Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/CTagApCWX2F4LnXf0enX5qxO0os.roa
File: CTagApCWX2F4LnXf0enX5qxO0os.roa (raw, json)
Hash identifier: JJ7TmkLPM5GXyqMHav2VF/tQAjVylNRBX12uZHHoFVw=
Subject key identifier: 09:36:A0:02:90:96:5F:61:78:2E:75:DF:D1:E9:D7:E6:AC:4E:D2:8B
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0832
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/CTagApCWX2F4LnXf0enX5qxO0os.roa
Signing time: Sat 25 Jan 2025 09:56:28 +0000
ROA not before: Sat 25 Jan 2025 09:56:28 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2098 (0x832)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 25 09:56:28 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0936A00290965F61782E75DFD1E9D7E6AC4ED28B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:22:5d:42:a0:9d:f3:d0:55:7e:2e:c0:07:17:
b3:18:f5:e7:c4:02:ae:c5:ef:90:63:ed:38:e1:14:
c3:76:fe:8d:c7:91:c1:f6:4a:8e:11:ff:e8:fe:3d:
5a:e2:28:1d:95:b0:74:21:8f:65:67:ad:25:ad:46:
f2:2d:50:b9:55:b9:a6:5c:50:09:49:1e:fa:e6:0d:
b7:ef:45:a5:93:c4:26:7e:01:cd:d0:28:28:21:ab:
31:9c:18:25:ab:9d:b7:f5:90:3e:e5:32:60:9e:39:
25:f3:be:cb:3a:98:ca:f6:67:8a:d3:bc:ba:68:63:
0b:32:7b:42:1f:60:0f:74:83:61:d0:43:da:a1:0b:
cb:8e:3a:08:7a:e6:96:44:8b:9a:cf:ae:ee:b0:7e:
cd:63:f0:76:29:1d:ac:d2:7d:66:cc:7f:52:40:6c:
5c:6b:b1:10:43:0f:bc:f5:c7:eb:8a:09:04:ba:83:
9e:b1:cb:a0:6a:c9:45:f3:a7:46:b6:c5:19:f2:ca:
89:c2:09:f1:9e:6a:71:57:59:d1:99:8f:30:f1:2c:
ea:ee:a5:5c:6e:c0:18:29:97:36:b3:9b:50:fd:3e:
18:c6:16:10:36:d0:6d:96:6f:2b:4b:af:db:3f:06:
a8:0c:bd:91:27:21:fd:7f:32:d1:00:c6:8d:51:5f:
84:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:36:A0:02:90:96:5F:61:78:2E:75:DF:D1:E9:D7:E6:AC:4E:D2:8B
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/CTagApCWX2F4LnXf0enX5qxO0os.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:32:95:07:85:53:18:2c:54:f8:fc:43:69:98:2a:cf:46:c9:
01:c5:24:4a:61:ad:c2:92:36:aa:eb:a6:fa:02:b9:f3:9a:6f:
00:17:b1:87:8f:58:77:ca:31:4e:23:1a:18:0b:5b:3f:58:ce:
37:b1:94:ae:e9:fb:14:b6:58:16:a3:02:c9:d0:6f:c6:44:21:
7d:57:08:a8:70:40:3d:ec:e1:5e:4b:14:22:34:7a:bd:17:50:
ea:c2:b2:f4:06:02:db:5e:00:80:dc:c8:e7:3c:69:2d:dd:72:
5d:ad:bf:d7:af:e0:11:78:c4:ee:68:11:8a:44:ea:61:e9:4b:
01:08:08:22:93:22:51:d3:6b:6f:14:ae:f2:5e:c7:50:e3:64:
55:0b:98:61:fd:42:2d:c9:99:c7:34:b4:45:31:31:0d:00:bf:
dc:e5:e2:2d:50:f2:9f:93:25:41:76:37:2d:cc:93:2c:9d:a7:
79:0f:b0:1a:e4:72:ba:9c:cd:38:7f:17:2f:25:16:79:bb:36:
82:54:82:1f:e6:18:b6:03:54:34:5a:be:52:63:22:a3:b5:f1:
19:b4:bb:2e:33:a0:02:36:b2:ee:bd:6d:f4:4a:de:c9:e2:c3:
32:d3:29:f3:db:4c:0c:12:9e:4e:eb:d4:97:66:99:94:2c:8b:
59:01:4a:4d
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjUw
OTU2MjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA5MzZBMDAyOTA5NjVG
NjE3ODJFNzVERkQxRTlEN0U2QUM0RUQyOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoIl1CoJ3z0FV+LsAHF7MY9efEAq7F75Bj7TjhFMN2/o3HkcH2
So4R/+j+PVriKB2VsHQhj2VnrSWtRvItULlVuaZcUAlJHvrmDbfvRaWTxCZ+Ac3Q
KCghqzGcGCWrnbf1kD7lMmCeOSXzvss6mMr2Z4rTvLpoYwsye0IfYA90g2HQQ9qh
C8uOOgh65pZEi5rPru6wfs1j8HYpHazSfWbMf1JAbFxrsRBDD7z1x+uKCQS6g56x
y6BqyUXzp0a2xRnyyonCCfGeanFXWdGZjzDxLOrupVxuwBgplzazm1D9PhjGFhA2
0G2WbytLr9s/BqgMvZEnIf1/MtEAxo1RX4ShAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUCTagApCWX2F4LnXf0enX5qxO0oswHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0NUYWdBcENXWDJGNExu
WGYwZW5YNXF4TzBvcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAB4ylQeFUxgsVPj8Q2mYKs9G
yQHFJEphrcKSNqrrpvoCufOabwAXsYePWHfKMU4jGhgLWz9YzjexlK7p+xS2WBaj
AsnQb8ZEIX1XCKhwQD3s4V5LFCI0er0XUOrCsvQGAtteAIDcyOc8aS3dcl2tv9ev
4BF4xO5oEYpE6mHpSwEICCKTIlHTa28UrvJex1DjZFULmGH9Qi3Jmcc0tEUxMQ0A
v9zl4i1Q8p+TJUF2Ny3Mkyydp3kPsBrkcrqczTh/Fy8lFnm7NoJUgh/mGLYDVDRa
vlJjIqO18Rm0uy4zoAI2su69bfRK3sniwzLTKfPbTAwSnk7r1JdmmZQsi1kBSk0=
-----END CERTIFICATE-----
Generated at Sun May 18 02:00:38 2025 by rpki-client