Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/0QbbRM2n2mF0izKyxANEBuXeMlI.roa
File: 0QbbRM2n2mF0izKyxANEBuXeMlI.roa (raw, json)
Hash identifier: XLhXbEkesWDoS9GNOL96fgWIastiNMVegSnHaD01vd0=
Subject key identifier: D1:06:DB:44:CD:A7:DA:61:74:8B:32:B2:C4:03:44:06:E5:DE:32:52
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0A82
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/0QbbRM2n2mF0izKyxANEBuXeMlI.roa
Signing time: Fri 31 Jan 2025 13:55:31 +0000
ROA not before: Fri 31 Jan 2025 13:55:31 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2690 (0xa82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 31 13:55:31 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D106DB44CDA7DA61748B32B2C4034406E5DE3252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c7:67:d5:2e:e3:3f:c5:70:89:af:e8:90:60:
da:50:f5:ba:04:13:4a:d1:58:65:c3:18:dd:e0:0a:
f2:c1:2b:bf:b2:ec:e4:82:4b:a4:52:7b:26:58:0d:
8e:0c:c3:d9:7d:68:4e:df:b0:87:84:17:60:b0:11:
81:03:a4:c1:58:c3:91:3c:d5:da:7d:1a:0c:7c:88:
73:6d:f0:3d:1e:de:91:20:15:86:e3:ca:07:38:1e:
ed:ce:19:6e:3e:8c:74:6c:02:ff:09:16:bf:89:eb:
c2:62:b1:6e:28:df:ac:99:e7:3b:0b:ce:45:9b:0a:
81:06:69:28:3e:df:17:f8:84:a7:0b:e5:e2:7f:e4:
f7:4f:57:70:c1:ef:50:3b:e3:d2:c9:74:d1:90:9d:
bc:36:84:ea:4d:1e:e4:bd:30:9a:3f:73:f6:b9:06:
a0:58:40:1b:64:cd:93:91:36:57:fc:9f:6d:49:f9:
f9:49:d8:41:f1:b0:56:e4:85:6e:1c:d2:89:f8:ae:
37:0c:ef:2a:2f:3f:e3:4c:c4:e7:ac:b2:bd:1b:3b:
61:3d:5f:19:85:3a:5f:31:ce:6a:c1:06:61:36:3a:
cf:c6:7d:e2:d4:d4:2e:f1:f9:d7:a6:74:45:ae:82:
f7:14:cb:e6:74:ff:e8:e9:60:6d:af:d8:98:d9:aa:
91:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:06:DB:44:CD:A7:DA:61:74:8B:32:B2:C4:03:44:06:E5:DE:32:52
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/0QbbRM2n2mF0izKyxANEBuXeMlI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:6b:5c:3d:85:00:8d:bc:7a:3a:52:aa:c3:c2:ed:3f:35:f4:
ff:a5:15:9a:7f:dd:17:b3:20:20:85:01:87:d6:3c:be:fb:7b:
f1:03:c7:c1:02:71:76:11:8a:5d:90:8f:0e:63:83:56:18:4a:
e6:0f:d3:55:b8:99:e2:99:fc:d1:72:95:da:34:db:a5:51:e2:
bb:40:73:b8:0a:39:b1:7e:fd:f9:62:30:67:eb:1c:2e:54:01:
73:1d:ab:0a:a5:98:71:1b:2a:1c:ba:ce:9b:17:17:ee:12:ea:
79:b9:5c:6f:51:b0:04:a3:56:e4:0c:9f:3e:d4:51:59:31:ea:
e3:05:4a:ab:19:89:e8:a0:e4:8f:7d:09:71:60:d5:93:d3:53:
67:e6:98:c2:5b:b1:d6:0c:2b:c0:e6:49:40:17:19:90:e3:ae:
48:23:ff:8a:59:c6:ee:e7:dc:99:db:27:34:51:6a:91:25:dc:
d6:e1:82:ef:5e:05:dd:d6:ad:9a:4f:81:c7:4c:1d:35:bd:6d:
31:41:32:e3:cd:35:df:de:1b:46:25:c4:c6:08:25:86:b3:6f:
36:23:62:a9:c5:29:fd:f1:b1:30:20:92:86:c7:5f:a2:c7:03:
70:15:3c:91:d9:d7:c2:e5:97:76:4f:55:91:79:6d:ac:63:b1:
94:c5:d3:44
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzEx
MzU1MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQxMDZEQjQ0Q0RBN0RB
NjE3NDhCMzJCMkM0MDM0NDA2RTVERTMyNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqx2fVLuM/xXCJr+iQYNpQ9boEE0rRWGXDGN3gCvLBK7+y7OSC
S6RSeyZYDY4Mw9l9aE7fsIeEF2CwEYEDpMFYw5E81dp9Ggx8iHNt8D0e3pEgFYbj
ygc4Hu3OGW4+jHRsAv8JFr+J68JisW4o36yZ5zsLzkWbCoEGaSg+3xf4hKcL5eJ/
5PdPV3DB71A749LJdNGQnbw2hOpNHuS9MJo/c/a5BqBYQBtkzZORNlf8n21J+flJ
2EHxsFbkhW4c0on4rjcM7yovP+NMxOessr0bO2E9XxmFOl8xzmrBBmE2Os/GfeLU
1C7x+demdEWugvcUy+Z0/+jpYG2v2JjZqpHrAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU0QbbRM2n2mF0izKyxANEBuXeMlIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzBRYmJSTTJuMm1GMGl6
S3l4QU5FQnVYZU1sSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBALZrXD2FAI28ejpSqsPC7T81
9P+lFZp/3RezICCFAYfWPL77e/EDx8ECcXYRil2Qjw5jg1YYSuYP01W4meKZ/NFy
ldo026VR4rtAc7gKObF+/fliMGfrHC5UAXMdqwqlmHEbKhy6zpsXF+4S6nm5XG9R
sASjVuQMnz7UUVkx6uMFSqsZieig5I99CXFg1ZPTU2fmmMJbsdYMK8DmSUAXGZDj
rkgj/4pZxu7n3JnbJzRRapEl3Nbhgu9eBd3WrZpPgcdMHTW9bTFBMuPNNd/eG0Yl
xMYIJYazbzYjYqnFKf3xsTAgkobHX6LHA3AVPJHZ18Lll3ZPVZF5baxjsZTF00Q=
-----END CERTIFICATE-----
Generated at Sun May 18 03:07:32 2025 by rpki-client