Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/T2hO37pTqo-m51GWaQDYZdN8w84.roa
File: T2hO37pTqo-m51GWaQDYZdN8w84.roa (raw, json)
Hash identifier: zko/xG4sr/KyAzGg9X4xAUV8rP2UCPSZ9ZIitEGuC/I=
Subject key identifier: 4F:68:4E:DF:BA:53:AA:8F:A6:E7:51:96:69:00:D8:65:D3:7C:C3:CE
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0C48
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/T2hO37pTqo-m51GWaQDYZdN8w84.roa
Signing time: Wed 05 Feb 2025 07:27:02 +0000
ROA not before: Wed 05 Feb 2025 07:27:02 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3144 (0xc48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 5 07:27:02 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=4F684EDFBA53AA8FA6E751966900D865D37CC3CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:29:b6:b5:4d:8b:be:29:18:f4:f3:56:4d:8e:
1f:a5:37:6d:57:73:b5:30:8d:ab:c9:a9:3a:c7:50:
a7:3f:49:6f:39:4a:8d:73:3d:d6:1d:e8:7e:17:e0:
01:ca:4f:df:00:86:58:9f:f9:ac:86:5d:f4:99:c7:
fc:13:cd:86:c5:b9:cb:5c:e3:a9:c7:dc:35:eb:04:
b6:5e:fd:aa:c6:a9:b1:7e:47:0a:f3:ee:8e:e9:54:
11:e5:6e:3f:b8:cd:23:e0:87:02:74:7d:3f:c5:18:
cb:db:41:02:d4:e8:16:76:02:7c:2d:58:d6:64:23:
ce:09:b7:56:e4:3d:ab:8a:eb:9d:de:3b:d6:bc:d2:
53:86:e6:31:03:8a:f2:41:db:27:5e:30:99:c0:88:
d0:22:98:9e:01:7d:15:bd:f3:1a:33:ed:70:62:38:
cf:55:29:76:1b:9b:ec:01:ec:82:b7:37:ed:14:21:
1c:79:38:d4:91:fc:0f:f4:37:ae:c0:33:ea:2a:80:
33:a5:c5:ce:5a:ae:6e:9e:64:49:2f:47:31:ba:48:
a0:57:cc:d5:94:b9:f9:d4:54:0e:52:6e:a0:0a:c5:
1e:22:32:25:c0:d6:ca:df:5c:54:a2:0e:b3:df:79:
c4:f9:67:8f:82:a0:b9:ca:a3:0d:3d:0e:70:02:b1:
94:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:68:4E:DF:BA:53:AA:8F:A6:E7:51:96:69:00:D8:65:D3:7C:C3:CE
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/T2hO37pTqo-m51GWaQDYZdN8w84.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
28:23:42:da:8d:d9:b3:b0:d3:bd:27:b4:2c:7f:3e:2b:74:3d:
2f:c1:48:4d:44:12:43:91:2a:72:9e:01:42:0e:e5:0d:20:67:
f1:5f:50:06:7e:d7:a6:91:f1:ca:92:43:5e:a3:4a:0c:0f:7f:
af:6d:27:77:55:ac:65:74:2a:d6:06:a2:78:2c:83:49:5c:57:
2e:3a:78:38:3b:21:28:e6:5f:5a:76:c5:2d:e6:71:47:31:c2:
6e:3f:0e:59:b0:e2:05:b0:aa:3e:e4:35:15:21:d3:5f:8f:d6:
c3:0e:31:f0:0b:4d:82:64:43:73:af:40:64:4c:c5:47:a6:d0:
4b:25:40:e7:2b:71:d8:ad:b7:12:33:1c:7d:a4:5b:ef:2f:bb:
38:bb:e1:bd:03:d6:17:95:cc:38:3f:00:25:33:16:19:2f:63:
cc:fb:a3:3b:7b:53:4e:0e:ba:a0:92:2b:3d:8f:96:c8:0e:66:
1f:4a:a9:31:4c:0c:fe:a7:4a:51:65:91:25:59:5f:cc:96:28:
0f:ae:2a:66:e8:3d:46:2c:e5:34:b8:69:4d:81:ec:4a:a6:80:
99:e7:87:f6:cf:ba:af:21:19:0b:fa:21:16:30:4f:50:ea:4b:
81:a5:bd:97:6f:74:ef:90:0f:34:f4:74:bf:29:9d:36:54:1a:
bf:f9:1f:09
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDEgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDUw
NzI3MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRGNjg0RURGQkE1M0FB
OEZBNkU3NTE5NjY5MDBEODY1RDM3Q0MzQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5Kba1TYu+KRj081ZNjh+lN21Xc7UwjavJqTrHUKc/SW85So1z
PdYd6H4X4AHKT98Ahlif+ayGXfSZx/wTzYbFuctc46nH3DXrBLZe/arGqbF+Rwrz
7o7pVBHlbj+4zSPghwJ0fT/FGMvbQQLU6BZ2AnwtWNZkI84Jt1bkPauK653eO9a8
0lOG5jEDivJB2ydeMJnAiNAimJ4BfRW98xoz7XBiOM9VKXYbm+wB7IK3N+0UIRx5
ONSR/A/0N67AM+oqgDOlxc5arm6eZEkvRzG6SKBXzNWUufnUVA5SbqAKxR4iMiXA
1srfXFSiDrPfecT5Z4+CoLnKow09DnACsZSTAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUT2hO37pTqo+m51GWaQDYZdN8w84wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1QyaE8zN3BUcW8tbTUx
R1dhUURZWmROOHc4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBACgjQtqN2bOw070ntCx/Pit0
PS/BSE1EEkORKnKeAUIO5Q0gZ/FfUAZ+16aR8cqSQ16jSgwPf69tJ3dVrGV0KtYG
ongsg0lcVy46eDg7ISjmX1p2xS3mcUcxwm4/Dlmw4gWwqj7kNRUh01+P1sMOMfAL
TYJkQ3OvQGRMxUem0EslQOcrcdittxIzHH2kW+8vuzi74b0D1heVzDg/ACUzFhkv
Y8z7ozt7U04OuqCSKz2PlsgOZh9KqTFMDP6nSlFlkSVZX8yWKA+uKmboPUYs5TS4
aU2B7EqmgJnnh/bPuq8hGQv6IRYwT1DqS4GlvZdvdO+QDzT0dL8pnTZUGr/5Hwk=
-----END CERTIFICATE-----
Generated at Mon May 19 06:55:31 2025 by rpki-client