Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/ON9YpDYCED1VeSL7N6A0os3unuU.roa
File: ON9YpDYCED1VeSL7N6A0os3unuU.roa (raw, json)
Hash identifier: HChErX3IWN7K/sP7Oza8grfUxJG1ZDn9rtf/wqCSIsQ=
Subject key identifier: 38:DF:58:A4:36:02:10:3D:55:79:22:FB:37:A0:34:A2:CD:EE:9E:E5
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0AA4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ON9YpDYCED1VeSL7N6A0os3unuU.roa
Signing time: Fri 31 Jan 2025 22:25:33 +0000
ROA not before: Fri 31 Jan 2025 22:25:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2724 (0xaa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 31 22:25:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=38DF58A43602103D557922FB37A034A2CDEE9EE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:99:ec:e8:6e:1d:10:c2:98:4b:6c:23:ca:8a:
2a:a0:d7:de:b7:96:f1:5c:1d:91:0d:17:81:e1:0e:
f7:fd:e1:27:d6:56:df:90:7e:4a:71:51:a6:8b:0a:
b3:2e:84:12:0d:b3:e1:9d:bc:51:8e:b1:a9:5e:b3:
00:de:78:a9:43:5f:22:01:b4:c1:b2:ec:94:d5:0a:
a2:8e:70:d7:87:72:78:81:b1:af:79:c1:df:41:a4:
51:e1:ec:0a:35:23:04:a7:39:19:2f:30:1f:0c:2c:
a8:e6:73:34:b1:2f:2d:bc:45:ae:43:1f:ae:df:91:
57:76:e4:11:84:c2:ef:d2:d6:9c:9a:53:c7:07:09:
d0:83:7e:8c:2d:b0:d4:d1:22:48:b5:b6:7c:af:37:
78:11:c6:d0:5b:04:7e:6f:96:c7:1f:88:8e:25:24:
15:7f:3b:d1:13:d4:e1:ca:5b:bf:0f:05:a5:b4:1a:
c3:44:0b:6a:d4:e5:de:16:fa:5e:a6:f6:4d:04:02:
97:42:f2:1c:f7:b3:1b:28:84:e0:cd:db:b3:c8:3b:
35:19:22:c0:43:3c:1b:59:3d:7b:fb:0b:c1:19:cb:
a1:be:74:dc:28:29:a5:45:c2:86:83:d8:b0:0b:86:
bd:f6:84:23:50:6d:86:ec:54:73:92:ee:d0:d8:cf:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DF:58:A4:36:02:10:3D:55:79:22:FB:37:A0:34:A2:CD:EE:9E:E5
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ON9YpDYCED1VeSL7N6A0os3unuU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
13:60:94:a0:5e:3c:fd:92:0b:81:d7:7c:bd:b4:8e:6b:c1:e0:
f1:a5:d0:32:24:31:5d:a5:85:0c:b3:18:78:df:05:5e:7e:1d:
c9:91:01:d4:5a:b9:f8:a1:c5:ca:6c:30:5e:66:10:17:b0:d2:
35:a4:bc:d1:36:46:ec:c7:d1:0c:e8:02:5d:c3:a9:40:2c:83:
1c:9a:0f:f0:ba:28:b0:2f:f2:be:d1:9c:fe:1a:8b:ac:f3:6b:
12:56:05:91:1a:61:94:f2:f1:01:9d:34:9e:6f:7a:73:87:b0:
bf:73:0c:1f:f4:ec:d0:9e:87:ec:2d:c4:0a:34:f8:50:70:9c:
78:e4:52:c2:71:de:53:75:a2:a8:ef:f5:29:bc:9d:99:e4:88:
32:96:35:ff:a8:73:40:97:de:26:27:79:0e:a1:b2:4a:aa:79:
22:3b:ac:15:bb:ae:d1:e2:61:da:8e:c7:d7:72:b7:f7:49:70:
71:38:90:17:9b:31:d5:db:db:b3:ce:7b:50:75:25:78:ca:cb:
b2:79:9e:fc:d8:65:0b:f1:47:f9:a9:7c:b8:5e:69:e7:49:6b:
cc:33:cc:d9:3f:81:b0:d6:f4:b1:ee:b6:8a:39:0a:ee:bf:e5:
a8:ee:a5:fe:29:dd:84:e3:ee:5c:11:df:d3:f1:af:58:3c:4f:
1c:8c:4e:a4
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMzEy
MjI1MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM4REY1OEE0MzYwMjEw
M0Q1NTc5MjJGQjM3QTAzNEEyQ0RFRTlFRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxmezobh0QwphLbCPKiiqg1963lvFcHZENF4HhDvf94SfWVt+Q
fkpxUaaLCrMuhBINs+GdvFGOsaleswDeeKlDXyIBtMGy7JTVCqKOcNeHcniBsa95
wd9BpFHh7Ao1IwSnORkvMB8MLKjmczSxLy28Ra5DH67fkVd25BGEwu/S1pyaU8cH
CdCDfowtsNTRIki1tnyvN3gRxtBbBH5vlscfiI4lJBV/O9ET1OHKW78PBaW0GsNE
C2rU5d4W+l6m9k0EApdC8hz3sxsohODN27PIOzUZIsBDPBtZPXv7C8EZy6G+dNwo
KaVFwoaD2LALhr32hCNQbYbsVHOS7tDYzy1dAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUON9YpDYCED1VeSL7N6A0os3unuUwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL09OOVlwRFlDRUQxVmVT
TDdONkEwb3MzdW51VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBABNglKBePP2SC4HXfL20jmvB
4PGl0DIkMV2lhQyzGHjfBV5+HcmRAdRaufihxcpsMF5mEBew0jWkvNE2RuzH0Qzo
Al3DqUAsgxyaD/C6KLAv8r7RnP4ai6zzaxJWBZEaYZTy8QGdNJ5venOHsL9zDB/0
7NCeh+wtxAo0+FBwnHjkUsJx3lN1oqjv9Sm8nZnkiDKWNf+oc0CX3iYneQ6hskqq
eSI7rBW7rtHiYdqOx9dyt/dJcHE4kBebMdXb27POe1B1JXjKy7J5nvzYZQvxR/mp
fLheaedJa8wzzNk/gbDW9LHutoo5Cu6/5ajupf4p3YTj7lwR39Pxr1g8TxyMTqQ=
-----END CERTIFICATE-----
Generated at Sun May 18 02:00:42 2025 by rpki-client