Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/sumdjCRegH1I28xuTnQBaQUCNv8.roa
File: sumdjCRegH1I28xuTnQBaQUCNv8.roa (raw, json)
Hash identifier: cE1sw8d8S2k4aWyUcVK3oyBcoRmLjhz0codYOGT7MVc=
Subject key identifier: B2:E9:9D:8C:24:5E:80:7D:48:DB:CC:6E:4E:74:01:69:05:02:36:FF
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B64
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/sumdjCRegH1I28xuTnQBaQUCNv8.roa
Signing time: Sun 02 Feb 2025 22:25:38 +0000
ROA not before: Sun 02 Feb 2025 22:25:38 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2916 (0xb64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 22:25:38 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B2E99D8C245E807D48DBCC6E4E740169050236FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:45:99:9a:82:d0:c2:de:f2:7f:be:8b:55:94:
18:32:8a:91:4c:26:e6:7e:f7:76:1d:5c:c2:3d:f3:
2d:df:9c:97:6c:2c:b1:91:ec:d9:94:c0:99:ea:96:
97:f0:af:4b:df:c1:d0:ec:83:4b:0a:7d:e7:dd:c5:
35:ae:96:56:80:89:a1:7c:08:09:e5:20:74:9f:cb:
6d:96:e6:e1:ac:b2:10:c6:29:34:01:3c:83:4a:ac:
02:1b:bf:b2:5c:2c:b8:c8:e8:e3:27:c3:55:84:b2:
cf:8f:61:de:94:a5:eb:33:b6:68:4c:75:97:9b:fa:
e0:35:6b:71:b8:35:2d:46:e5:6f:18:74:23:23:be:
74:ad:20:83:52:ed:f1:0d:5e:0f:32:a1:4c:b1:b4:
6c:cf:b3:0c:0b:89:72:31:ed:e3:89:ea:96:8e:9e:
4f:34:51:17:e1:30:1e:4a:14:24:54:d5:15:8f:dc:
95:56:c5:93:91:4f:b0:2d:78:fb:ca:bd:cd:dd:71:
e2:0a:ef:2c:4e:15:fc:19:c4:e6:73:f6:83:ce:22:
c1:6d:44:69:b0:b1:72:ee:91:c9:fb:49:37:5a:c1:
10:dc:56:40:92:86:2f:e8:c1:fe:fa:3f:30:2b:20:
a9:3f:a4:35:64:fc:5d:e8:92:94:bc:5b:3a:73:1d:
b1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E9:9D:8C:24:5E:80:7D:48:DB:CC:6E:4E:74:01:69:05:02:36:FF
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/sumdjCRegH1I28xuTnQBaQUCNv8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
73:79:f2:f1:39:bf:36:43:3a:ad:a3:47:94:d6:f9:6b:ed:03:
b5:18:43:e4:20:a0:db:cd:db:dd:81:cf:5c:cf:ad:09:65:4f:
d7:c8:b1:ed:d5:43:f8:0e:7a:94:f5:51:8d:6e:34:c4:e3:62:
e9:3a:39:26:92:6f:7c:24:34:ea:6f:d7:00:9e:c9:b8:ad:72:
0a:82:5d:f9:e5:70:a4:8b:64:7f:1d:a8:bd:b5:29:05:88:f7:
06:06:75:b2:e4:06:d0:1e:b5:58:c8:79:b2:48:bb:3a:46:b2:
8e:d0:8f:ec:7d:78:50:a8:d0:8d:73:bb:1f:7e:a5:2e:4b:65:
32:17:a6:4b:f6:13:09:08:b3:1a:c1:6d:d9:a3:08:3b:f9:32:
a1:5b:c7:d4:2c:b8:39:7c:95:7b:a5:1a:67:01:5f:8c:9d:fd:
d6:97:ee:a4:9a:3b:c5:dc:83:bc:83:72:5f:4a:b2:92:cd:61:
57:2f:7a:18:bb:bf:9c:8b:cb:9d:fc:a8:93:e0:a8:40:03:6b:
33:95:4f:ce:f6:75:41:a0:74:f5:2a:4f:0d:dd:1b:80:6d:7d:
f4:71:af:30:8b:c2:7f:56:8d:4f:31:4d:72:0b:a2:55:c2:ae:
90:97:42:cc:5e:33:8f:77:d0:85:82:04:77:1d:cb:8d:00:b1:
c8:29:0e:6e
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIy
MjI1MzhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIyRTk5RDhDMjQ1RTgw
N0Q0OERCQ0M2RTRFNzQwMTY5MDUwMjM2RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+RZmagtDC3vJ/votVlBgyipFMJuZ+93YdXMI98y3fnJdsLLGR
7NmUwJnqlpfwr0vfwdDsg0sKfefdxTWullaAiaF8CAnlIHSfy22W5uGsshDGKTQB
PINKrAIbv7JcLLjI6OMnw1WEss+PYd6UpesztmhMdZeb+uA1a3G4NS1G5W8YdCMj
vnStIINS7fENXg8yoUyxtGzPswwLiXIx7eOJ6paOnk80URfhMB5KFCRU1RWP3JVW
xZORT7AtePvKvc3dceIK7yxOFfwZxOZz9oPOIsFtRGmwsXLukcn7STdawRDcVkCS
hi/owf76PzArIKk/pDVk/F3okpS8WzpzHbFrAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUsumdjCRegH1I28xuTnQBaQUCNv8wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3N1bWRqQ1JlZ0gxSTI4
eHVUblFCYVFVQ052OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAHN58vE5vzZDOq2jR5TW+Wvt
A7UYQ+QgoNvN292Bz1zPrQllT9fIse3VQ/gOepT1UY1uNMTjYuk6OSaSb3wkNOpv
1wCeybitcgqCXfnlcKSLZH8dqL21KQWI9wYGdbLkBtAetVjIebJIuzpGso7Qj+x9
eFCo0I1zux9+pS5LZTIXpkv2EwkIsxrBbdmjCDv5MqFbx9QsuDl8lXulGmcBX4yd
/daX7qSaO8Xcg7yDcl9KspLNYVcvehi7v5yLy538qJPgqEADazOVT872dUGgdPUq
Tw3dG4BtffRxrzCLwn9WjU8xTXILolXCrpCXQsxeM4930IWCBHcdy40AscgpDm4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:26 2025 by rpki-client