Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/kBs9DZjqUmu1afE88qbTMbKwluQ.roa
File: kBs9DZjqUmu1afE88qbTMbKwluQ.roa (raw, json)
Hash identifier: h9TaTAjqaIrs6XZN3WuwUU5vzLSa7cMYApGRpSM+0d0=
Subject key identifier: 90:1B:3D:0D:98:EA:52:6B:B5:69:F1:3C:F2:A6:D3:31:B2:B0:96:E4
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0760
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kBs9DZjqUmu1afE88qbTMbKwluQ.roa
Signing time: Thu 23 Jan 2025 05:25:01 +0000
ROA not before: Thu 23 Jan 2025 05:25:01 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1888 (0x760)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 23 05:25:01 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=901B3D0D98EA526BB569F13CF2A6D331B2B096E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d1:6b:14:12:8e:28:da:bc:89:e9:98:d8:a3:
11:d8:a6:db:1e:5f:36:be:20:cc:78:a2:8d:bf:c5:
d4:0f:f1:5c:be:d2:1c:11:ff:a3:5c:fd:ac:79:d9:
9c:ee:b8:6d:2a:58:02:a7:76:f8:4f:b2:6e:09:42:
d5:02:c1:1f:ed:ed:2b:83:3b:84:00:fc:2b:31:dc:
16:38:80:fe:32:c9:f5:9f:8e:79:67:6b:27:a6:28:
0a:e6:43:b3:c8:ff:8c:7f:7a:58:ff:e5:82:84:59:
b8:12:e8:a8:f8:38:05:b0:7b:d0:cf:43:c2:cd:d1:
e5:41:52:b0:6b:d4:1e:52:e1:58:a6:d4:78:2f:46:
a1:6f:1b:83:e5:55:28:6e:5c:4f:ef:2c:78:82:75:
7b:1a:a3:0b:62:4a:73:0e:46:eb:c5:6c:b7:88:b2:
4d:57:82:61:55:82:36:38:2e:9e:a3:bb:8a:4c:dc:
a4:1f:d1:c6:00:ab:0b:d9:63:c7:40:19:20:36:e1:
42:e6:4c:56:97:2a:18:b8:36:37:6a:56:ef:70:b1:
49:fd:78:ca:31:87:e8:e0:b0:7f:08:93:b5:ca:f0:
4b:5d:9e:4a:6b:e7:f5:79:48:f0:2f:81:d4:4a:02:
0c:74:21:67:ac:d7:3a:8d:e9:99:0e:66:de:28:57:
16:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1B:3D:0D:98:EA:52:6B:B5:69:F1:3C:F2:A6:D3:31:B2:B0:96:E4
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kBs9DZjqUmu1afE88qbTMbKwluQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
84:7d:a3:17:f3:f6:98:4d:8a:ce:c0:07:a4:e9:2e:3b:92:1c:
e1:5d:f2:5e:a6:04:35:21:3e:61:92:41:65:07:fe:59:fb:93:
bc:42:2d:2a:1a:4e:62:85:43:fe:f2:f8:1f:2d:09:46:ea:bd:
7d:ab:74:28:55:3f:fa:f7:bf:fa:8a:f9:24:91:35:a4:c9:6c:
96:31:ae:15:a9:20:9b:a4:21:5a:ac:9a:66:07:2a:a3:ec:9e:
b4:fa:06:49:04:85:81:08:8b:f6:b6:a3:f7:94:50:81:d4:50:
51:89:79:02:86:e1:50:f7:ca:60:00:52:43:e4:31:8f:34:f4:
a3:60:cf:fa:64:0b:91:94:54:f4:86:fc:c9:dd:89:99:cd:57:
b2:13:66:4b:4c:4e:0a:da:a1:c5:fe:b2:38:df:15:7d:07:f8:
46:8b:47:1e:7c:12:50:7d:03:0e:eb:90:d8:f4:9f:da:01:44:
dc:06:0f:78:d2:f4:4d:43:8d:8b:e1:be:dc:bb:50:e4:c5:e2:
5b:2c:69:08:14:4c:db:3b:f8:09:df:70:5a:06:c0:0e:43:84:
1e:85:4d:e9:91:16:f5:c8:13:9d:ae:92:ed:8a:68:3a:ae:a1:
01:2d:d4:d1:09:df:ab:bd:94:4c:8c:a1:a4:c8:23:20:4a:a0:
c9:22:12:ea
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjMw
NTI1MDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkwMUIzRDBEOThFQTUy
NkJCNTY5RjEzQ0YyQTZEMzMxQjJCMDk2RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa0WsUEo4o2ryJ6ZjYoxHYptseXza+IMx4oo2/xdQP8Vy+0hwR
/6Nc/ax52ZzuuG0qWAKndvhPsm4JQtUCwR/t7SuDO4QA/Csx3BY4gP4yyfWfjnln
ayemKArmQ7PI/4x/elj/5YKEWbgS6Kj4OAWwe9DPQ8LN0eVBUrBr1B5S4Vim1Hgv
RqFvG4PlVShuXE/vLHiCdXsaowtiSnMORuvFbLeIsk1XgmFVgjY4Lp6ju4pM3KQf
0cYAqwvZY8dAGSA24ULmTFaXKhi4NjdqVu9wsUn9eMoxh+jgsH8Ik7XK8Etdnkpr
5/V5SPAvgdRKAgx0IWes1zqN6ZkOZt4oVxYDAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUkBs9DZjqUmu1afE88qbTMbKwluQwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2tCczlEWmpxVW11MWFm
RTg4cWJUTWJLd2x1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIR9oxfz9phNis7AB6TpLjuS
HOFd8l6mBDUhPmGSQWUH/ln7k7xCLSoaTmKFQ/7y+B8tCUbqvX2rdChVP/r3v/qK
+SSRNaTJbJYxrhWpIJukIVqsmmYHKqPsnrT6BkkEhYEIi/a2o/eUUIHUUFGJeQKG
4VD3ymAAUkPkMY809KNgz/pkC5GUVPSG/MndiZnNV7ITZktMTgraocX+sjjfFX0H
+EaLRx58ElB9Aw7rkNj0n9oBRNwGD3jS9E1DjYvhvty7UOTF4lssaQgUTNs7+Anf
cFoGwA5DhB6FTemRFvXIE52uku2KaDquoQEt1NEJ36u9lEyMoaTIIyBKoMkiEuo=
Generated at Thu Jan 23 12:38:42 2025 by rpki-client on console.sobornost.net