Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/3bOsDgkqs3Dzo13ePFnpx7chyns.roa
File: 3bOsDgkqs3Dzo13ePFnpx7chyns.roa (raw, json)
Hash identifier: QWlTCtJnuf3nm/ak/PrOchTTiU61+fBj7fXuzq3NhsY=
Subject key identifier: DD:B3:AC:0E:09:2A:B3:70:F3:A3:5D:DE:3C:59:E9:C7:B7:21:CA:7B
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0AD2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3bOsDgkqs3Dzo13ePFnpx7chyns.roa
Signing time: Sat 01 Feb 2025 09:55:33 +0000
ROA not before: Sat 01 Feb 2025 09:55:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2770 (0xad2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 09:55:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DDB3AC0E092AB370F3A35DDE3C59E9C7B721CA7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:05:73:b4:34:37:ef:f1:95:1f:25:92:7b:1f:
9d:d9:75:43:1a:4e:4d:f3:80:d8:69:a7:a3:a4:86:
8d:dc:54:e6:e7:84:4e:ed:c7:e3:1e:43:0f:55:c4:
8f:9a:82:96:3b:22:0e:d2:72:a2:e1:dd:3d:dc:02:
68:c4:c7:3d:52:ff:58:17:79:0b:f0:61:9b:e8:18:
62:39:f9:c9:52:38:53:d4:6d:1b:f6:35:64:bd:0e:
98:7d:0a:5d:7f:a1:49:89:28:26:42:8e:5f:ed:8c:
5d:73:98:12:91:e9:79:34:97:49:51:2d:40:f7:5e:
34:ea:88:c2:ab:13:94:84:cc:7d:49:aa:a7:72:6b:
72:17:da:50:16:e8:23:fb:94:d9:6a:17:cd:d8:fa:
2f:0d:50:92:1a:4c:b2:d6:30:5b:b2:8a:c6:ab:c4:
c1:61:21:64:95:29:e6:8f:14:96:a7:b8:16:30:c9:
97:3e:14:21:d4:73:0b:63:4e:c3:2a:75:f1:61:e1:
96:00:b5:da:7d:9d:d7:2f:d6:f9:9f:b8:d8:79:50:
ca:1f:de:af:76:6d:f5:eb:ef:0a:e9:6c:38:3f:da:
98:e4:28:ff:7f:2c:1f:ba:33:86:1f:08:4e:1a:28:
52:31:50:8b:c5:1f:13:91:41:b4:13:e6:6b:04:fa:
ff:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B3:AC:0E:09:2A:B3:70:F3:A3:5D:DE:3C:59:E9:C7:B7:21:CA:7B
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3bOsDgkqs3Dzo13ePFnpx7chyns.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
67:11:59:70:36:6e:1d:e3:63:14:1d:10:a6:b1:e7:9a:b8:51:
f7:50:aa:7e:38:cf:f9:96:93:4f:8e:ee:7f:27:c3:4f:db:39:
64:e8:ae:a3:25:c3:e8:bb:18:fc:4f:58:91:56:2f:9d:db:07:
af:2b:6a:c2:db:ed:a2:e6:e5:1e:52:7e:e5:49:88:04:bf:29:
b0:a9:b0:1a:7c:13:66:e3:c4:9e:e3:77:29:81:d9:e4:e0:ba:
29:a2:43:38:5c:5a:b5:88:d7:9f:08:01:27:d3:a7:2d:45:8a:
3d:7e:19:ff:ac:23:ab:a5:e7:9b:0a:73:47:48:5c:b7:a1:d0:
dc:19:5a:2a:70:1e:af:e9:5d:11:4b:f5:78:1f:4d:73:07:07:
4c:11:18:a4:04:7e:46:d0:88:08:16:00:35:7d:6b:dd:1c:61:
5e:d4:78:cc:2c:66:97:d2:80:b9:94:c3:36:5e:da:47:d3:15:
ff:a0:d2:29:03:6e:53:c0:89:06:b8:e2:49:55:55:a6:5e:9e:
fe:be:06:08:69:c6:5b:da:1f:23:8c:00:5b:9c:2b:eb:df:a4:
32:52:5f:f3:7b:d6:83:d0:55:e0:84:a8:3b:71:47:e3:6c:f5:
7d:0a:8c:a1:35:19:e6:02:9d:0e:b0:7e:bf:b1:f1:fa:83:5d:
cc:0c:b9:41
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCtIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEw
OTU1MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEREQjNBQzBFMDkyQUIz
NzBGM0EzNURERTNDNTlFOUM3QjcyMUNBN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6BXO0NDfv8ZUfJZJ7H53ZdUMaTk3zgNhpp6Okho3cVObnhE7t
x+MeQw9VxI+agpY7Ig7ScqLh3T3cAmjExz1S/1gXeQvwYZvoGGI5+clSOFPUbRv2
NWS9Dph9Cl1/oUmJKCZCjl/tjF1zmBKR6Xk0l0lRLUD3XjTqiMKrE5SEzH1Jqqdy
a3IX2lAW6CP7lNlqF83Y+i8NUJIaTLLWMFuyisarxMFhIWSVKeaPFJanuBYwyZc+
FCHUcwtjTsMqdfFh4ZYAtdp9ndcv1vmfuNh5UMof3q92bfXr7wrpbDg/2pjkKP9/
LB+6M4YfCE4aKFIxUIvFHxORQbQT5msE+v9XAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU3bOsDgkqs3Dzo13ePFnpx7chynswHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLzNiT3NEZ2txczNEem8x
M2VQRm5weDdjaHlucy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGcRWXA2bh3jYxQdEKax55q4
UfdQqn44z/mWk0+O7n8nw0/bOWTorqMlw+i7GPxPWJFWL53bB68rasLb7aLm5R5S
fuVJiAS/KbCpsBp8E2bjxJ7jdymB2eTguimiQzhcWrWI158IASfTpy1Fij1+Gf+s
I6ul55sKc0dIXLeh0NwZWipwHq/pXRFL9XgfTXMHB0wRGKQEfkbQiAgWADV9a90c
YV7UeMwsZpfSgLmUwzZe2kfTFf+g0ikDblPAiQa44klVVaZenv6+BghpxlvaHyOM
AFucK+vfpDJSX/N71oPQVeCEqDtxR+Ns9X0KjKE1GeYCnQ6wfr+x8fqDXcwMuUE=
-----END CERTIFICATE-----
Generated at Sat May 17 20:45:17 2025 by rpki-client