Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/s2XVQDLupE_n7IIDuVyGaU41who.roa
File: s2XVQDLupE_n7IIDuVyGaU41who.roa (raw, json)
Hash identifier: YtaEWUcbQ3zFP1IiPbBIzPXgA6oPpDsaCHcaSOoKBKk=
Subject key identifier: B3:65:D5:40:32:EE:A4:4F:E7:EC:82:03:B9:5C:86:69:4E:35:C2:1A
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0DA8
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/s2XVQDLupE_n7IIDuVyGaU41who.roa
Signing time: Sat 08 Feb 2025 23:25:52 +0000
ROA not before: Sat 08 Feb 2025 23:25:52 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3496 (0xda8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 8 23:25:52 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B365D54032EEA44FE7EC8203B95C86694E35C21A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6b:20:27:81:ad:39:b4:c9:f4:52:7a:84:ec:
f1:4b:4f:65:d6:71:bd:42:ba:c7:ee:65:cd:cf:fe:
56:94:53:0c:ef:c3:33:45:bc:e3:6a:14:a5:ed:bb:
57:3d:77:0e:24:39:da:d7:3a:a7:28:c6:3f:62:4f:
14:e5:2a:fb:22:9f:73:86:ff:e6:1e:3b:1f:ea:90:
01:af:e2:7b:a8:63:5f:2f:ea:6e:95:59:34:6c:85:
33:9a:c7:6f:e5:9c:0e:2e:0d:6d:c3:2e:7b:80:55:
dc:46:76:31:f7:73:35:a8:fd:b1:27:93:52:86:b4:
72:2d:90:8f:c2:44:ec:3f:69:f3:9f:ca:38:c1:f7:
9d:e4:9f:6a:cc:c0:d1:ff:bc:b4:6e:e3:b1:ae:23:
1f:8d:14:ac:ad:78:7e:9e:c5:30:47:e3:eb:bd:05:
5b:86:71:62:8e:f4:d4:41:83:25:c6:3d:ef:d3:60:
ef:1a:8a:a4:86:2e:ed:eb:f9:57:be:41:3e:c0:15:
04:50:60:86:c9:b0:55:d4:37:46:93:e6:84:d3:39:
c9:18:0d:02:5d:66:b5:6f:ba:fc:eb:14:97:1c:ac:
46:34:bb:d3:6c:54:88:07:68:b5:fe:82:00:1e:a5:
15:ca:21:22:ce:3d:67:52:03:fd:53:12:b0:50:d9:
1a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:65:D5:40:32:EE:A4:4F:E7:EC:82:03:B9:5C:86:69:4E:35:C2:1A
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/s2XVQDLupE_n7IIDuVyGaU41who.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b1:0f:e4:75:f5:c4:01:32:cf:3e:c3:91:f0:4d:4f:1b:02:97:
d9:7c:8a:5e:b3:d5:0e:5b:40:22:ce:63:cf:4b:61:b6:47:ee:
38:d9:dc:d3:85:0b:45:88:8b:3e:4b:39:49:63:bb:4e:3b:45:
6c:c2:0a:1c:bd:a4:cf:21:e5:93:40:85:c6:92:9f:d5:0b:b0:
c9:05:49:6b:2e:04:de:16:20:bc:7c:c7:46:40:3e:97:e9:0d:
59:6f:4a:54:5f:ef:ca:76:43:b6:69:9a:8f:57:b9:21:97:f4:
df:f5:7b:52:bb:64:11:7a:ac:bc:e6:e9:e8:db:5e:be:95:d9:
6b:94:fb:70:d6:3b:e9:41:50:2b:fe:c9:d6:ca:82:2a:38:33:
65:69:ba:8f:62:22:f2:1c:66:cd:a4:84:ac:37:31:ac:ae:fe:
a9:09:21:2f:bf:59:2e:df:9b:b9:0e:7e:4c:7a:0d:8e:c6:75:
6f:0d:86:7d:9a:8e:32:ac:6d:79:ec:25:79:b6:92:ad:05:f4:
a0:16:a6:cc:36:d3:a3:ea:dc:be:10:24:5f:66:ec:74:52:5b:
c7:f3:2b:1e:31:7b:e5:33:94:da:f8:a4:76:92:3a:8c:bb:cf:
89:98:7f:ac:7a:d1:1f:dd:ca:cd:d9:49:74:e7:07:ff:10:e1:
f2:42:a6:e7
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDgy
MzI1NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIzNjVENTQwMzJFRUE0
NEZFN0VDODIwM0I5NUM4NjY5NEUzNUMyMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3ayAnga05tMn0UnqE7PFLT2XWcb1CusfuZc3P/laUUwzvwzNF
vONqFKXtu1c9dw4kOdrXOqcoxj9iTxTlKvsin3OG/+YeOx/qkAGv4nuoY18v6m6V
WTRshTOax2/lnA4uDW3DLnuAVdxGdjH3czWo/bEnk1KGtHItkI/CROw/afOfyjjB
953kn2rMwNH/vLRu47GuIx+NFKyteH6exTBH4+u9BVuGcWKO9NRBgyXGPe/TYO8a
iqSGLu3r+Ve+QT7AFQRQYIbJsFXUN0aT5oTTOckYDQJdZrVvuvzrFJccrEY0u9Ns
VIgHaLX+ggAepRXKISLOPWdSA/1TErBQ2Rr/AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUs2XVQDLupE/n7IIDuVyGaU41whowHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3MyWFZRREx1cEVfbjdJ
SUR1VnlHYVU0MXdoby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBALEP5HX1xAEyzz7DkfBNTxsC
l9l8il6z1Q5bQCLOY89LYbZH7jjZ3NOFC0WIiz5LOUlju047RWzCChy9pM8h5ZNA
hcaSn9ULsMkFSWsuBN4WILx8x0ZAPpfpDVlvSlRf78p2Q7Zpmo9XuSGX9N/1e1K7
ZBF6rLzm6ejbXr6V2WuU+3DWO+lBUCv+ydbKgio4M2Vpuo9iIvIcZs2khKw3Mayu
/qkJIS+/WS7fm7kOfkx6DY7GdW8Nhn2ajjKsbXnsJXm2kq0F9KAWpsw206Pq3L4Q
JF9m7HRSW8fzKx4xe+UzlNr4pHaSOoy7z4mYf6x60R/dys3ZSXTnB/8Q4fJCpuc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:41 2025 by rpki-client