Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/2qjeETIhGpHUuBwryOhjvf7Vfys.roa
File: 2qjeETIhGpHUuBwryOhjvf7Vfys.roa (raw, json)
Hash identifier: sMlRzsNy+zG9XTJKtllnMx+6lQakxZV2rT+kA6b8SPs=
Subject key identifier: DA:A8:DE:11:32:21:1A:91:D4:B8:1C:2B:C8:E8:63:BD:FE:D5:7F:2B
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 08EC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2qjeETIhGpHUuBwryOhjvf7Vfys.roa
Signing time: Mon 27 Jan 2025 08:25:57 +0000
ROA not before: Mon 27 Jan 2025 08:25:57 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2284 (0x8ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 27 08:25:57 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DAA8DE1132211A91D4B81C2BC8E863BDFED57F2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f5:e6:83:39:a5:98:de:19:bf:61:00:10:b4:
26:51:3c:0d:4e:2c:0d:86:5d:9d:05:14:1f:37:48:
09:fb:66:e3:ba:dc:10:0d:ea:b3:9e:83:c4:c4:3c:
32:42:dd:93:8a:fd:6b:a1:b3:98:4f:46:a8:a9:71:
44:90:b8:b8:b9:6d:5f:72:84:e0:40:54:42:45:a3:
be:ef:70:3b:94:c3:0e:12:26:98:cb:54:9c:1e:c7:
a4:e0:7d:02:ba:b8:d9:c4:59:9b:13:f1:b7:a1:ed:
4f:24:c2:67:c5:6d:fa:e0:29:b3:23:ac:cf:80:c9:
ed:f0:73:f7:2a:e1:1b:2a:23:bc:be:d7:6c:6d:bd:
48:c4:ad:a5:8e:49:51:44:d2:01:ff:a5:0f:8f:aa:
ab:1d:f6:bd:1a:18:6b:4c:a1:ca:50:bf:1d:af:33:
c2:e3:4f:b0:76:6b:67:77:2e:e9:6d:ee:3d:bc:a6:
21:1f:b5:94:95:02:df:14:4f:e3:57:ad:61:d0:f8:
50:e8:cb:4c:45:69:4f:58:48:5b:8d:b2:39:17:e6:
b5:df:77:8c:0d:b6:27:f9:ee:d5:d2:7b:fc:5d:f7:
cb:bc:9c:b8:dd:bd:4a:3b:de:f1:2c:5c:9e:58:1d:
de:89:cb:aa:81:44:28:62:cc:7d:2a:36:6d:64:7b:
d5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A8:DE:11:32:21:1A:91:D4:B8:1C:2B:C8:E8:63:BD:FE:D5:7F:2B
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2qjeETIhGpHUuBwryOhjvf7Vfys.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
86:9a:4d:60:d5:98:c6:0f:3f:51:8a:9d:d3:1d:a7:ac:3d:d6:
c9:a7:d1:e7:40:85:95:d1:c2:75:d2:7d:15:15:25:21:1a:06:
59:22:40:a2:58:1d:ba:76:01:08:c8:c2:8e:9c:25:6f:2c:3d:
29:cb:13:56:4f:ef:2c:81:6a:c6:1d:0d:e1:ba:6c:eb:49:40:
15:8d:99:16:83:a5:6e:d0:c0:c7:0b:5a:5f:1f:60:95:ec:96:
cb:98:85:9b:83:c2:f0:4c:d0:5a:35:a3:c8:3a:54:f5:82:c0:
a8:d2:04:49:6b:20:1a:a4:54:c9:cf:19:c8:0c:56:3b:53:36:
24:32:e7:1f:f4:dc:57:9e:ea:d1:20:2b:f1:3a:a5:42:e6:45:
3f:76:a6:f9:41:75:58:55:43:f2:87:7b:b9:90:68:af:ae:b1:
34:04:47:01:c4:18:c8:3c:d7:31:4f:49:e7:45:7d:ad:a8:fa:
fe:71:e2:0a:6b:5e:67:7b:e1:e6:64:63:c7:e4:11:03:a0:2d:
d8:df:d1:67:c7:d0:90:d2:1f:b9:37:eb:31:95:67:9f:8b:c1:
f4:50:c5:1a:dd:64:50:41:61:2e:7d:54:21:40:4a:db:95:2c:
50:d4:c1:f8:f2:f9:bb:27:93:d0:ab:6a:49:7f:aa:3d:62:91:
4b:16:d5:c4
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjcw
ODI1NTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERBQThERTExMzIyMTFB
OTFENEI4MUMyQkM4RTg2M0JERkVENTdGMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn9eaDOaWY3hm/YQAQtCZRPA1OLA2GXZ0FFB83SAn7ZuO63BAN
6rOeg8TEPDJC3ZOK/Wuhs5hPRqipcUSQuLi5bV9yhOBAVEJFo77vcDuUww4SJpjL
VJwex6TgfQK6uNnEWZsT8beh7U8kwmfFbfrgKbMjrM+Aye3wc/cq4RsqI7y+12xt
vUjEraWOSVFE0gH/pQ+Pqqsd9r0aGGtMocpQvx2vM8LjT7B2a2d3Lult7j28piEf
tZSVAt8UT+NXrWHQ+FDoy0xFaU9YSFuNsjkX5rXfd4wNtif57tXSe/xd98u8nLjd
vUo73vEsXJ5YHd6Jy6qBRChizH0qNm1ke9UFAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU2qjeETIhGpHUuBwryOhjvf7VfyswHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzJxamVFVEloR3BIVXVC
d3J5T2hqdmY3VmZ5cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIaaTWDVmMYPP1GKndMdp6w9
1smn0edAhZXRwnXSfRUVJSEaBlkiQKJYHbp2AQjIwo6cJW8sPSnLE1ZP7yyBasYd
DeG6bOtJQBWNmRaDpW7QwMcLWl8fYJXslsuYhZuDwvBM0Fo1o8g6VPWCwKjSBElr
IBqkVMnPGcgMVjtTNiQy5x/03Fee6tEgK/E6pULmRT92pvlBdVhVQ/KHe7mQaK+u
sTQERwHEGMg81zFPSedFfa2o+v5x4gprXmd74eZkY8fkEQOgLdjf0WfH0JDSH7k3
6zGVZ5+LwfRQxRrdZFBBYS59VCFAStuVLFDUwfjy+bsnk9Crakl/qj1ikUsW1cQ=
-----END CERTIFICATE-----
Generated at Sat May 17 21:01:50 2025 by rpki-client