Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/MNnJ97PtR6FIICI9hbDuasMfSNI.roa
File: MNnJ97PtR6FIICI9hbDuasMfSNI.roa (raw, json)
Hash identifier: rgbNoLbuzxQLpQierzqMZdfCMIJqebOdOcHmORuW/aI=
Subject key identifier: 30:D9:C9:F7:B3:ED:47:A1:48:20:22:3D:85:B0:EE:6A:C3:1F:48:D2
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 066E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/MNnJ97PtR6FIICI9hbDuasMfSNI.roa
Signing time: Mon 20 Jan 2025 16:54:51 +0000
ROA not before: Mon 20 Jan 2025 16:54:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1646 (0x66e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 20 16:54:51 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=30D9C9F7B3ED47A14820223D85B0EE6AC31F48D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d8:0e:0b:1c:71:9f:45:53:ea:96:60:f4:c0:
23:85:81:d8:54:f6:62:10:d2:9e:4d:9e:b2:b7:a9:
ea:b9:db:6c:a2:a6:04:25:2a:7b:91:1b:51:71:68:
6b:ea:2d:25:8e:3d:c3:92:8a:31:2a:6b:15:a9:25:
1f:13:8a:0a:ea:9b:1c:2e:e6:cc:6f:b1:60:db:6c:
46:49:a0:ca:01:0e:6a:d0:58:99:1f:4d:66:24:dd:
80:dc:f0:4c:55:1c:5b:22:c1:70:3a:79:fb:a6:68:
5f:2e:f6:5a:ac:29:99:81:84:be:a4:60:fd:77:29:
b7:45:7a:44:f2:7a:f8:27:e2:c7:c1:9e:99:c3:9e:
09:35:ba:59:20:e2:8b:21:d9:04:cd:d8:0d:b2:54:
96:b1:2c:c6:00:0b:67:4a:b8:39:09:7b:43:73:36:
6c:b6:fe:79:c9:b8:cf:ef:83:03:73:f3:53:6d:07:
d5:00:47:4d:ec:3f:b6:bf:d6:85:29:6c:e2:e0:f9:
5e:11:e5:fe:ae:ef:be:d3:06:74:ad:56:3d:ad:ac:
6a:f4:a1:6e:0c:30:81:c5:14:14:a7:5d:68:64:0b:
6a:c1:32:63:80:47:b5:d6:78:b2:a3:e9:2f:e2:71:
75:e8:32:8e:3c:bd:c5:b1:05:d5:b9:70:97:de:4f:
41:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D9:C9:F7:B3:ED:47:A1:48:20:22:3D:85:B0:EE:6A:C3:1F:48:D2
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/MNnJ97PtR6FIICI9hbDuasMfSNI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:9c:1b:1b:17:12:f8:1c:a5:b5:b0:46:cb:18:8f:2e:af:27:
8e:7b:f8:4b:ab:8a:5c:0c:e6:5d:30:fa:44:2f:f6:ef:d9:63:
0d:9e:83:c2:d6:65:3f:3d:22:e3:7c:53:0e:da:67:1f:ca:42:
75:f4:f9:99:59:fb:2d:b7:9d:fa:3b:92:3c:14:05:49:1e:48:
4b:a5:a4:14:5a:09:50:e9:43:6d:3e:ed:d7:49:9c:00:ff:83:
f5:a8:7b:95:60:fb:a9:67:41:85:2e:5a:ea:0e:d5:07:01:d4:
6b:74:8d:83:0d:38:cb:b2:d4:57:3e:86:7f:0b:4d:74:a7:da:
2b:b2:10:13:a1:63:0e:87:43:9d:ab:72:cc:5f:dc:c5:cf:b0:
28:2b:3b:f1:e2:f2:bb:66:4e:f6:46:ac:d3:c1:ab:d6:19:f3:
60:06:2c:9f:21:a3:80:3b:6d:dc:2d:f8:b2:21:5f:71:70:37:
01:3c:44:68:2e:07:12:bd:21:0d:8e:3c:56:a0:b0:de:8c:3f:
6b:3b:09:b1:32:6c:47:c7:a6:1c:0a:ba:f5:d7:db:8e:68:bb:
12:2d:28:f4:ee:e8:45:63:67:d8:57:3a:29:28:88:99:e1:3f:
15:63:95:93:ac:cb:5a:31:70:dc:ee:4c:56:06:cd:04:df:4e:
34:59:02:b6
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjAx
NjU0NTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMwRDlDOUY3QjNFRDQ3
QTE0ODIwMjIzRDg1QjBFRTZBQzMxRjQ4RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr2A4LHHGfRVPqlmD0wCOFgdhU9mIQ0p5NnrK3qeq522yipgQl
KnuRG1FxaGvqLSWOPcOSijEqaxWpJR8Tigrqmxwu5sxvsWDbbEZJoMoBDmrQWJkf
TWYk3YDc8ExVHFsiwXA6efumaF8u9lqsKZmBhL6kYP13KbdFekTyevgn4sfBnpnD
ngk1ulkg4osh2QTN2A2yVJaxLMYAC2dKuDkJe0NzNmy2/nnJuM/vgwNz81NtB9UA
R03sP7a/1oUpbOLg+V4R5f6u777TBnStVj2trGr0oW4MMIHFFBSnXWhkC2rBMmOA
R7XWeLKj6S/icXXoMo48vcWxBdW5cJfeT0HDAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUMNnJ97PtR6FIICI9hbDuasMfSNIwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL01Obko5N1B0UjZGSUlD
STloYkR1YXNNZlNOSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKacGxsXEvgcpbWwRssYjy6v
J457+EurilwM5l0w+kQv9u/ZYw2eg8LWZT89IuN8Uw7aZx/KQnX0+ZlZ+y23nfo7
kjwUBUkeSEulpBRaCVDpQ20+7ddJnAD/g/Woe5Vg+6lnQYUuWuoO1QcB1Gt0jYMN
OMuy1Fc+hn8LTXSn2iuyEBOhYw6HQ52rcsxf3MXPsCgrO/Hi8rtmTvZGrNPBq9YZ
82AGLJ8ho4A7bdwt+LIhX3FwNwE8RGguBxK9IQ2OPFagsN6MP2s7CbEybEfHphwK
uvXX245ouxItKPTu6EVjZ9hXOikoiJnhPxVjlZOsy1oxcNzuTFYGzQTfTjRZArY=
-----END CERTIFICATE-----
Generated at Sun May 18 03:08:53 2025 by rpki-client