Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/3ItWFF6Vo4wblYE0QQjG9eEVr_A.roa
File: 3ItWFF6Vo4wblYE0QQjG9eEVr_A.roa (raw, json)
Hash identifier: FZ1xXaavke29bU2k69pBjA/3xqB2JryWHvWjt2N76zg=
Subject key identifier: DC:8B:56:14:5E:95:A3:8C:1B:95:81:34:41:08:C6:F5:E1:15:AF:F0
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07DE
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3ItWFF6Vo4wblYE0QQjG9eEVr_A.roa
Signing time: Fri 24 Jan 2025 12:55:03 +0000
ROA not before: Fri 24 Jan 2025 12:55:03 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2014 (0x7de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 12:55:03 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DC8B56145E95A38C1B9581344108C6F5E115AFF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d5:84:ca:1b:da:ca:a3:06:fd:02:e0:ee:6e:
0c:70:f2:56:51:3c:72:63:30:8a:35:45:36:0e:d7:
eb:d2:e2:3e:d7:aa:51:28:19:e3:a0:0f:ce:d0:29:
d4:bc:a1:45:02:be:3d:d6:9a:5e:c3:cf:b0:ce:13:
b9:24:88:fe:c4:56:5a:d9:3f:51:ee:e5:33:9e:bb:
c7:74:89:00:ab:b1:4b:c0:72:5e:3d:3f:c7:47:18:
0f:e9:99:2a:9a:73:b5:15:d8:b1:9c:6f:b2:85:f1:
c0:d0:f7:f3:08:72:a8:13:d4:fa:d5:6b:18:84:a1:
70:3a:25:77:2c:88:8b:ea:14:83:74:b0:e4:82:c8:
2b:01:13:6e:19:2d:b3:d7:46:98:c2:4f:71:8a:de:
0c:be:37:d6:56:32:63:d6:32:5d:f8:8a:7b:2b:b8:
0b:38:59:1f:96:2e:95:b1:b6:c1:1b:9e:49:b3:9f:
02:70:f8:af:bb:f3:9d:48:2c:2a:e9:52:b3:65:f1:
69:ae:15:69:32:72:0f:f4:18:b0:64:bf:76:d4:32:
7e:91:96:e7:a5:43:96:70:86:34:f5:d6:18:6c:0e:
f7:79:57:13:63:17:7c:0d:fd:52:aa:74:ae:6f:2e:
12:4d:8e:ec:05:40:e9:87:21:8d:de:2b:2c:cd:3a:
5f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8B:56:14:5E:95:A3:8C:1B:95:81:34:41:08:C6:F5:E1:15:AF:F0
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3ItWFF6Vo4wblYE0QQjG9eEVr_A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:18:bf:f8:37:3e:87:38:13:83:be:80:8d:34:c9:bf:6e:6c:
ae:21:18:0f:73:d3:06:ae:f8:72:65:cc:37:b6:71:fe:78:07:
1e:99:27:68:76:57:2c:b0:36:16:d2:5d:19:6c:fe:d9:4c:fa:
ca:6d:b8:da:e8:c9:5b:2a:ea:47:2b:c9:1b:6a:19:fd:47:a5:
46:01:72:a6:56:c7:b1:5c:f8:c7:d1:03:0f:61:a7:25:da:71:
77:ef:24:64:83:7a:1c:e6:9f:e9:2d:71:19:68:65:65:96:29:
5b:80:5c:4b:97:4a:4b:be:30:36:18:9e:24:0a:9f:c6:b6:c3:
05:86:e9:57:8b:51:ee:2e:45:d9:da:d1:2e:25:12:96:86:6d:
ce:dc:e1:c1:1d:76:9a:29:83:d4:3f:45:0b:14:0a:a0:cb:76:
a1:d7:fe:7c:c2:3b:f3:fb:58:69:f3:fb:e4:59:da:2b:b1:9f:
0f:c0:59:59:44:0d:36:f3:8e:67:36:b3:6b:a2:09:1a:64:3e:
3e:98:79:b1:6a:79:50:b2:55:96:6b:0b:c0:59:87:7c:5c:da:
26:70:bd:76:fe:3b:d9:f2:a4:da:61:4f:e7:94:90:30:c0:23:
31:f9:e7:af:34:17:66:5a:8a:37:9e:65:b2:13:2a:cf:62:10:
19:a4:47:ca
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQx
MjU1MDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERDOEI1NjE0NUU5NUEz
OEMxQjk1ODEzNDQxMDhDNkY1RTExNUFGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM1YTKG9rKowb9AuDubgxw8lZRPHJjMIo1RTYO1+vS4j7XqlEo
GeOgD87QKdS8oUUCvj3Wml7Dz7DOE7kkiP7EVlrZP1Hu5TOeu8d0iQCrsUvAcl49
P8dHGA/pmSqac7UV2LGcb7KF8cDQ9/MIcqgT1PrVaxiEoXA6JXcsiIvqFIN0sOSC
yCsBE24ZLbPXRpjCT3GK3gy+N9ZWMmPWMl34insruAs4WR+WLpWxtsEbnkmznwJw
+K+7851ILCrpUrNl8WmuFWkycg/0GLBkv3bUMn6RluelQ5ZwhjT11hhsDvd5VxNj
F3wN/VKqdK5vLhJNjuwFQOmHIY3eKyzNOl+fAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU3ItWFF6Vo4wblYE0QQjG9eEVr/AwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzNJdFdGRjZWbzR3YmxZ
RTBRUWpHOWVFVnJfQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBABwYv/g3Poc4E4O+gI00yb9u
bK4hGA9z0wau+HJlzDe2cf54Bx6ZJ2h2VyywNhbSXRls/tlM+sptuNroyVsq6kcr
yRtqGf1HpUYBcqZWx7Fc+MfRAw9hpyXacXfvJGSDehzmn+ktcRloZWWWKVuAXEuX
Sku+MDYYniQKn8a2wwWG6VeLUe4uRdna0S4lEpaGbc7c4cEddpopg9Q/RQsUCqDL
dqHX/nzCO/P7WGnz++RZ2iuxnw/AWVlEDTbzjmc2s2uiCRpkPj6YebFqeVCyVZZr
C8BZh3xc2iZwvXb+O9nypNphT+eUkDDAIzH55680F2ZaijeeZbITKs9iEBmkR8o=
-----END CERTIFICATE-----
Generated at Sun May 18 02:09:36 2025 by rpki-client