Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa
File: qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa (raw, json)
Hash identifier: 1OIOz9NzjdnODdtydV03reS2waCcv3BsUd2TB0tPMwY=
Subject key identifier: A9:59:08:AA:C1:2E:C4:7C:2F:83:68:77:95:9E:C2:12:25:A9:DC:AE
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 015D
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa
Signing time: Wed 24 Jul 2024 14:32:32 +0000
ROA not before: Wed 24 Jul 2024 14:32:32 +0000
ROA not after: Wed 21 May 2025 03:30:10 +0000
asID: 138415
IP address blocks: 113.31.16.0/21 maxlen: 24
113.31.24.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349 (0x15d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jul 24 14:32:32 2024 GMT
Not After : May 21 03:30:10 2025 GMT
Subject: CN=A95908AAC12EC47C2F836877959EC21225A9DCAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:65:5c:df:af:fa:93:2c:6e:cc:b0:71:b9:
4a:0d:67:9f:a1:e1:94:eb:79:47:77:8c:e1:be:e3:
ec:bc:22:72:be:62:ce:c4:35:f6:95:16:32:8f:61:
56:a4:a1:91:a1:e1:c6:2a:f7:a9:3c:d2:9b:d7:c5:
e0:8d:fc:eb:91:40:4f:9e:e6:0f:57:da:c0:03:21:
5a:40:66:03:57:a6:09:4e:08:d8:42:85:0f:84:c4:
b4:ee:fd:e3:b8:c4:ce:ad:b3:02:c3:51:17:5d:96:
4f:ce:7e:e3:f2:6e:3b:f2:f7:8b:a1:67:19:35:1d:
40:8d:58:85:3e:01:05:35:b6:9c:25:cf:ab:2f:f4:
72:90:74:be:3d:93:93:de:58:9a:b9:9d:ab:8e:05:
62:d1:25:8c:02:03:de:82:8e:b7:3d:cf:0a:53:ac:
a8:cb:0e:33:eb:82:2c:b9:d7:52:9a:c4:ab:50:65:
3b:45:b7:b1:70:bd:63:9a:96:df:5d:6f:8d:35:6e:
7b:f6:f5:0c:ba:a5:c2:ae:d9:9a:52:59:dd:71:d3:
ff:28:56:a6:11:22:fb:e9:0a:2a:7d:f2:05:75:e3:
e6:f3:ef:17:32:53:20:1b:6c:80:51:26:c0:f2:24:
4b:d5:55:a0:08:be:19:5d:19:ae:85:60:78:e0:e9:
37:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:59:08:AA:C1:2E:C4:7C:2F:83:68:77:95:9E:C2:12:25:A9:DC:AE
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.16.0/20
Signature Algorithm: sha256WithRSAEncryption
83:4c:af:9a:51:6c:1f:1f:cc:20:55:04:30:17:60:bf:80:cc:
e4:72:4e:74:1a:76:cd:eb:0f:4f:4d:22:0d:7f:39:89:7e:42:
ea:a1:54:d8:de:5b:f1:a4:2d:93:47:43:01:7a:ed:46:13:f8:
61:df:10:65:a3:3e:73:26:0f:93:1f:31:7c:e2:3c:9f:90:e7:
f6:16:55:81:92:e9:a8:6c:91:2c:b6:f3:74:d0:4d:7c:00:24:
ad:db:b3:57:48:f9:29:b6:db:0a:a9:14:82:0b:c5:79:1a:0d:
34:4a:a1:b7:ed:a8:fa:f7:08:b5:21:f7:17:ac:55:74:85:24:
be:c6:01:47:d8:e1:ea:a1:48:85:8c:d7:26:1e:e3:ba:9c:e0:
9e:6e:10:2c:52:76:a7:75:1b:6f:a8:8a:91:84:65:de:44:91:
d9:32:2d:77:26:2c:46:ca:27:1a:f8:ef:a5:2c:6c:f2:7c:64:
ef:8f:09:a4:1b:54:1d:fa:08:96:b2:6a:3e:b5:86:73:e8:0a:
27:2d:42:6d:16:5a:fd:4e:a5:b6:e4:51:d2:f5:1e:b7:bb:f9:
ef:87:7f:9b:ee:dd:13:c0:2b:9a:88:d9:0b:5a:d6:40:e5:00:
b4:15:80:dc:55:c6:25:1a:8a:73:c2:49:ef:51:74:a5:3b:3c:
29:f9:f2:68
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNDA3MjQx
NDMyMzJaFw0yNTA1MjEwMzMwMTBaMDMxMTAvBgNVBAMTKEE5NTkwOEFBQzEyRUM0
N0MyRjgzNjg3Nzk1OUVDMjEyMjVBOURDQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyKWVc36/6kyxuzLBxuUoNZ5+h4ZTreUd3jOG+4+y8InK+Ys7E
NfaVFjKPYVakoZGh4cYq96k80pvXxeCN/OuRQE+e5g9X2sADIVpAZgNXpglOCNhC
hQ+ExLTu/eO4xM6tswLDURddlk/OfuPybjvy94uhZxk1HUCNWIU+AQU1tpwlz6sv
9HKQdL49k5PeWJq5nauOBWLRJYwCA96Cjrc9zwpTrKjLDjPrgiy511KaxKtQZTtF
t7FwvWOalt9db401bnv29Qy6pcKu2ZpSWd1x0/8oVqYRIvvpCip98gV14+bz7xcy
UyAbbIBRJsDyJEvVVaAIvhldGa6FYHjg6TffAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUqVkIqsEuxHwvg2h3lZ7CEiWp3K4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3FWa0lxc0V1eEh3dmcy
aDNsWjdDRWlXcDNLNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BARxHxAwDQYJKoZIhvcNAQELBQADggEBAINMr5pRbB8fzCBVBDAXYL+AzORyTnQa
ds3rD09NIg1/OYl+QuqhVNjeW/GkLZNHQwF67UYT+GHfEGWjPnMmD5MfMXziPJ+Q
5/YWVYGS6ahskSy283TQTXwAJK3bs1dI+Sm22wqpFIILxXkaDTRKobftqPr3CLUh
9xesVXSFJL7GAUfY4eqhSIWM1yYe47qc4J5uECxSdqd1G2+oipGEZd5EkdkyLXcm
LEbKJxr476UsbPJ8ZO+PCaQbVB36CJayaj61hnPoCictQm0WWv1OpbbkUdL1Hre7
+e+Hf5vu3RPAK5qI2Qta1kDlALQVgNxVxiUainPCSe9RdKU7PCn58mg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:28 2025 by rpki-client