Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/johJNTUyyIvar2Sa2khhj8CVs-A.roa
File: johJNTUyyIvar2Sa2khhj8CVs-A.roa (raw, json)
Hash identifier: YTsOmF86hZGhuuh8vd/rSKBLIaHrBpnV//RGQbsajpM=
Subject key identifier: 8E:88:49:35:35:32:C8:8B:DA:AF:64:9A:DA:48:61:8F:C0:95:B3:E0
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0AEC
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/johJNTUyyIvar2Sa2khhj8CVs-A.roa
Signing time: Sat 01 Feb 2025 16:25:33 +0000
ROA not before: Sat 01 Feb 2025 16:25:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2796 (0xaec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 1 16:25:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8E8849353532C88BDAAF649ADA48618FC095B3E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:fd:b5:50:81:91:e4:b7:db:3d:f8:a7:22:
73:8e:9a:58:51:45:8d:87:69:97:37:ac:69:d0:e4:
92:b5:20:c6:89:9a:2a:d4:e9:90:ce:f5:44:55:2f:
91:f6:f9:3b:9e:73:89:02:98:72:fd:03:b3:6e:ba:
c8:b0:b1:de:3d:07:1c:43:0c:27:5f:b9:2b:24:05:
4d:d0:c3:a8:1b:e3:2d:11:cb:fc:e9:8d:8d:1c:3c:
b8:aa:07:0c:7c:8f:f3:e8:5b:25:2f:ce:2d:a1:6b:
41:46:59:e5:e2:37:77:46:a6:0e:87:ff:31:a2:0d:
be:00:ab:a0:94:4a:ab:37:9f:0b:23:ff:3c:07:51:
a5:2c:07:92:15:fb:26:33:80:10:ae:c7:4c:1a:bc:
86:32:1f:d1:97:e9:06:92:6a:e2:96:1f:b8:81:29:
42:b2:8b:42:f3:f7:e0:de:a3:44:49:b4:a7:ee:6b:
a8:39:14:73:01:01:e2:54:04:a3:af:34:33:3f:3b:
5d:d6:d3:ea:e6:f1:aa:67:ca:60:45:30:58:e3:e5:
d6:3d:c9:ae:a7:00:a3:b1:f7:d8:ad:56:23:6f:b9:
d8:eb:09:42:0f:1a:ea:96:d8:4b:cd:f0:2d:01:49:
46:20:70:ef:0a:1f:d1:e6:89:90:29:c8:65:e0:31:
3f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:88:49:35:35:32:C8:8B:DA:AF:64:9A:DA:48:61:8F:C0:95:B3:E0
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/johJNTUyyIvar2Sa2khhj8CVs-A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
64:36:2a:4b:e6:bd:1e:79:7c:5f:c1:a5:a7:a3:23:b9:8a:cc:
4a:c7:56:74:dc:5c:8c:d2:eb:b3:34:28:64:41:fc:ae:ba:96:
98:3e:9a:44:34:8e:87:48:c7:2e:72:a2:2b:f3:62:7c:f5:19:
ee:ac:f8:69:bc:ca:c4:62:24:d3:67:8e:27:2a:fe:7a:04:db:
e5:79:17:69:83:0a:ea:df:bc:3d:da:4f:94:d8:a8:89:ed:91:
6e:57:26:2c:d0:cd:0f:b1:0a:a8:ce:0e:4a:57:93:1f:4c:db:
92:97:44:32:8e:e5:ba:05:0c:e9:cf:e3:e0:7e:6e:69:4d:d8:
26:1c:1b:e1:2d:e6:74:31:56:18:a6:49:cb:33:63:41:67:a8:
60:b0:d5:91:e3:f3:10:1e:4a:1d:a6:09:cc:d8:db:32:cb:55:
97:3e:0d:94:31:7e:c3:9a:c7:60:44:0d:da:6b:9d:87:33:bb:
76:84:1b:f9:31:a5:f0:f3:c6:9e:8f:f4:67:63:8b:59:1d:2b:
74:dd:47:7e:f0:22:e8:d2:d3:d9:42:0f:b5:9b:ac:d4:81:71:
5a:fa:ee:ab:7c:e5:9c:0a:94:89:2a:5e:ab:e7:2a:ae:8f:cb:
d0:1f:63:c5:72:9d:06:b5:d2:78:ae:0a:70:ff:f8:8a:e4:fe:
65:72:7e:bd
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCuwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDEx
NjI1MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhFODg0OTM1MzUzMkM4
OEJEQUFGNjQ5QURBNDg2MThGQzA5NUIzRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Sf21UIGR5LfbPfinInOOmlhRRY2HaZc3rGnQ5JK1IMaJmirU
6ZDO9URVL5H2+Tuec4kCmHL9A7Nuusiwsd49BxxDDCdfuSskBU3Qw6gb4y0Ry/zp
jY0cPLiqBwx8j/PoWyUvzi2ha0FGWeXiN3dGpg6H/zGiDb4Aq6CUSqs3nwsj/zwH
UaUsB5IV+yYzgBCux0wavIYyH9GX6QaSauKWH7iBKUKyi0Lz9+Deo0RJtKfua6g5
FHMBAeJUBKOvNDM/O13W0+rm8apnymBFMFjj5dY9ya6nAKOx99itViNvudjrCUIP
GuqW2EvN8C0BSUYgcO8KH9HmiZApyGXgMT8pAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUjohJNTUyyIvar2Sa2khhj8CVs+AwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2pvaEpOVFV5eUl2YXIy
U2Eya2hoajhDVnMtQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGQ2KkvmvR55fF/BpaejI7mK
zErHVnTcXIzS67M0KGRB/K66lpg+mkQ0jodIxy5yoivzYnz1Ge6s+Gm8ysRiJNNn
jicq/noE2+V5F2mDCurfvD3aT5TYqIntkW5XJizQzQ+xCqjODkpXkx9M25KXRDKO
5boFDOnP4+B+bmlN2CYcG+Et5nQxVhimScszY0FnqGCw1ZHj8xAeSh2mCczY2zLL
VZc+DZQxfsOax2BEDdprnYczu3aEG/kxpfDzxp6P9Gdji1kdK3TdR37wIujS09lC
D7WbrNSBcVr67qt85ZwKlIkqXqvnKq6Py9AfY8VynQa10niuCnD/+Irk/mVyfr0=
-----END CERTIFICATE-----
Generated at Sat May 17 19:59:43 2025 by rpki-client