Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/NxBKr3y0hLfPkv3KEBkgQWk4eP0.roa
File: NxBKr3y0hLfPkv3KEBkgQWk4eP0.roa (raw, json)
Hash identifier: 79HC38AODhbx1wti4/hyKJMyy+fiiCGylTVZO02amuo=
Subject key identifier: 37:10:4A:AF:7C:B4:84:B7:CF:92:FD:CA:10:19:20:41:69:38:78:FD
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 07D0
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NxBKr3y0hLfPkv3KEBkgQWk4eP0.roa
Signing time: Fri 24 Jan 2025 09:25:04 +0000
ROA not before: Fri 24 Jan 2025 09:25:04 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2000 (0x7d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 24 09:25:04 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=37104AAF7CB484B7CF92FDCA10192041693878FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:69:fe:df:c8:a8:0d:10:75:0f:9b:d0:42:bf:
35:dd:9d:97:6c:a9:b4:ef:a7:87:2a:42:34:7e:c6:
32:bb:91:83:f5:a6:42:1f:86:87:cf:1c:eb:f2:cd:
f0:f8:87:8e:e2:98:e9:cb:5b:d4:ed:6c:7b:7a:5d:
84:33:6b:0b:f3:a1:95:0e:f1:36:9e:37:86:85:1e:
a6:75:65:38:33:91:75:22:49:df:2b:ae:8b:69:d4:
60:c4:2b:f7:b4:e3:12:47:c5:97:b3:08:e5:62:c9:
e0:f8:ae:81:a1:26:5d:af:71:5f:ed:41:14:dd:0f:
b0:c4:ea:cf:6e:06:98:43:bd:b2:9a:60:7a:1e:62:
da:28:40:60:5a:ec:55:b1:79:00:3b:b9:73:85:77:
0b:6d:bf:26:c3:ba:34:cb:94:90:de:94:26:c5:29:
c4:9e:2f:f5:1e:a7:7d:1c:50:b5:10:7e:fa:95:df:
69:42:6c:00:eb:17:3b:fe:9a:c9:94:32:30:73:10:
6d:5a:3a:b1:75:03:da:99:29:2a:2f:97:49:a8:bf:
7e:42:9e:fc:75:93:30:8e:5a:08:21:75:7a:b5:16:
06:8a:c3:23:3a:9f:cc:c4:37:8f:93:84:31:b4:1f:
fc:d4:71:1e:d1:df:1b:8a:a5:84:63:cf:a2:c8:67:
61:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:10:4A:AF:7C:B4:84:B7:CF:92:FD:CA:10:19:20:41:69:38:78:FD
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/NxBKr3y0hLfPkv3KEBkgQWk4eP0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b3:f9:e7:77:c9:26:89:b3:a1:83:a1:ac:19:84:49:83:d6:a5:
02:23:26:d9:0e:e0:24:ab:a6:9c:fe:33:84:f7:60:2b:c9:67:
db:13:a7:e8:ff:89:58:5f:4d:92:5c:de:67:b2:a5:e9:33:88:
0b:ae:b8:58:40:f3:55:b2:32:ec:cc:d1:1d:49:d7:33:12:ee:
a9:ce:bc:ad:44:8f:f5:46:9b:e3:bc:1b:29:ba:94:f5:87:e9:
f5:4c:cc:88:7b:78:b2:d7:47:15:57:4b:0b:35:63:45:19:f3:
4b:6a:67:52:72:f9:e2:28:45:32:c5:6f:e7:09:b8:c9:b7:d6:
3d:21:cf:f5:41:f4:1a:43:c2:c4:cf:31:f1:e0:5c:6b:21:61:
04:22:4a:6c:8e:26:ad:79:eb:ae:8f:95:3b:24:7c:2b:c2:61:
6c:0a:52:49:12:66:57:6d:81:c2:2b:80:46:1c:93:4b:f5:27:
8e:cb:0d:0b:08:9b:2d:2f:f5:b7:37:6a:6e:a9:78:d1:4a:e2:
de:ba:42:be:67:3b:7f:13:53:7b:93:a6:ed:1c:c4:92:23:18:
ca:7a:98:46:3b:d2:ed:ad:7d:b2:e8:21:f5:2e:0c:ab:37:70:
81:4b:b7:04:bb:1c:50:3c:ed:fb:a5:17:bf:88:22:0f:8a:41:
07:1a:c0:cd
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB9AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjQw
OTI1MDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM3MTA0QUFGN0NCNDg0
QjdDRjkyRkRDQTEwMTkyMDQxNjkzODc4RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPaf7fyKgNEHUPm9BCvzXdnZdsqbTvp4cqQjR+xjK7kYP1pkIf
hofPHOvyzfD4h47imOnLW9TtbHt6XYQzawvzoZUO8TaeN4aFHqZ1ZTgzkXUiSd8r
rotp1GDEK/e04xJHxZezCOViyeD4roGhJl2vcV/tQRTdD7DE6s9uBphDvbKaYHoe
YtooQGBa7FWxeQA7uXOFdwttvybDujTLlJDelCbFKcSeL/Uep30cULUQfvqV32lC
bADrFzv+msmUMjBzEG1aOrF1A9qZKSovl0mov35Cnvx1kzCOWgghdXq1FgaKwyM6
n8zEN4+ThDG0H/zUcR7R3xuKpYRjz6LIZ2GNAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUNxBKr3y0hLfPkv3KEBkgQWk4eP0wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL054QktyM3kwaExmUGt2
M0tFQmtnUVdrNGVQMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBALP553fJJomzoYOhrBmESYPW
pQIjJtkO4CSrppz+M4T3YCvJZ9sTp+j/iVhfTZJc3meypekziAuuuFhA81WyMuzM
0R1J1zMS7qnOvK1Ej/VGm+O8Gym6lPWH6fVMzIh7eLLXRxVXSws1Y0UZ80tqZ1Jy
+eIoRTLFb+cJuMm31j0hz/VB9BpDwsTPMfHgXGshYQQiSmyOJq15666PlTskfCvC
YWwKUkkSZldtgcIrgEYck0v1J47LDQsImy0v9bc3am6peNFK4t66Qr5nO38TU3uT
pu0cxJIjGMp6mEY70u2tfbLoIfUuDKs3cIFLtwS7HFA87fulF7+IIg+KQQcawM0=
-----END CERTIFICATE-----
Generated at Sat May 17 21:27:07 2025 by rpki-client