Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/NTzclSBvV413PFP_xYqIErKSC3E.roa
File: NTzclSBvV413PFP_xYqIErKSC3E.roa (raw, json)
Hash identifier: Z37QckPCOYhYeOl40BlMYzZniM+EPjEJNO52Ci5Z1Lw=
Subject key identifier: 35:3C:DC:95:20:6F:57:8D:77:3C:53:FF:C5:8A:88:12:B2:92:0B:71
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CC8
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NTzclSBvV413PFP_xYqIErKSC3E.roa
Signing time: Thu 06 Feb 2025 15:25:45 +0000
ROA not before: Thu 06 Feb 2025 15:25:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3272 (0xcc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 15:25:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=353CDC95206F578D773C53FFC58A8812B2920B71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fb:1f:ad:71:31:e6:ec:9e:da:4f:c1:78:67:
12:17:56:f9:45:9c:f9:59:eb:88:3e:98:cf:4c:aa:
f1:ee:6f:50:df:84:71:14:b6:d1:87:e8:b6:b8:6c:
18:a4:3c:95:20:99:e0:83:12:f6:41:29:d8:06:69:
0e:59:0e:06:ab:eb:8c:51:ff:56:a2:dd:cc:26:a1:
8f:b9:1b:02:44:43:0b:f6:7d:3f:6b:20:3a:e4:81:
83:40:2f:41:f2:fe:9f:f3:ed:61:a4:da:74:a7:51:
91:d7:cf:dd:1f:1b:c0:04:c0:2f:17:eb:f2:15:49:
29:1b:fc:15:53:9d:8a:21:06:7a:99:56:af:b1:5b:
f7:23:10:06:04:f2:11:87:a8:9d:fe:fa:bf:36:95:
8a:e2:c3:f0:15:8a:0a:ce:da:fa:a7:e0:8a:43:a6:
cd:8c:7e:f1:c0:92:a5:ff:f9:f9:40:c8:03:36:0d:
f9:35:6e:ab:ac:6f:ee:4e:34:62:7d:7a:b5:2a:0d:
18:8d:c7:b2:74:ef:ed:4b:4e:0f:d8:1f:74:73:97:
07:83:51:ea:0f:0a:c6:8a:a5:86:ba:ed:6a:27:b2:
a9:a5:5f:e0:3b:e5:42:ff:7a:7e:0e:47:d4:b8:aa:
0b:7e:44:c5:8c:4f:d6:8c:29:19:be:74:98:cb:fb:
f7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3C:DC:95:20:6F:57:8D:77:3C:53:FF:C5:8A:88:12:B2:92:0B:71
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NTzclSBvV413PFP_xYqIErKSC3E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
20:52:8e:04:36:8a:d8:4b:2f:48:de:87:5c:84:31:b3:78:5a:
79:0b:cd:9a:cc:74:9b:62:46:80:96:46:38:17:76:96:0f:47:
25:e2:c9:78:a1:49:97:a0:ab:ad:d9:89:ba:f8:1a:05:42:8c:
e3:24:a6:b7:9c:56:39:fb:cd:fa:c1:dc:a2:04:3d:27:70:3c:
a2:16:00:9d:88:e7:15:9a:09:bc:59:49:d7:e6:83:98:03:df:
6a:dd:4b:42:ec:78:f4:c4:5b:99:6b:40:bd:78:a2:c9:e9:96:
ce:93:ab:6d:d3:c6:e5:75:e4:91:c7:d1:78:77:34:b8:dc:4b:
5e:83:07:61:bc:ef:19:37:53:b3:a1:99:10:ab:38:ec:e0:ee:
d0:d5:98:96:8a:66:9c:b6:4b:9f:63:26:64:d6:da:17:51:cf:
a1:cb:29:21:45:67:83:a4:c6:b3:71:cc:bf:c7:63:ef:58:5d:
fb:00:d3:7f:8a:3c:f1:b3:b7:96:66:2e:43:1b:bf:b4:0c:e8:
76:5e:95:d9:0c:58:44:2b:ea:b2:df:75:9f:39:d6:e9:a6:36:
3e:ef:15:d6:b7:7d:4d:53:cd:e2:65:f6:99:9d:da:6f:53:87:
f0:26:d8:b2:6b:f6:a6:7d:12:15:8f:f3:ca:13:dc:74:fe:1d:
a8:08:e8:7c
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDMgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYx
NTI1NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM1M0NEQzk1MjA2RjU3
OEQ3NzNDNTNGRkM1OEE4ODEyQjI5MjBCNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4+x+tcTHm7J7aT8F4ZxIXVvlFnPlZ64g+mM9MqvHub1DfhHEU
ttGH6La4bBikPJUgmeCDEvZBKdgGaQ5ZDgar64xR/1ai3cwmoY+5GwJEQwv2fT9r
IDrkgYNAL0Hy/p/z7WGk2nSnUZHXz90fG8AEwC8X6/IVSSkb/BVTnYohBnqZVq+x
W/cjEAYE8hGHqJ3++r82lYriw/AVigrO2vqn4IpDps2MfvHAkqX/+flAyAM2Dfk1
bqusb+5ONGJ9erUqDRiNx7J07+1LTg/YH3RzlweDUeoPCsaKpYa67WonsqmlX+A7
5UL/en4OR9S4qgt+RMWMT9aMKRm+dJjL+/ddAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUNTzclSBvV413PFP/xYqIErKSC3EwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL05UemNsU0J2VjQxM1BG
UF94WXFJRXJLU0MzRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBACBSjgQ2ithLL0jeh1yEMbN4
WnkLzZrMdJtiRoCWRjgXdpYPRyXiyXihSZegq63Zibr4GgVCjOMkprecVjn7zfrB
3KIEPSdwPKIWAJ2I5xWaCbxZSdfmg5gD32rdS0LsePTEW5lrQL14osnpls6Tq23T
xuV15JHH0Xh3NLjcS16DB2G87xk3U7OhmRCrOOzg7tDVmJaKZpy2S59jJmTW2hdR
z6HLKSFFZ4OkxrNxzL/HY+9YXfsA03+KPPGzt5ZmLkMbv7QM6HZeldkMWEQr6rLf
dZ851ummNj7vFda3fU1TzeJl9pmd2m9Th/Am2LJr9qZ9EhWP88oT3HT+HagI6Hw=
-----END CERTIFICATE-----
Generated at Sat May 17 19:36:47 2025 by rpki-client