Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/hz6fDc1AQRsOjdOJduuXRgE3XkQ.roa
File: hz6fDc1AQRsOjdOJduuXRgE3XkQ.roa (raw, json)
Hash identifier: umNcWfoQ6BTUOA1lXu6I8Lr/wD6ACaVDYdYhHgUomBU=
Subject key identifier: 87:3E:9F:0D:CD:40:41:1B:0E:8D:D3:89:76:EB:97:46:01:37:5E:44
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0B18
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/hz6fDc1AQRsOjdOJduuXRgE3XkQ.roa
Signing time: Sun 02 Feb 2025 03:25:34 +0000
ROA not before: Sun 02 Feb 2025 03:25:34 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2840 (0xb18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 2 03:25:34 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=873E9F0DCD40411B0E8DD38976EB974601375E44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:9f:87:8c:0a:76:d2:97:ad:4a:cb:df:75:
34:e7:3c:95:0d:5f:e8:6b:bb:5a:12:f4:b0:76:2d:
f8:83:ea:49:03:f3:a8:a6:4d:86:20:1b:62:17:3f:
c2:09:fa:8c:46:66:07:6c:8c:c7:4d:c4:52:3a:99:
ca:b1:db:2e:d5:aa:e0:2b:aa:71:d7:1a:2a:59:c4:
d3:c3:69:a2:cb:91:b4:7e:c4:d7:cb:41:37:6a:c6:
c0:87:45:0d:ab:30:ed:d5:3a:dd:0f:71:25:21:1a:
34:a9:6d:5a:86:ec:f6:f5:47:4e:95:b8:7d:93:f9:
a0:06:80:10:6e:d5:d7:49:aa:d7:c4:8f:5e:e3:08:
ea:a0:77:36:3a:ae:c3:a4:cd:98:12:ed:8f:13:7c:
c2:e0:91:fb:23:99:95:1f:6e:cc:4e:e8:46:8e:a7:
be:95:04:d2:c3:0b:02:ad:f5:4e:ca:4b:01:de:c7:
90:77:27:3f:52:e2:a1:48:7d:d0:b5:90:ba:25:7d:
5e:6b:33:28:3e:10:e2:bd:35:d9:0e:9e:be:5e:58:
5d:d3:13:2f:ea:c0:9e:4c:76:ea:ef:b5:46:b4:4d:
e8:6a:2e:f2:cc:39:c0:67:50:4e:ee:9a:91:b6:41:
92:f5:9d:5d:1f:79:19:51:57:30:74:70:f7:ed:8c:
cf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3E:9F:0D:CD:40:41:1B:0E:8D:D3:89:76:EB:97:46:01:37:5E:44
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/hz6fDc1AQRsOjdOJduuXRgE3XkQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:21:0f:e4:f6:19:27:6a:7a:dd:cf:15:c5:91:57:d4:ab:dc:
cd:3f:8e:4e:ec:13:d6:2b:9e:68:1f:a8:b0:cb:e7:49:3c:bb:
e9:f4:10:5c:2f:6c:0e:10:2b:43:0c:59:48:97:9b:96:85:be:
90:4e:15:51:8d:97:a2:6b:28:9e:3e:98:93:ef:60:86:aa:06:
c2:b9:05:49:2c:a6:b4:e3:d8:c0:5b:94:2f:02:66:ec:67:c1:
d4:62:5f:a0:3b:fe:1b:8d:12:69:b0:80:a3:04:10:45:bd:5b:
da:51:22:94:73:f6:92:a4:f7:34:8d:c9:7e:25:46:a6:26:d7:
ab:d5:80:b0:19:18:b7:25:8e:43:d7:24:8a:fd:08:e4:9e:70:
20:83:31:00:f2:dd:d6:c7:13:92:1c:4a:a6:9a:f9:f1:36:ac:
d6:1e:12:d0:7b:a3:e3:87:f0:72:05:c9:02:02:68:c0:04:e5:
f3:40:a7:8c:24:40:4d:19:4b:e3:61:dd:46:32:c5:4d:40:c5:
19:b7:cd:73:7b:e8:2a:ff:64:f9:5a:56:0f:33:97:78:70:35:
cd:28:1c:70:77:5f:3f:8c:91:cc:16:32:a6:7d:b5:de:81:16:
ac:5c:a1:e8:e3:8c:2f:1a:ec:34:ab:a9:ba:70:99:26:99:32:
9f:56:bc:b2
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDIw
MzI1MzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg3M0U5RjBEQ0Q0MDQx
MUIwRThERDM4OTc2RUI5NzQ2MDEzNzVFNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCldp+HjAp20petSsvfdTTnPJUNX+hru1oS9LB2LfiD6kkD86im
TYYgG2IXP8IJ+oxGZgdsjMdNxFI6mcqx2y7VquArqnHXGipZxNPDaaLLkbR+xNfL
QTdqxsCHRQ2rMO3VOt0PcSUhGjSpbVqG7Pb1R06VuH2T+aAGgBBu1ddJqtfEj17j
COqgdzY6rsOkzZgS7Y8TfMLgkfsjmZUfbsxO6EaOp76VBNLDCwKt9U7KSwHex5B3
Jz9S4qFIfdC1kLolfV5rMyg+EOK9NdkOnr5eWF3TEy/qwJ5MdurvtUa0TehqLvLM
OcBnUE7umpG2QZL1nV0feRlRVzB0cPftjM85AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUhz6fDc1AQRsOjdOJduuXRgE3XkQwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2h6NmZEYzFBUVJzT2pk
T0pkdXVYUmdFM1hrUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAKQhD+T2GSdqet3PFcWRV9Sr
3M0/jk7sE9YrnmgfqLDL50k8u+n0EFwvbA4QK0MMWUiXm5aFvpBOFVGNl6JrKJ4+
mJPvYIaqBsK5BUksprTj2MBblC8CZuxnwdRiX6A7/huNEmmwgKMEEEW9W9pRIpRz
9pKk9zSNyX4lRqYm16vVgLAZGLcljkPXJIr9COSecCCDMQDy3dbHE5IcSqaa+fE2
rNYeEtB7o+OH8HIFyQICaMAE5fNAp4wkQE0ZS+Nh3UYyxU1AxRm3zXN76Cr/ZPla
Vg8zl3hwNc0oHHB3Xz+MkcwWMqZ9td6BFqxcoejjjC8a7DSrqbpwmSaZMp9WvLI=
-----END CERTIFICATE-----
Generated at Sat May 17 21:22:40 2025 by rpki-client