Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/KUsNq6KNyOuk8v7OOvv6nXGPLWg.roa
File: KUsNq6KNyOuk8v7OOvv6nXGPLWg.roa (raw, json)
Hash identifier: 23mzYCR+AUbizSeb/d1WAicY9TU0iPIVvYqfF4lY490=
Subject key identifier: 29:4B:0D:AB:A2:8D:C8:EB:A4:F2:FE:CE:3A:FB:FA:9D:71:8F:2D:68
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07F4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/KUsNq6KNyOuk8v7OOvv6nXGPLWg.roa
Signing time: Fri 24 Jan 2025 18:25:05 +0000
ROA not before: Fri 24 Jan 2025 18:25:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2036 (0x7f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 18:25:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=294B0DABA28DC8EBA4F2FECE3AFBFA9D718F2D68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:16:8b:cd:fe:7e:b4:e8:1a:6f:4a:37:27:db:
0b:9e:d0:c4:94:ef:51:7f:61:7a:c5:7e:00:4a:95:
ff:f5:8b:0f:17:7d:3d:33:dc:76:b9:54:0c:ac:fe:
33:94:78:11:23:ac:96:6a:08:6a:5e:00:5d:74:34:
7d:89:b8:34:60:3a:98:63:e2:ca:ec:98:4d:00:62:
94:9f:b2:2b:ef:53:17:5c:f4:43:dd:a4:15:d6:f5:
2b:88:7c:a1:94:32:54:a8:43:af:a7:37:e0:1f:26:
d2:b0:87:cc:3f:56:6f:53:c7:65:aa:ae:d4:0f:0e:
8b:08:0c:fd:2e:3d:c3:19:64:85:c2:38:01:9b:f5:
8d:be:7e:57:b3:f3:2e:4f:16:97:c0:f6:ae:55:20:
13:aa:50:5f:64:b5:f1:9b:c4:60:2f:df:71:9f:d2:
bd:ef:f1:79:30:60:0b:ca:95:b6:04:59:d9:f0:9a:
74:a6:e4:12:6d:cd:c0:f0:29:6f:a0:eb:ec:41:62:
0a:6b:15:0a:18:92:33:ef:55:29:42:86:89:25:bb:
14:b5:f6:f9:56:13:4b:8b:19:fb:5d:86:cc:65:96:
fa:79:54:b7:43:90:ea:8c:ca:68:d6:52:41:ad:ba:
80:23:19:ab:9b:18:35:4b:19:b2:13:2f:1e:12:da:
3a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4B:0D:AB:A2:8D:C8:EB:A4:F2:FE:CE:3A:FB:FA:9D:71:8F:2D:68
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/KUsNq6KNyOuk8v7OOvv6nXGPLWg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:63:e1:dc:da:72:82:40:ea:92:e8:ae:e2:ef:fd:15:05:dc:
d4:4a:c5:41:24:98:e1:c6:94:ee:0c:0a:66:a6:77:bd:8f:06:
fe:dc:0e:27:7f:95:5b:54:42:a1:72:a2:d1:aa:a4:04:ab:3b:
65:2e:fd:25:20:1f:e3:63:bd:bc:9c:c5:b6:3c:e3:49:ab:79:
cd:cc:76:3e:31:53:de:9f:27:70:c3:17:75:c2:d5:b6:40:06:
7a:a0:a3:3a:59:b5:6c:6c:54:20:26:e3:38:25:08:cd:2b:82:
32:53:da:3a:1f:56:f6:e4:ac:df:1f:95:49:ec:d6:08:64:3f:
91:be:73:28:92:40:df:19:fc:8a:5a:8c:e4:85:9a:40:42:6c:
33:de:bc:84:80:e6:4b:63:ac:e2:52:da:a5:3a:42:58:ce:49:
32:af:01:c7:9a:1e:51:11:a1:e0:a3:b6:96:5b:12:90:41:4c:
f3:60:ee:ed:3f:68:3e:27:f5:af:0b:a5:d2:27:1c:19:9e:c0:
78:e9:8c:01:34:ec:c8:70:fd:43:2e:98:59:b8:0a:48:46:53:
b8:ed:3e:1b:f8:4e:6a:59:76:d8:a5:4d:2a:87:96:72:5c:da:
8b:54:93:5d:c2:51:f0:0b:dc:88:ae:ba:6f:35:31:5a:ad:f9:
81:91:9c:c2
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQx
ODI1MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI5NEIwREFCQTI4REM4
RUJBNEYyRkVDRTNBRkJGQTlENzE4RjJENjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLFovN/n606BpvSjcn2wue0MSU71F/YXrFfgBKlf/1iw8XfT0z
3Ha5VAys/jOUeBEjrJZqCGpeAF10NH2JuDRgOphj4srsmE0AYpSfsivvUxdc9EPd
pBXW9SuIfKGUMlSoQ6+nN+AfJtKwh8w/Vm9Tx2WqrtQPDosIDP0uPcMZZIXCOAGb
9Y2+flez8y5PFpfA9q5VIBOqUF9ktfGbxGAv33Gf0r3v8XkwYAvKlbYEWdnwmnSm
5BJtzcDwKW+g6+xBYgprFQoYkjPvVSlChokluxS19vlWE0uLGftdhsxllvp5VLdD
kOqMymjWUkGtuoAjGaubGDVLGbITLx4S2jo1AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUKUsNq6KNyOuk8v7OOvv6nXGPLWgwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0tVc05xNktOeU91azh2
N09PdnY2blhHUExXZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAF5j4dzacoJA6pLoruLv/RUF
3NRKxUEkmOHGlO4MCmamd72PBv7cDid/lVtUQqFyotGqpASrO2Uu/SUgH+Njvbyc
xbY840mrec3Mdj4xU96fJ3DDF3XC1bZABnqgozpZtWxsVCAm4zglCM0rgjJT2jof
VvbkrN8flUns1ghkP5G+cyiSQN8Z/IpajOSFmkBCbDPevISA5ktjrOJS2qU6QljO
STKvAceaHlERoeCjtpZbEpBBTPNg7u0/aD4n9a8LpdInHBmewHjpjAE07Mhw/UMu
mFm4CkhGU7jtPhv4TmpZdtilTSqHlnJc2otUk13CUfAL3Iiuum81MVqt+YGRnMI=
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:38 2025 by rpki-client