Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/HMrfSTjriP6gzVLO985jBPcJnBs.roa
File: HMrfSTjriP6gzVLO985jBPcJnBs.roa (raw, json)
Hash identifier: lGZp+aExPlLRJfyYU6Y0nyAccuEMEdkj17WwhI01Ie8=
Subject key identifier: 1C:CA:DF:49:38:EB:88:FE:A0:CD:52:CE:F7:CE:63:04:F7:09:9C:1B
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0770
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/HMrfSTjriP6gzVLO985jBPcJnBs.roa
Signing time: Thu 23 Jan 2025 09:25:31 +0000
ROA not before: Thu 23 Jan 2025 09:25:31 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1904 (0x770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 23 09:25:31 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1CCADF4938EB88FEA0CD52CEF7CE6304F7099C1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8b:90:b5:76:5f:91:14:9a:de:9d:73:0b:39:
d2:be:a1:d7:4c:b4:b7:82:7a:db:d7:da:fd:ae:78:
76:6c:c6:eb:75:70:fc:20:d4:d6:be:e5:80:ad:ef:
ac:a5:4f:0b:85:1e:db:ce:db:e5:39:3b:65:fa:4a:
b6:b7:da:95:b2:a1:3b:06:f4:5f:05:77:9a:e5:cd:
6d:73:65:27:71:20:e8:ee:21:fa:a1:9c:da:6a:d1:
49:2a:60:1d:85:e3:a0:92:02:6a:e7:25:c8:b6:6b:
94:1c:c0:8b:e4:3a:65:c8:03:94:ac:c7:e4:82:74:
df:93:da:f0:8f:19:b1:d2:39:82:ea:53:7f:17:be:
43:9b:4e:ba:9f:23:86:b7:21:ec:3c:25:2f:37:3f:
03:d8:15:3b:55:0d:f1:36:83:18:96:e3:34:6b:94:
18:5a:95:bb:b0:46:56:13:a9:87:83:ba:d6:5d:3f:
81:37:11:51:0c:da:cc:64:6f:19:0b:ad:bb:31:ea:
f1:7a:68:a1:e5:2d:37:26:27:7f:4c:49:0c:11:61:
67:f3:06:51:7f:e1:be:e2:a3:60:25:2d:52:c2:e3:
de:aa:86:3c:e6:ef:cb:ca:be:c0:b2:af:f1:79:de:
6a:62:7b:66:7b:1e:6e:88:51:4a:93:65:1b:33:40:
84:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CA:DF:49:38:EB:88:FE:A0:CD:52:CE:F7:CE:63:04:F7:09:9C:1B
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/HMrfSTjriP6gzVLO985jBPcJnBs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
5b:11:2a:c6:aa:6a:b8:f3:58:0d:1a:35:7b:72:71:4f:5c:d9:
4e:97:83:4a:e3:24:5d:e7:12:82:18:36:b2:0f:0e:42:17:d5:
0e:79:8f:84:fb:c9:61:5b:59:c6:e9:b9:47:48:08:1c:70:5e:
2d:8c:97:2d:af:bf:ac:36:cf:1d:ef:69:8b:52:0a:63:97:5e:
78:fb:02:67:9e:0b:65:42:b0:98:69:4b:ab:df:b1:65:80:03:
a5:9b:ae:7b:8d:7d:63:8f:23:a8:97:25:c6:98:02:9d:31:65:
98:5a:8c:29:7e:06:22:db:c3:15:db:16:3c:d4:f9:08:7d:bd:
bc:1b:b5:f6:b8:94:9c:00:d8:10:e8:cd:73:49:55:79:fa:40:
14:97:86:08:1f:6f:f8:2b:4c:e9:c0:57:66:2e:a1:1e:4b:8f:
23:0b:83:be:c4:00:8f:bc:00:e6:5d:8a:2c:fa:e1:fc:8b:f7:
0f:fd:fd:c2:96:7b:99:d4:1d:1e:d1:3e:4c:18:6f:64:9d:e6:
72:de:31:62:3f:9a:f4:86:e8:45:b5:93:3f:4f:67:49:63:88:
6e:4b:da:1d:5c:20:00:d0:94:3b:12:71:aa:0e:d3:8d:70:f6:
e3:56:63:ce:99:22:d3:84:d1:82:2b:a3:2e:97:2b:df:68:43:
b5:dd:9c:53
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICB3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjMw
OTI1MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFDQ0FERjQ5MzhFQjg4
RkVBMENENTJDRUY3Q0U2MzA0RjcwOTlDMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEi5C1dl+RFJrenXMLOdK+oddMtLeCetvX2v2ueHZsxut1cPwg
1Na+5YCt76ylTwuFHtvO2+U5O2X6Sra32pWyoTsG9F8Fd5rlzW1zZSdxIOjuIfqh
nNpq0UkqYB2F46CSAmrnJci2a5QcwIvkOmXIA5Ssx+SCdN+T2vCPGbHSOYLqU38X
vkObTrqfI4a3Iew8JS83PwPYFTtVDfE2gxiW4zRrlBhalbuwRlYTqYeDutZdP4E3
EVEM2sxkbxkLrbsx6vF6aKHlLTcmJ39MSQwRYWfzBlF/4b7io2AlLVLC496qhjzm
78vKvsCyr/F53mpie2Z7Hm6IUUqTZRszQITpAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUHMrfSTjriP6gzVLO985jBPcJnBswHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0hNcmZTVGpyaVA2Z3pW
TE85ODVqQlBjSm5Ccy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAFsRKsaqarjzWA0aNXtycU9c
2U6Xg0rjJF3nEoIYNrIPDkIX1Q55j4T7yWFbWcbpuUdICBxwXi2Mly2vv6w2zx3v
aYtSCmOXXnj7AmeeC2VCsJhpS6vfsWWAA6WbrnuNfWOPI6iXJcaYAp0xZZhajCl+
BiLbwxXbFjzU+Qh9vbwbtfa4lJwA2BDozXNJVXn6QBSXhggfb/grTOnAV2YuoR5L
jyMLg77EAI+8AOZdiiz64fyL9w/9/cKWe5nUHR7RPkwYb2Sd5nLeMWI/mvSG6EW1
kz9PZ0ljiG5L2h1cIADQlDsScaoO041w9uNWY86ZItOE0YIroy6XK99oQ7XdnFM=
-----END CERTIFICATE-----
Generated at Sat May 17 20:17:19 2025 by rpki-client