Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/uh7gLoOXm7m8bbXIbr_8eoIbkVg.roa
File: uh7gLoOXm7m8bbXIbr_8eoIbkVg.roa (raw, json)
Hash identifier: w3ToOGAyxxycQQrazpwmrSUP2n2gnFyyv9FwZ6Y1ZI0=
Subject key identifier: BA:1E:E0:2E:83:97:9B:B9:BC:6D:B5:C8:6E:BF:FC:7A:82:1B:91:58
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0C14
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/uh7gLoOXm7m8bbXIbr_8eoIbkVg.roa
Signing time: Tue 04 Feb 2025 18:25:41 +0000
ROA not before: Tue 04 Feb 2025 18:25:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3092 (0xc14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 4 18:25:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BA1EE02E83979BB9BC6DB5C86EBFFC7A821B9158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e2:cf:5e:bc:24:c1:46:ce:d6:a9:55:31:b6:
8d:93:42:8e:ba:ce:98:99:65:1b:e5:48:ea:fc:5e:
fa:40:c8:ad:a1:71:c5:51:70:a0:17:2a:80:5b:cc:
34:f4:dc:8b:4d:91:92:cb:98:5d:0e:6f:2c:ad:3b:
48:0b:27:45:aa:66:c0:43:77:b7:35:ac:e3:20:14:
b5:94:33:43:54:af:10:81:74:70:82:f9:d9:c9:03:
dd:9c:43:42:d2:37:7c:1e:e1:e1:7b:22:cd:24:ba:
95:98:6a:ac:80:4b:2f:42:53:e1:dc:23:64:01:b8:
d2:ac:ae:cc:16:8d:df:5c:9d:25:16:2e:3b:89:ff:
61:ba:02:4b:dd:d4:85:f1:da:30:80:72:ca:a6:76:
cc:11:93:13:b3:09:ba:a6:f0:36:5d:c2:69:0e:97:
b3:94:0f:6c:94:24:c5:02:40:ec:b0:be:10:63:5c:
e3:2f:99:29:c4:20:81:19:87:d2:26:47:c2:2a:da:
24:99:bc:ce:87:ad:69:da:52:f3:2a:46:ee:22:88:
2c:40:68:15:20:4a:fe:07:a4:cc:cf:14:c9:ec:c6:
66:8a:c5:aa:6c:80:b5:c0:9d:11:d7:8c:fd:b6:58:
10:a3:2b:b8:d9:9e:c5:0f:bb:ce:d9:76:34:b6:8f:
15:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1E:E0:2E:83:97:9B:B9:BC:6D:B5:C8:6E:BF:FC:7A:82:1B:91:58
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/uh7gLoOXm7m8bbXIbr_8eoIbkVg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b9:fe:9e:a6:f8:96:d7:b6:5a:c9:15:cf:bc:3b:7f:31:cd:2f:
ef:a3:6a:6e:d1:e3:b3:b7:54:84:6f:2e:f4:b3:c8:67:72:90:
bf:45:9e:c9:db:d6:8b:63:2a:76:01:1b:54:50:8d:fb:c6:45:
3e:e7:52:e2:95:df:3e:fa:b7:92:7d:4e:b2:a2:69:81:f5:b7:
6e:fe:ec:cb:e9:78:1a:f6:97:72:0e:03:3e:18:d8:44:ae:ae:
33:99:54:bd:25:97:4a:c9:51:fc:ba:41:45:68:1d:85:cc:35:
32:81:9a:7f:08:9d:5b:75:85:14:8a:32:b5:54:30:37:2a:11:
f2:bd:63:df:08:97:0a:19:1d:16:03:98:2b:2c:97:86:2b:7d:
d9:c2:45:ae:a8:ae:f5:22:05:c1:77:5f:1a:8c:ea:18:58:30:
f1:94:52:e9:01:6c:85:a8:17:7d:45:f0:fb:0c:4a:be:09:81:
c7:32:62:ce:e3:51:1f:aa:76:57:84:3d:92:4f:42:cd:65:15:
80:04:d8:b2:99:61:ac:05:2d:01:eb:2b:74:01:5a:10:b6:98:
f4:70:99:d9:50:c9:99:0f:36:2a:57:76:b9:96:fc:f8:1d:19:
3a:61:be:94:fd:43:38:db:f3:fd:e1:b9:2e:d6:c4:6b:b0:98:
7e:f3:58:b7
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDBQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDQx
ODI1NDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJBMUVFMDJFODM5NzlC
QjlCQzZEQjVDODZFQkZGQzdBODIxQjkxNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw4s9evCTBRs7WqVUxto2TQo66zpiZZRvlSOr8XvpAyK2hccVR
cKAXKoBbzDT03ItNkZLLmF0ObyytO0gLJ0WqZsBDd7c1rOMgFLWUM0NUrxCBdHCC
+dnJA92cQ0LSN3we4eF7Is0kupWYaqyASy9CU+HcI2QBuNKsrswWjd9cnSUWLjuJ
/2G6Akvd1IXx2jCAcsqmdswRkxOzCbqm8DZdwmkOl7OUD2yUJMUCQOywvhBjXOMv
mSnEIIEZh9ImR8Iq2iSZvM6HrWnaUvMqRu4iiCxAaBUgSv4HpMzPFMnsxmaKxaps
gLXAnRHXjP22WBCjK7jZnsUPu87ZdjS2jxWxAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUuh7gLoOXm7m8bbXIbr/8eoIbkVgwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3VoN2dMb09YbTdtOGJi
WElicl84ZW9JYmtWZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBALn+nqb4lte2WskVz7w7fzHN
L++jam7R47O3VIRvLvSzyGdykL9Fnsnb1otjKnYBG1RQjfvGRT7nUuKV3z76t5J9
TrKiaYH1t27+7MvpeBr2l3IOAz4Y2ESurjOZVL0ll0rJUfy6QUVoHYXMNTKBmn8I
nVt1hRSKMrVUMDcqEfK9Y98IlwoZHRYDmCssl4YrfdnCRa6orvUiBcF3XxqM6hhY
MPGUUukBbIWoF31F8PsMSr4JgccyYs7jUR+qdleEPZJPQs1lFYAE2LKZYawFLQHr
K3QBWhC2mPRwmdlQyZkPNipXdrmW/PgdGTphvpT9Qzjb8/3huS7WxGuwmH7zWLc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:34 2025 by rpki-client