1c:83:16:89:
52:7d:8a:07:57:01:6a:cd:10:ba:1e:3d:35:f3:d4:79:6b:a8:
d6:e6:8f:b2:35:63:ed:a0:af:3b:15:89:6b:85:1f:35:c0:bc:
cb:f0:12:42:3c:e5:83:41:33:c1:ed:94:a7:ea:0e:0c:ba:da:
48:f1:fe:31:aa:df:8c:11:d2:16:d8:99:4f:bb:1c:4d:f6:22:
1c:2f:e7:81:82:d4:20:5a:e3:3f:60:94:80:a2:4f:8f:8b:0a:
e4:9a:7b:80:e8:40:2f:8f:6a:24:22:49:4b:0c:63:eb:ec:16:
c0:78:95:4d:bb:5d:66:53:02:49:d3:7d:be:c7:77:44:03:b4:
2e:4a:d5:c3:f8:30:bc:76:be:a6:97:57:ac:5f:01:bf:ee:a3:
7b:a4:72:05
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQw
MTU1MDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE5Mzg2QUY1RDU2MTYx
QUEzQTcwODk4RTI3NjlCRDVFNDVDN0JBRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0I52CnfqUlbjYTNONKUPhVIjdYhhZYcRJ3YC69Ksb0iQ8pd/P
iGxznvFCujizoTTgd5mgWUGVLGNvrv4sGRhzXner5uTa1eeaer5mGSYusZ+Epg8S
SLe0gPDxj6Ry1Op+FZt5AnFITIihzn2QBI5bNeSD7jKR+lCYVuFlHE9SBRMswH9U
TXHaKjAQl4pStWpBIopGnif7PAQFZpEVpdNgOEI/sQXSxaHtk14yXwhTCMkdTRMP
DJV9Bn0DEwhPV7AAcYjak4Jmvo4INTaLoTTANS13YgxhILnEC7MDaloZBY/HJe5J
ysvkL2CkC0jLuR+v5qynmCv01KGDkXDLK7YZAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUqThq9dVhYao6cImOJ2m9XkXHuvUwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3FUaHE5ZFZoWWFvNmNJ
bU9KMm05WGtYSHV2VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKB4RA9/CB5C4ZiF4I2pWQiM
gqkdFaIPBggeo1VrH9K32aJVplyCS0eP0fer9ZMPRJbbbvLCKMbkcR6rBP8TqnZJ
vH3shMikCoAkUmLYdVAzm1EgXFqfgLctH4EJA0KCRYh0LDg/39oDHIMWiVJ9igdX
AWrNELoePTXz1HlrqNbmj7I1Y+2grzsViWuFHzXAvMvwEkI85YNBM8HtlKfqDgy6
2kjx/jGq34wR0hbYmU+7HE32Ihwv54GC1CBa4z9glICiT4+LCuSae4DoQC+PaiQi
SUsMY+vsFsB4lU27XWZTAknTfb7Hd0QDtC5K1cP4MLx2vqaXV6xfAb/uo3ukcgU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:52 2025 by rpki-client