Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/2RlmzbpJwa3ExqiNYGv-W-0E7Xc.roa
File: 2RlmzbpJwa3ExqiNYGv-W-0E7Xc.roa (raw, json)
Hash identifier: l3LTr0ZWMBftucjyZmwiWgusM04tYtBxpylfwhuh8WU=
Subject key identifier: D9:19:66:CD:BA:49:C1:AD:C4:C6:A8:8D:60:6B:FE:5B:ED:04:ED:77
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0AE0
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2RlmzbpJwa3ExqiNYGv-W-0E7Xc.roa
Signing time: Sat 01 Feb 2025 13:25:37 +0000
ROA not before: Sat 01 Feb 2025 13:25:37 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2784 (0xae0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 13:25:37 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D91966CDBA49C1ADC4C6A88D606BFE5BED04ED77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:00:c8:5f:f9:e1:27:f2:01:1e:97:f6:3e:f4:
05:74:43:87:d7:7f:3e:c8:77:57:47:96:99:ba:3c:
d1:97:6c:9c:e5:5f:8b:ea:f1:89:b8:9f:a0:ca:2f:
f4:87:3f:4c:a5:30:24:e2:bb:f7:92:c3:88:bc:94:
09:b6:15:10:fd:71:6b:33:8c:7b:c2:e9:c8:f6:0c:
a3:9e:06:9b:88:9d:27:3d:2c:5a:57:82:ae:77:65:
4d:c1:73:e0:10:7f:ff:7a:0d:bd:a3:d2:97:f2:85:
7c:33:db:7f:16:d8:5d:31:c2:f0:43:e1:8b:06:57:
92:3d:30:d9:97:3a:86:e6:b5:ac:21:e8:2a:b6:df:
b6:49:61:d4:2d:bb:ba:e0:5c:69:1d:b6:e3:1d:95:
3b:c4:8f:70:54:be:ac:6c:f8:84:74:f0:79:64:33:
28:11:8a:fc:5d:73:df:d2:39:74:c8:19:d9:b5:d6:
53:c0:19:8b:6b:c0:ce:15:b4:cf:3c:70:6d:b6:d3:
bd:f8:e1:49:55:57:e5:f2:8a:16:78:1b:2e:8e:0d:
6c:7a:50:e4:cb:2c:4c:20:f8:4d:c0:56:a5:3c:80:
e8:84:d5:3c:ee:ca:34:df:0d:7e:db:ce:e8:69:da:
8a:70:2d:4b:54:4c:c9:31:ec:5b:f6:23:d6:b8:44:
c4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:19:66:CD:BA:49:C1:AD:C4:C6:A8:8D:60:6B:FE:5B:ED:04:ED:77
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2RlmzbpJwa3ExqiNYGv-W-0E7Xc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
87:7f:a4:92:f3:8b:61:36:0b:0f:29:81:25:49:1c:1b:3c:63:
a8:e5:3d:5a:98:60:dd:ff:15:21:0b:9a:be:db:dc:e3:fc:19:
56:04:52:d5:a1:54:40:14:e5:04:45:76:46:a6:6a:13:48:11:
27:50:9d:57:cf:f1:47:2d:f6:d0:42:3d:fc:22:22:0a:07:86:
ea:73:84:e6:d2:94:f1:08:3c:86:8b:4d:3c:70:72:c1:3b:e1:
b0:73:fa:5c:51:a3:88:ee:55:c0:2b:1a:04:ca:a0:99:7c:ab:
0c:55:2c:51:8d:72:4e:45:84:ca:9a:20:1b:22:ba:e4:7d:e2:
99:3b:01:d3:69:e5:ee:7e:95:9c:80:29:60:ba:17:cb:3c:f1:
92:54:71:d1:65:b0:dd:03:7e:d1:22:f1:08:76:46:80:f7:64:
64:13:b7:8b:2a:a3:c3:cb:a2:23:96:1c:c2:91:cb:ad:ba:0f:
a2:e0:e3:e9:52:1a:5f:35:63:d3:67:5f:d9:c9:14:c6:f9:89:
e3:76:48:b4:46:99:b2:8d:31:7f:e4:7d:56:de:b1:38:9e:cc:
20:f3:6c:26:fa:89:28:46:a4:67:d2:3d:e1:59:d7:ef:01:33:
15:e6:2f:e1:a7:39:d4:96:8f:49:87:b4:14:62:b3:16:45:da:
eb:ab:3b:13
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCuAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEx
MzI1MzdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ5MTk2NkNEQkE0OUMx
QURDNEM2QTg4RDYwNkJGRTVCRUQwNEVENzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeAMhf+eEn8gEel/Y+9AV0Q4fXfz7Id1dHlpm6PNGXbJzlX4vq
8Ym4n6DKL/SHP0ylMCTiu/eSw4i8lAm2FRD9cWszjHvC6cj2DKOeBpuInSc9LFpX
gq53ZU3Bc+AQf/96Db2j0pfyhXwz238W2F0xwvBD4YsGV5I9MNmXOobmtawh6Cq2
37ZJYdQtu7rgXGkdtuMdlTvEj3BUvqxs+IR08HlkMygRivxdc9/SOXTIGdm11lPA
GYtrwM4VtM88cG2207344UlVV+XyihZ4Gy6ODWx6UOTLLEwg+E3AVqU8gOiE1Tzu
yjTfDX7bzuhp2opwLUtUTMkx7Fv2I9a4RMSHAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU2RlmzbpJwa3ExqiNYGv+W+0E7XcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzJSbG16YnBKd2EzRXhx
aU5ZR3YtVy0wRTdYYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAId/pJLzi2E2Cw8pgSVJHBs8
Y6jlPVqYYN3/FSELmr7b3OP8GVYEUtWhVEAU5QRFdkamahNIESdQnVfP8Uct9tBC
PfwiIgoHhupzhObSlPEIPIaLTTxwcsE74bBz+lxRo4juVcArGgTKoJl8qwxVLFGN
ck5FhMqaIBsiuuR94pk7AdNp5e5+lZyAKWC6F8s88ZJUcdFlsN0DftEi8Qh2RoD3
ZGQTt4sqo8PLoiOWHMKRy626D6Lg4+lSGl81Y9NnX9nJFMb5ieN2SLRGmbKNMX/k
fVbesTiezCDzbCb6iShGpGfSPeFZ1+8BMxXmL+GnOdSWj0mHtBRisxZF2uurOxM=
-----END CERTIFICATE-----
Generated at Sun May 18 03:07:40 2025 by rpki-client