Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/kcyMIPiwb_ZyrfSb0hwz2ZLHL6s.roa
File: kcyMIPiwb_ZyrfSb0hwz2ZLHL6s.roa (raw, json)
Hash identifier: SVHMjjzUviZAnt7ddkAEQ8fbM4KDE8yvV+MpG/+SmWw=
Subject key identifier: 91:CC:8C:20:F8:B0:6F:F6:72:AD:F4:9B:D2:1C:33:D9:92:C7:2F:AB
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 088C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kcyMIPiwb_ZyrfSb0hwz2ZLHL6s.roa
Signing time: Sun 26 Jan 2025 08:25:13 +0000
ROA not before: Sun 26 Jan 2025 08:25:13 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2188 (0x88c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 26 08:25:13 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=91CC8C20F8B06FF672ADF49BD21C33D992C72FAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:d0:18:68:76:1a:da:41:31:b2:60:02:c2:
e2:d6:d2:19:d0:2c:e3:6b:45:6f:36:fb:de:0d:de:
6e:0b:d8:4c:23:08:2c:73:f2:cf:a8:d9:e8:90:72:
91:4c:9d:a7:80:59:93:f8:cc:46:ef:b5:d2:d4:4f:
35:a4:bf:a2:d7:fe:74:b7:33:fd:33:d7:ae:1a:9c:
87:87:c3:ac:96:c6:b5:e8:11:1c:cb:86:f8:3f:cc:
59:3a:e6:b3:40:a6:38:a4:1f:13:ed:b7:fe:c1:96:
20:29:0d:2d:41:35:b0:db:70:29:5c:bb:16:67:47:
bc:dc:f2:40:8c:d1:52:be:17:46:14:80:1c:66:71:
2f:eb:d3:18:80:5a:e9:ed:50:3c:2f:e4:38:fb:45:
1b:63:ef:b7:35:d3:04:71:2a:ee:6f:1e:8c:2f:15:
2e:aa:91:3f:68:3e:50:79:a1:3e:47:60:d0:52:28:
24:7c:32:c8:6f:9f:3a:50:8f:d3:16:72:0c:a8:30:
c2:64:43:f3:fd:59:1e:9a:cd:39:dd:da:92:df:a8:
ba:ee:da:e4:5e:3b:95:13:02:4f:77:36:73:aa:63:
19:c9:82:28:9c:b6:e3:5b:61:b0:fa:15:4e:b3:6d:
47:0e:72:cd:a5:f2:4b:64:ce:e3:ba:20:9c:12:20:
ff:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CC:8C:20:F8:B0:6F:F6:72:AD:F4:9B:D2:1C:33:D9:92:C7:2F:AB
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/kcyMIPiwb_ZyrfSb0hwz2ZLHL6s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:8f:d8:2a:c3:50:9f:d8:a2:bd:a5:17:aa:b0:b1:a7:43:f7:
a5:ca:2a:c5:22:5e:13:31:d9:5b:ad:82:d0:b5:ea:65:81:2c:
0a:6e:72:88:b3:31:e4:ab:c2:30:a0:0f:82:65:34:84:5f:8d:
cd:31:b2:fc:1c:a2:ac:41:aa:6d:ec:73:4f:f7:6a:c5:f4:d1:
84:6f:41:87:86:22:de:02:d1:56:df:82:6d:e8:4a:22:c5:1a:
70:ba:c8:af:46:05:62:59:2f:0f:8c:40:77:c0:63:ec:eb:5d:
f3:b8:d3:a6:2a:86:f8:80:ff:a6:56:94:5d:24:1d:3f:a8:51:
f0:1b:a7:79:90:c0:12:9c:c6:21:b1:ed:e4:93:e3:a1:84:f5:
4f:2a:4e:cd:0d:97:80:01:60:47:af:aa:d7:5d:06:c4:c1:47:
20:cd:3b:13:58:40:7f:15:c8:03:79:0e:f5:4a:23:32:ae:53:
e5:cc:1b:57:28:f2:fc:f4:8e:c2:9f:5b:57:1b:06:6f:69:00:
ac:20:58:fa:fb:d2:16:54:07:1c:90:f4:3e:93:14:4d:81:27:
47:79:76:29:b0:e4:d2:e1:ae:de:f6:c8:df:f2:aa:53:9d:f9:
2d:20:b7:ca:07:9d:27:c2:1a:22:8a:ee:28:73:6f:5d:52:f0:
24:42:a2:58
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjYw
ODI1MTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkxQ0M4QzIwRjhCMDZG
RjY3MkFERjQ5QkQyMUMzM0Q5OTJDNzJGQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNidAYaHYa2kExsmACwuLW0hnQLONrRW82+94N3m4L2EwjCCxz
8s+o2eiQcpFMnaeAWZP4zEbvtdLUTzWkv6LX/nS3M/0z164anIeHw6yWxrXoERzL
hvg/zFk65rNApjikHxPtt/7BliApDS1BNbDbcClcuxZnR7zc8kCM0VK+F0YUgBxm
cS/r0xiAWuntUDwv5Dj7RRtj77c10wRxKu5vHowvFS6qkT9oPlB5oT5HYNBSKCR8
MshvnzpQj9MWcgyoMMJkQ/P9WR6azTnd2pLfqLru2uReO5UTAk93NnOqYxnJgiic
tuNbYbD6FU6zbUcOcs2l8ktkzuO6IJwSIP+JAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUkcyMIPiwb/ZyrfSb0hwz2ZLHL6swHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2tjeU1JUGl3Yl9aeXJm
U2IwaHd6MlpMSEw2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAC2P2CrDUJ/Yor2lF6qwsadD
96XKKsUiXhMx2VutgtC16mWBLApucoizMeSrwjCgD4JlNIRfjc0xsvwcoqxBqm3s
c0/3asX00YRvQYeGIt4C0Vbfgm3oSiLFGnC6yK9GBWJZLw+MQHfAY+zrXfO406Yq
hviA/6ZWlF0kHT+oUfAbp3mQwBKcxiGx7eST46GE9U8qTs0Nl4ABYEevqtddBsTB
RyDNOxNYQH8VyAN5DvVKIzKuU+XMG1co8vz0jsKfW1cbBm9pAKwgWPr70hZUBxyQ
9D6TFE2BJ0d5dimw5NLhrt72yN/yqlOd+S0gt8oHnSfCGiKK7ihzb11S8CRColg=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:13 2025 by rpki-client