Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Bl9NShgDbpd9MDY92Ln11PRcTSk.roa
File: Bl9NShgDbpd9MDY92Ln11PRcTSk.roa (raw, json)
Hash identifier: KVWPBYP09H5dMMyGmUx3o5Dx5b0Q7GCjLXgJXxW/Prw=
Subject key identifier: 06:5F:4D:4A:18:03:6E:97:7D:30:36:3D:D8:B9:F5:D4:F4:5C:4D:29
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BE2
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Bl9NShgDbpd9MDY92Ln11PRcTSk.roa
Signing time: Tue 04 Feb 2025 05:56:26 +0000
ROA not before: Tue 04 Feb 2025 05:56:26 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3042 (0xbe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 4 05:56:26 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=065F4D4A18036E977D30363DD8B9F5D4F45C4D29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:89:d2:88:8f:dd:cd:2c:ac:d5:03:39:aa:13:
a3:10:a0:65:0d:1e:07:ea:dc:07:4e:25:68:d4:75:
73:59:69:c0:ae:7c:8a:3e:b6:2d:5c:c3:86:ba:0c:
8f:1a:02:75:46:d1:3d:7b:7f:fb:8c:14:0f:bc:5d:
a8:20:c5:86:3c:6e:4f:b6:08:ce:db:76:fc:58:a8:
3c:60:29:06:f1:de:06:18:99:ea:a2:1d:a3:32:64:
2a:51:66:3f:c4:f5:f2:8c:ae:1e:ef:f7:cf:8e:12:
89:ec:5a:79:dc:e8:b6:4f:fc:86:e6:7d:64:92:56:
4a:1f:84:d6:c0:9f:1f:d3:ef:0c:45:b2:82:60:a4:
4c:85:72:5d:6b:41:d4:70:97:4d:c2:0a:37:12:87:
ac:00:8a:9c:ec:61:44:d2:17:0b:93:7c:42:89:b7:
da:93:07:01:eb:7d:b9:c0:ee:f9:50:c3:8e:f8:b0:
55:fd:41:e6:4e:d8:b9:b0:28:52:5d:3d:13:26:6f:
27:72:d8:ac:e6:11:d3:89:13:f0:12:cd:12:59:3c:
be:f8:b7:8a:57:51:8f:6c:94:e3:a9:cb:c9:e6:7a:
32:e1:b2:5b:04:b0:56:0a:c2:9f:af:58:87:70:bb:
f9:c1:57:75:2a:e6:a7:4c:3e:ee:d4:72:3d:ea:27:
b0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5F:4D:4A:18:03:6E:97:7D:30:36:3D:D8:B9:F5:D4:F4:5C:4D:29
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Bl9NShgDbpd9MDY92Ln11PRcTSk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
81:f2:2e:e7:c7:55:35:cc:cf:ed:58:97:76:87:b4:5c:6b:45:
2b:ff:18:bd:4f:03:60:30:e7:59:fa:14:55:0a:5c:cc:55:70:
b8:e1:32:82:9a:72:c6:ca:4d:88:88:c8:5c:6f:01:a0:0b:d4:
f5:60:dd:56:2c:e2:9c:a3:15:2a:bf:3f:b7:25:68:00:b6:bf:
34:f1:d4:ca:c7:ce:51:0b:61:14:43:fa:50:58:2a:34:7a:73:
f1:30:07:66:64:ea:1c:9f:43:61:ed:3b:2e:e6:92:58:54:a8:
d7:64:09:11:0c:67:fa:f7:32:49:7f:92:0f:f0:b0:83:f4:41:
9c:88:c6:20:61:09:02:d2:89:3e:b3:14:12:07:04:fc:26:57:
f9:27:63:5c:80:0a:4e:87:5b:9f:06:cb:e0:7b:03:15:6b:c2:
82:c0:9f:00:8a:b5:6e:c9:c9:de:39:de:f6:f2:68:20:61:b0:
a0:36:c6:a2:d7:18:4a:8d:9c:05:70:ca:19:67:38:c6:72:99:
de:be:25:fc:bd:f7:83:21:07:9b:d9:e7:07:81:7d:59:a1:58:
6b:4d:f8:2d:cf:4c:f6:09:67:9e:50:5d:20:00:b9:18:96:09:
ef:96:8c:fc:fd:76:b3:1a:9c:62:83:e3:55:f0:b2:89:2d:b0:
30:69:cb:19
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDQw
NTU2MjZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA2NUY0RDRBMTgwMzZF
OTc3RDMwMzYzREQ4QjlGNUQ0RjQ1QzREMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3idKIj93NLKzVAzmqE6MQoGUNHgfq3AdOJWjUdXNZacCufIo+
ti1cw4a6DI8aAnVG0T17f/uMFA+8XaggxYY8bk+2CM7bdvxYqDxgKQbx3gYYmeqi
HaMyZCpRZj/E9fKMrh7v98+OEonsWnnc6LZP/IbmfWSSVkofhNbAnx/T7wxFsoJg
pEyFcl1rQdRwl03CCjcSh6wAipzsYUTSFwuTfEKJt9qTBwHrfbnA7vlQw474sFX9
QeZO2LmwKFJdPRMmbydy2KzmEdOJE/ASzRJZPL74t4pXUY9slOOpy8nmejLhslsE
sFYKwp+vWIdwu/nBV3Uq5qdMPu7Ucj3qJ7DZAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUBl9NShgDbpd9MDY92Ln11PRcTSkwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0JsOU5TaGdEYnBkOU1E
WTkyTG4xMVBSY1RTay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIHyLufHVTXMz+1Yl3aHtFxr
RSv/GL1PA2Aw51n6FFUKXMxVcLjhMoKacsbKTYiIyFxvAaAL1PVg3VYs4pyjFSq/
P7claAC2vzTx1MrHzlELYRRD+lBYKjR6c/EwB2Zk6hyfQ2HtOy7mklhUqNdkCREM
Z/r3Mkl/kg/wsIP0QZyIxiBhCQLSiT6zFBIHBPwmV/knY1yACk6HW58Gy+B7AxVr
woLAnwCKtW7Jyd453vbyaCBhsKA2xqLXGEqNnAVwyhlnOMZymd6+Jfy994MhB5vZ
5weBfVmhWGtN+C3PTPYJZ55QXSAAuRiWCe+WjPz9drManGKD41XwsoktsDBpyxk=
-----END CERTIFICATE-----
Generated at Sat May 17 22:39:20 2025 by rpki-client