Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/I3pFgTH8cWI7ToPMs2HYKV_r3d4.roa
File: I3pFgTH8cWI7ToPMs2HYKV_r3d4.roa (raw, json)
Hash identifier: oec1QefpA8FrplcTjSX8vosYlIHLvizpSrEKGC9EQ+k=
Subject key identifier: 23:7A:45:81:31:FC:71:62:3B:4E:83:CC:B3:61:D8:29:5F:EB:DD:DE
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0A88
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/I3pFgTH8cWI7ToPMs2HYKV_r3d4.roa
Signing time: Fri 31 Jan 2025 15:27:33 +0000
ROA not before: Fri 31 Jan 2025 15:27:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2696 (0xa88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 31 15:27:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=237A458131FC71623B4E83CCB361D8295FEBDDDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:32:2c:d8:94:82:b9:9a:83:56:a1:29:a0:
a2:61:f7:bb:d8:4c:da:0e:0e:73:8c:60:f2:0a:9e:
8d:ea:df:df:23:57:ea:8d:d5:06:ac:37:98:6e:c1:
11:a6:5b:2a:07:f4:52:25:f1:d4:a9:39:ec:b9:cb:
a2:fb:c6:0f:d5:d0:ae:3d:7f:4d:0c:82:4e:50:5b:
ec:ae:d5:2f:83:59:e3:aa:8d:a1:49:7c:08:ae:f5:
51:2e:a1:f6:80:51:bb:e8:4b:0a:ef:12:60:a5:12:
d2:8c:68:61:44:50:b3:83:33:49:12:6d:86:d8:7c:
c6:cc:f0:0a:6d:a8:10:0c:bc:0e:d8:fe:81:5d:f5:
ed:a6:9e:77:cf:f6:53:61:fd:56:93:cd:25:1c:8e:
01:35:e1:84:ba:90:27:c1:86:05:76:90:40:66:d5:
9f:28:4b:ba:54:81:1b:1f:92:06:25:f4:be:a7:15:
0a:1a:ea:07:49:73:d3:83:36:5a:d5:9b:c6:50:92:
d6:43:31:e8:a8:46:68:ce:02:be:ea:9f:b2:87:a2:
47:f5:a9:62:ed:5d:ff:f1:fc:7b:10:30:65:40:08:
5f:5b:31:0f:f1:71:2c:fb:7c:39:ae:97:e8:30:69:
4d:a6:6d:45:14:df:c4:7e:6a:78:9e:0e:18:d0:e7:
cd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7A:45:81:31:FC:71:62:3B:4E:83:CC:B3:61:D8:29:5F:EB:DD:DE
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/I3pFgTH8cWI7ToPMs2HYKV_r3d4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
17:07:47:e7:30:14:81:69:98:6f:72:e6:70:40:80:5d:de:f0:
c5:34:9f:d7:35:76:49:62:1f:ae:3d:1e:bf:d9:c4:19:46:77:
54:62:5d:11:ce:a0:de:3b:0e:8b:2a:d1:ad:ee:43:44:ae:c9:
78:1a:0d:e6:84:d9:3b:f9:2b:91:72:87:c7:4f:cf:5c:f4:ae:
70:fe:00:5f:07:3a:dc:02:56:d8:01:d0:98:1b:30:8b:cd:82:
22:f6:d3:d6:8e:7f:a6:a3:37:38:4c:8a:c5:ef:e6:8f:3c:ad:
9d:b9:7d:77:3e:c8:cc:52:5a:52:31:d2:da:ac:19:61:71:45:
26:83:43:6a:47:1a:b7:f9:83:cd:cc:6b:9f:7b:a2:10:74:a6:
87:48:58:f4:98:02:e1:15:89:28:3b:30:6a:b8:a2:1d:cf:b4:
03:06:e0:7d:c2:ca:99:29:77:1d:b4:c2:80:73:07:e4:e4:64:
40:93:a9:b3:4b:a0:56:5f:4f:1f:8c:a1:ca:e0:7b:f7:2c:af:
66:fe:ed:00:de:bd:82:00:59:12:de:02:2d:fc:06:5f:e0:22:
3b:30:36:3c:12:ce:08:f8:78:2f:33:e1:24:ac:6e:88:7c:38:
54:6f:14:8f:e2:06:b5:4d:be:4d:b4:bc:56:59:7d:49:e7:39:
af:03:af:e8
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzEx
NTI3MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIzN0E0NTgxMzFGQzcx
NjIzQjRFODNDQ0IzNjFEODI5NUZFQkREREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz8TIs2JSCuZqDVqEpoKJh97vYTNoODnOMYPIKno3q398jV+qN
1QasN5huwRGmWyoH9FIl8dSpOey5y6L7xg/V0K49f00Mgk5QW+yu1S+DWeOqjaFJ
fAiu9VEuofaAUbvoSwrvEmClEtKMaGFEULODM0kSbYbYfMbM8AptqBAMvA7Y/oFd
9e2mnnfP9lNh/VaTzSUcjgE14YS6kCfBhgV2kEBm1Z8oS7pUgRsfkgYl9L6nFQoa
6gdJc9ODNlrVm8ZQktZDMeioRmjOAr7qn7KHokf1qWLtXf/x/HsQMGVACF9bMQ/x
cSz7fDmul+gwaU2mbUUU38R+anieDhjQ581DAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUI3pFgTH8cWI7ToPMs2HYKV/r3d4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0kzcEZnVEg4Y1dJN1Rv
UE1zMkhZS1ZfcjNkNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBABcHR+cwFIFpmG9y5nBAgF3e
8MU0n9c1dkliH649Hr/ZxBlGd1RiXRHOoN47Dosq0a3uQ0SuyXgaDeaE2Tv5K5Fy
h8dPz1z0rnD+AF8HOtwCVtgB0JgbMIvNgiL209aOf6ajNzhMisXv5o88rZ25fXc+
yMxSWlIx0tqsGWFxRSaDQ2pHGrf5g83Ma597ohB0podIWPSYAuEViSg7MGq4oh3P
tAMG4H3Cypkpdx20woBzB+TkZECTqbNLoFZfTx+Mocrge/csr2b+7QDevYIAWRLe
Ai38Bl/gIjswNjwSzgj4eC8z4SSsboh8OFRvFI/iBrVNvk20vFZZfUnnOa8Dr+g=
-----END CERTIFICATE-----
Generated at Sat May 17 19:32:55 2025 by rpki-client