Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/z4bEpb_wb6BTYvI5LdWU2oPms38.roa
File: z4bEpb_wb6BTYvI5LdWU2oPms38.roa (raw, json)
Hash identifier: jtAZBiq6o6Z2Gw6mDqw+Ct51u7jqDSbZ3C6NgNmHXjU=
Subject key identifier: CF:86:C4:A5:BF:F0:6F:A0:53:62:F2:39:2D:D5:94:DA:83:E6:B3:7F
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BAC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/z4bEpb_wb6BTYvI5LdWU2oPms38.roa
Signing time: Mon 03 Feb 2025 16:26:53 +0000
ROA not before: Mon 03 Feb 2025 16:26:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2988 (0xbac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 3 16:26:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=CF86C4A5BFF06FA05362F2392DD594DA83E6B37F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:51:2a:3c:cd:d3:c1:e3:51:9d:19:10:d9:0e:
a5:fb:65:2f:fe:7c:01:c8:53:23:3f:35:40:31:23:
6a:67:da:1e:16:98:29:9f:b7:67:ab:06:c0:90:d6:
13:2e:3d:aa:d1:25:1c:89:91:db:6f:ce:dc:df:11:
33:47:eb:c4:eb:d9:e4:ce:75:82:bb:2a:5f:78:2f:
b9:94:9e:3d:04:44:c2:74:62:8c:53:67:3a:a0:05:
de:8e:90:85:9b:b8:41:dc:6b:db:ca:ee:39:9e:50:
4c:13:d4:d3:0f:8d:43:c4:11:13:8d:15:b9:39:8d:
81:cc:1b:1a:f3:36:ec:9b:62:db:00:ee:19:ac:f9:
4d:cc:f2:0f:ee:76:db:91:29:45:60:65:f1:ef:81:
98:ac:c6:31:33:44:de:86:b0:84:ac:d4:82:91:d8:
cf:8b:32:03:8f:8f:5c:c1:df:49:92:19:d1:27:c4:
7a:87:1d:3c:d0:92:a1:b7:ee:d3:be:74:2f:00:4a:
40:c8:b6:82:8d:70:e2:06:06:a5:5e:b0:27:63:35:
e1:68:62:03:b1:6c:66:09:89:36:5b:5a:f0:e6:b0:
99:5d:f4:02:53:52:c5:4a:d8:24:fd:73:07:33:79:
ab:39:4e:14:22:6d:4d:7f:f5:8f:0b:4d:18:34:cd:
e8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:86:C4:A5:BF:F0:6F:A0:53:62:F2:39:2D:D5:94:DA:83:E6:B3:7F
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/z4bEpb_wb6BTYvI5LdWU2oPms38.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
57:9d:c8:89:68:5e:23:32:6f:04:a9:1b:b8:ea:ec:4b:5e:ad:
34:45:a6:2a:f7:bf:d3:3b:79:42:de:2f:60:66:92:38:07:b4:
22:6d:eb:c7:db:b0:f1:00:67:42:25:c6:cb:75:d1:cc:b8:31:
27:c0:5b:98:51:0c:9d:06:39:3d:18:71:b3:d9:b9:90:96:11:
8a:d7:0d:39:4f:f0:42:d3:88:77:c6:51:77:2e:04:f8:7b:3b:
b0:75:1e:9f:ac:bd:70:b8:70:39:fc:80:e8:9e:e4:ef:5a:84:
a2:d1:0e:2b:b2:a7:31:db:00:11:8b:a0:60:1e:b7:7e:2b:17:
f0:4c:7e:61:c4:14:28:07:a2:c0:fb:34:b5:0a:a8:90:07:38:
f7:61:a6:78:b8:15:9e:bf:6e:98:cc:bf:48:54:72:11:a1:82:
5b:c6:72:38:95:90:c7:a1:88:a6:97:a6:b5:c9:91:27:99:8f:
11:27:fc:32:4d:63:9c:aa:1b:2d:49:24:de:8a:58:63:7a:6b:
cc:d4:1a:0f:cb:57:58:1e:33:5d:f3:a9:85:3d:9d:6d:a3:70:
10:db:d6:34:f7:64:86:75:c6:91:45:97:0b:59:45:86:77:f3:
da:d6:90:c0:f8:04:d1:25:8d:a7:b5:f9:21:2b:17:d6:c2:fa:
af:6e:f9:a3
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDMx
NjI2NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENGODZDNEE1QkZGMDZG
QTA1MzYyRjIzOTJERDU5NERBODNFNkIzN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNUSo8zdPB41GdGRDZDqX7ZS/+fAHIUyM/NUAxI2pn2h4WmCmf
t2erBsCQ1hMuParRJRyJkdtvztzfETNH68Tr2eTOdYK7Kl94L7mUnj0ERMJ0YoxT
ZzqgBd6OkIWbuEHca9vK7jmeUEwT1NMPjUPEERONFbk5jYHMGxrzNuybYtsA7hms
+U3M8g/udtuRKUVgZfHvgZisxjEzRN6GsISs1IKR2M+LMgOPj1zB30mSGdEnxHqH
HTzQkqG37tO+dC8ASkDItoKNcOIGBqVesCdjNeFoYgOxbGYJiTZbWvDmsJld9AJT
UsVK2CT9cwczeas5ThQibU1/9Y8LTRg0zeiFAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUz4bEpb/wb6BTYvI5LdWU2oPms38wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3o0YkVwYl93YjZCVFl2
STVMZFdVMm9QbXMzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAFedyIloXiMybwSpG7jq7Ete
rTRFpir3v9M7eULeL2BmkjgHtCJt68fbsPEAZ0Ilxst10cy4MSfAW5hRDJ0GOT0Y
cbPZuZCWEYrXDTlP8ELTiHfGUXcuBPh7O7B1Hp+svXC4cDn8gOie5O9ahKLRDiuy
pzHbABGLoGAet34rF/BMfmHEFCgHosD7NLUKqJAHOPdhpni4FZ6/bpjMv0hUchGh
glvGcjiVkMehiKaXprXJkSeZjxEn/DJNY5yqGy1JJN6KWGN6a8zUGg/LV1geM13z
qYU9nW2jcBDb1jT3ZIZ1xpFFlwtZRYZ389rWkMD4BNEljae1+SErF9bC+q9u+aM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:55 2025 by rpki-client