Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/HcBSXPBGY2asH1NipwqNxBaSi9I.roa
File: HcBSXPBGY2asH1NipwqNxBaSi9I.roa (raw, json)
Hash identifier: BiucaviP0OPQKYAWuCg8csV07LgEsrnHwv1wUbnZyBY=
Subject key identifier: 1D:C0:52:5C:F0:46:63:66:AC:1F:53:62:A7:0A:8D:C4:16:92:8B:D2
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0894
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/HcBSXPBGY2asH1NipwqNxBaSi9I.roa
Signing time: Sun 26 Jan 2025 10:25:12 +0000
ROA not before: Sun 26 Jan 2025 10:25:12 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2196 (0x894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 26 10:25:12 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1DC0525CF0466366AC1F5362A70A8DC416928BD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0e:c8:76:49:21:13:88:4a:cb:6f:78:cf:a7:
ff:b7:0c:89:8e:10:20:73:d9:c5:77:37:4e:d2:6b:
e0:bc:f4:6a:31:1a:9c:50:e1:c1:a7:5b:cc:dd:5d:
52:73:d7:53:ef:4d:5f:5f:23:55:56:00:d2:ed:5e:
5c:a5:1d:ff:b6:1a:c6:40:38:2a:b8:95:96:09:30:
1d:b7:7c:18:77:6c:74:58:dd:f7:d4:e6:f2:ef:70:
cc:f6:62:7e:17:0b:de:52:c0:8a:d2:93:d8:94:8a:
d7:fc:a0:1b:e7:b0:c3:b5:2c:5a:35:6a:a2:45:18:
d7:30:24:0f:0c:9a:ed:00:c4:00:6b:ff:82:e6:93:
d2:41:83:24:70:0c:ea:d9:a6:51:73:84:f7:c0:d2:
33:4f:75:d1:a0:fd:e0:23:d5:b1:8a:ce:11:b4:85:
32:8a:31:bc:d4:c4:5a:07:bd:34:e1:cf:01:6f:80:
e2:4d:91:f2:b3:50:78:9c:84:89:51:de:e5:95:47:
4f:21:af:7c:27:91:7d:6f:8a:68:fc:8c:56:5c:7a:
58:ed:d8:3d:dd:a5:4e:82:01:65:95:af:0e:b6:c0:
dd:b2:d6:ba:a7:ab:c2:8e:f6:18:d8:8f:0b:98:5c:
e9:a0:3f:92:cb:56:dd:a1:d3:dc:d6:85:62:c8:f2:
8f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C0:52:5C:F0:46:63:66:AC:1F:53:62:A7:0A:8D:C4:16:92:8B:D2
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/HcBSXPBGY2asH1NipwqNxBaSi9I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
af:61:76:ef:d7:b2:eb:e1:7f:6c:6a:1d:53:14:10:87:3a:70:
79:9b:bb:28:67:d9:e3:80:c1:62:7f:4d:2f:a1:8b:0e:fc:82:
7a:a6:06:9a:3b:14:27:01:6e:ae:8c:da:fd:74:98:b9:b6:6e:
0d:f4:6f:5e:17:dd:48:e4:30:a0:99:e9:79:00:e1:6c:51:32:
88:90:08:74:5c:dc:01:36:9d:03:55:88:0f:05:36:13:76:9d:
e2:39:23:16:e7:40:48:62:82:2e:1b:f5:12:2b:97:5f:93:27:
7c:63:7f:b0:48:61:61:a9:11:c3:4d:06:52:6c:2a:8e:cc:06:
30:4b:d9:12:8e:0e:50:cd:8d:63:86:d1:41:ae:60:a7:75:c0:
c7:43:e7:3e:03:ae:48:e2:6b:c5:2f:88:db:3c:36:18:27:f2:
55:b6:40:38:d8:ad:f6:41:f1:98:16:1f:bb:d6:b4:9f:55:71:
61:e5:31:f9:e4:af:ea:bd:87:3e:fc:7d:b9:7a:58:1e:44:c1:
ef:bc:5f:8b:3e:93:c7:7b:18:7a:f3:23:b7:7d:65:e4:b9:47:
26:79:80:be:26:51:6a:a4:c8:59:fc:60:68:7f:16:08:a3:1d:
6c:b0:fe:99:85:55:fd:6d:2b:13:2c:ea:5a:e6:56:f9:94:f3:
5d:22:58:32
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjYx
MDI1MTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFEQzA1MjVDRjA0NjYz
NjZBQzFGNTM2MkE3MEE4REM0MTY5MjhCRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWDsh2SSETiErLb3jPp/+3DImOECBz2cV3N07Sa+C89GoxGpxQ
4cGnW8zdXVJz11PvTV9fI1VWANLtXlylHf+2GsZAOCq4lZYJMB23fBh3bHRY3ffU
5vLvcMz2Yn4XC95SwIrSk9iUitf8oBvnsMO1LFo1aqJFGNcwJA8Mmu0AxABr/4Lm
k9JBgyRwDOrZplFzhPfA0jNPddGg/eAj1bGKzhG0hTKKMbzUxFoHvTThzwFvgOJN
kfKzUHichIlR3uWVR08hr3wnkX1vimj8jFZceljt2D3dpU6CAWWVrw62wN2y1rqn
q8KO9hjYjwuYXOmgP5LLVt2h09zWhWLI8o+7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUHcBSXPBGY2asH1NipwqNxBaSi9IwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0hjQlNYUEJHWTJhc0gx
Tmlwd3FOeEJhU2k5SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAK9hdu/Xsuvhf2xqHVMUEIc6
cHmbuyhn2eOAwWJ/TS+hiw78gnqmBpo7FCcBbq6M2v10mLm2bg30b14X3UjkMKCZ
6XkA4WxRMoiQCHRc3AE2nQNViA8FNhN2neI5IxbnQEhigi4b9RIrl1+TJ3xjf7BI
YWGpEcNNBlJsKo7MBjBL2RKODlDNjWOG0UGuYKd1wMdD5z4Drkjia8UviNs8Nhgn
8lW2QDjYrfZB8ZgWH7vWtJ9VcWHlMfnkr+q9hz78fbl6WB5Ewe+8X4s+k8d7GHrz
I7d9ZeS5RyZ5gL4mUWqkyFn8YGh/FgijHWyw/pmFVf1tKxMs6lrmVvmU810iWDI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:59:45 2025 by rpki-client