Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/2zSHSgkvt6JMP3dQrhg4oOwW-xM.roa
File: 2zSHSgkvt6JMP3dQrhg4oOwW-xM.roa (raw, json)
Hash identifier: z+FCzyKVqxDPW5nlhj3hGj8vZcmWXn5GB/X9ICDxX2s=
Subject key identifier: DB:34:87:4A:09:2F:B7:A2:4C:3F:77:50:AE:18:38:A0:EC:16:FB:13
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0ACA
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2zSHSgkvt6JMP3dQrhg4oOwW-xM.roa
Signing time: Sat 01 Feb 2025 07:55:33 +0000
ROA not before: Sat 01 Feb 2025 07:55:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2762 (0xaca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 07:55:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DB34874A092FB7A24C3F7750AE1838A0EC16FB13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:52:51:ce:cf:24:d0:e4:da:69:ab:42:b8:2f:
7b:ca:63:7d:6d:7f:af:ce:e9:e6:64:b8:bd:44:ad:
c5:e7:00:c7:e6:95:d0:f7:f1:09:4d:0c:89:66:d3:
dc:eb:45:e4:6d:23:87:49:28:db:2a:93:f5:8d:e0:
01:77:a5:51:76:90:4d:58:93:3e:d4:13:b4:b5:cf:
2f:48:55:6e:10:c5:b9:13:f6:a4:6e:ce:bf:11:e6:
f1:e5:52:b4:5b:27:19:0e:2f:0e:ca:e0:e9:12:8d:
a9:26:12:31:76:70:b1:23:34:45:f3:d3:6a:11:4a:
c7:69:0b:70:00:7a:af:c5:04:a7:a8:3e:54:7a:e3:
94:e2:ba:c1:db:a9:aa:c3:c3:67:4a:3d:52:c0:28:
62:6e:c5:09:d9:4f:e1:53:48:7d:0c:77:4e:a4:bb:
ab:5c:46:b5:83:ea:0c:7d:6f:46:07:54:e4:8f:d2:
81:3b:82:16:c7:e0:db:92:ad:81:58:c6:81:2d:df:
87:3e:9a:de:e2:18:14:6d:71:a3:ee:b6:5a:5d:c9:
da:5b:79:43:fb:59:a1:30:38:e1:f4:fa:e9:bf:e7:
a5:b6:46:df:35:91:08:9e:4c:1f:9e:3d:89:63:d1:
f5:f2:43:f6:57:cd:ed:4e:f9:95:06:dc:9f:f0:ee:
2e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:34:87:4A:09:2F:B7:A2:4C:3F:77:50:AE:18:38:A0:EC:16:FB:13
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/2zSHSgkvt6JMP3dQrhg4oOwW-xM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
65:da:c5:99:3d:10:63:39:82:8f:19:6a:14:c1:5e:40:22:33:
12:cb:ee:a9:ad:54:ed:42:c5:0c:bc:69:d8:1b:7e:5c:ef:22:
85:42:c2:14:12:61:0f:7e:4e:07:83:b4:3d:90:33:a4:49:9b:
cc:88:4e:89:31:47:9e:c4:a2:3d:52:46:82:e9:78:5f:81:f4:
38:a5:8d:3c:f7:52:4b:b7:b7:93:43:a3:5d:ae:3c:7a:09:f8:
14:a0:ba:7b:73:b7:a2:b9:2e:99:05:83:84:f0:ee:3b:e5:6d:
38:7a:69:13:a3:3d:f4:40:ff:6a:c5:ab:ab:ef:3b:37:bf:aa:
f1:6f:86:41:5e:e4:92:e3:93:c2:5f:d9:79:21:02:70:84:83:
47:95:1b:bc:08:7e:77:39:d0:fa:d6:46:1f:f0:66:69:2d:2d:
2d:5f:37:ce:ec:91:9d:82:0e:34:6e:0f:29:d4:c7:9f:22:e6:
5f:ce:3a:e2:40:a5:7a:d1:88:a8:8c:2b:1a:d2:24:ab:7d:1b:
4e:10:48:ce:fb:a8:89:1e:79:bf:4d:b2:aa:7c:8f:93:49:77:
be:9d:0a:30:4a:a4:27:68:90:8d:bf:16:a8:be:2e:ed:f0:7f:
c5:79:df:7e:ba:24:b0:0b:be:ff:e4:10:28:1e:5f:ae:d0:0f:
25:67:2e:e4
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEw
NzU1MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERCMzQ4NzRBMDkyRkI3
QTI0QzNGNzc1MEFFMTgzOEEwRUMxNkZCMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpUlHOzyTQ5Nppq0K4L3vKY31tf6/O6eZkuL1ErcXnAMfmldD3
8QlNDIlm09zrReRtI4dJKNsqk/WN4AF3pVF2kE1Ykz7UE7S1zy9IVW4QxbkT9qRu
zr8R5vHlUrRbJxkOLw7K4OkSjakmEjF2cLEjNEXz02oRSsdpC3AAeq/FBKeoPlR6
45TiusHbqarDw2dKPVLAKGJuxQnZT+FTSH0Md06ku6tcRrWD6gx9b0YHVOSP0oE7
ghbH4NuSrYFYxoEt34c+mt7iGBRtcaPutlpdydpbeUP7WaEwOOH0+um/56W2Rt81
kQieTB+ePYlj0fXyQ/ZXze1O+ZUG3J/w7i6lAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU2zSHSgkvt6JMP3dQrhg4oOwW+xMwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzJ6U0hTZ2t2dDZKTVAz
ZFFyaGc0b093Vy14TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGXaxZk9EGM5go8ZahTBXkAi
MxLL7qmtVO1CxQy8adgbflzvIoVCwhQSYQ9+TgeDtD2QM6RJm8yITokxR57Eoj1S
RoLpeF+B9DiljTz3Uku3t5NDo12uPHoJ+BSguntzt6K5LpkFg4Tw7jvlbTh6aROj
PfRA/2rFq6vvOze/qvFvhkFe5JLjk8Jf2XkhAnCEg0eVG7wIfnc50PrWRh/wZmkt
LS1fN87skZ2CDjRuDynUx58i5l/OOuJApXrRiKiMKxrSJKt9G04QSM77qIkeeb9N
sqp8j5NJd76dCjBKpCdokI2/Fqi+Lu3wf8V53366JLALvv/kECgeX67QDyVnLuQ=
-----END CERTIFICATE-----
Generated at Sun May 18 17:19:50 2025 by rpki-client