Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/gU4XDdpeAihssibX4G7e7pwWXi0.roa
File: gU4XDdpeAihssibX4G7e7pwWXi0.roa (raw, json)
Hash identifier: ZddMye+1WXlef70AkyKPzjOTS0P9YhFRFG2uHsRNrTw=
Subject key identifier: 81:4E:17:0D:DA:5E:02:28:6C:B2:26:D7:E0:6E:DE:EE:9C:16:5E:2D
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0BBA
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/gU4XDdpeAihssibX4G7e7pwWXi0.roa
Signing time: Mon 03 Feb 2025 19:55:41 +0000
ROA not before: Mon 03 Feb 2025 19:55:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3002 (0xbba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 3 19:55:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=814E170DDA5E02286CB226D7E06EDEEE9C165E2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c5:41:9e:f8:c2:c3:d9:ca:9b:76:79:a6:8e:
4b:3d:b5:2c:ff:75:72:83:68:2a:f1:38:3f:0e:25:
2f:db:de:32:fe:07:a3:4c:8e:4a:2b:9c:5e:c8:f1:
3c:f5:de:c6:f5:f8:e8:fb:0f:31:c5:3d:72:5b:b7:
34:fe:69:74:ae:2c:b4:d2:13:17:67:4c:3a:f1:ce:
cc:91:ee:0a:12:4a:33:43:ea:30:fb:4c:9e:74:78:
a4:43:74:7b:2e:b8:62:02:e7:25:65:e0:20:eb:b4:
01:5b:37:09:f7:e7:c3:b3:6b:b3:98:1d:a4:b9:26:
76:bf:2b:1e:7a:a8:12:55:c1:ee:0a:47:1c:b5:70:
32:46:0b:54:e1:ff:a7:72:9f:f6:94:c1:d2:37:63:
4e:6b:ac:38:e9:7b:f4:eb:de:26:4a:b1:1c:0a:06:
ff:4a:6c:ce:2c:db:12:ac:fd:df:fb:62:0d:9d:fe:
ec:3f:05:1f:25:7d:d6:a7:e6:65:36:7e:9a:68:92:
e8:42:9b:9c:d9:7a:0b:e9:fa:d8:84:6c:d3:88:eb:
6e:90:6e:d2:a1:db:62:16:f5:45:0f:fd:fe:cf:ec:
ce:4c:c9:a2:a3:39:45:3c:7a:94:cc:3c:94:0b:11:
54:59:84:fd:f7:8e:85:5b:b0:b8:02:fe:f3:88:4d:
c0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4E:17:0D:DA:5E:02:28:6C:B2:26:D7:E0:6E:DE:EE:9C:16:5E:2D
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/gU4XDdpeAihssibX4G7e7pwWXi0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
ab:20:49:0f:0c:3e:db:da:c6:6a:b1:fc:5c:3f:68:de:79:fe:
bf:a9:2c:7a:b9:03:1d:53:ad:1c:46:bc:b6:29:98:d2:8d:6d:
39:f2:68:7e:16:90:70:6a:77:99:61:46:fd:cc:c0:35:fe:86:
0a:f7:72:46:fa:f9:5f:77:6b:5e:da:10:90:c0:ce:0c:3d:32:
8b:6c:7f:bf:d7:b7:1b:6a:dd:74:92:9e:a2:b5:bd:6e:26:e7:
8f:02:09:6f:79:ca:88:a8:f8:41:28:e5:5c:15:c2:cd:92:ed:
86:de:8f:1d:80:67:0e:7f:eb:65:97:89:80:96:e1:60:b2:28:
ab:57:80:2a:04:29:ff:3f:00:d1:2b:7e:10:56:df:02:96:37:
28:61:4a:a8:85:8c:e1:09:ce:89:a5:ec:c8:56:7f:7c:9f:1a:
f1:01:49:57:21:9a:7a:92:62:56:7a:bc:0a:fa:eb:8b:96:9c:
95:51:4a:e7:44:fb:fa:c4:36:29:79:bf:2a:25:2f:dc:12:8e:
c5:5f:60:4d:b9:be:99:7a:a3:43:5d:e1:32:32:ca:ab:0a:49:
77:e5:2d:87:2f:7d:af:63:7d:4f:52:fd:0e:84:2e:ed:52:82:
d9:99:be:d3:32:10:2e:fe:f8:b9:8a:91:d3:b2:3f:66:91:11:
79:29:ca:7a
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDMx
OTU1NDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDgxNEUxNzBEREE1RTAy
Mjg2Q0IyMjZEN0UwNkVERUVFOUMxNjVFMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHxUGe+MLD2cqbdnmmjks9tSz/dXKDaCrxOD8OJS/b3jL+B6NM
jkornF7I8Tz13sb1+Oj7DzHFPXJbtzT+aXSuLLTSExdnTDrxzsyR7goSSjND6jD7
TJ50eKRDdHsuuGIC5yVl4CDrtAFbNwn358Oza7OYHaS5Jna/Kx56qBJVwe4KRxy1
cDJGC1Th/6dyn/aUwdI3Y05rrDjpe/Tr3iZKsRwKBv9KbM4s2xKs/d/7Yg2d/uw/
BR8lfdan5mU2fppokuhCm5zZegvp+tiEbNOI626QbtKh22IW9UUP/f7P7M5MyaKj
OUU8epTMPJQLEVRZhP33joVbsLgC/vOITcD/AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUgU4XDdpeAihssibX4G7e7pwWXi0wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2dVNFhEZHBlQWloc3Np
Ylg0RzdlN3B3V1hpMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKsgSQ8MPtvaxmqx/Fw/aN55
/r+pLHq5Ax1TrRxGvLYpmNKNbTnyaH4WkHBqd5lhRv3MwDX+hgr3ckb6+V93a17a
EJDAzgw9Motsf7/Xtxtq3XSSnqK1vW4m548CCW95yoio+EEo5VwVws2S7Ybejx2A
Zw5/62WXiYCW4WCyKKtXgCoEKf8/ANErfhBW3wKWNyhhSqiFjOEJzoml7MhWf3yf
GvEBSVchmnqSYlZ6vAr664uWnJVRSudE+/rENil5vyolL9wSjsVfYE25vpl6o0Nd
4TIyyqsKSXflLYcvfa9jfU9S/Q6ELu1SgtmZvtMyEC7++LmKkdOyP2aREXkpyno=
-----END CERTIFICATE-----
Generated at Sat May 17 22:37:22 2025 by rpki-client