Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Iymmhl9Q0ZlOQmKDqPSUV7dOZRo.roa
File: Iymmhl9Q0ZlOQmKDqPSUV7dOZRo.roa (raw, json)
Hash identifier: V7CxLCYSrQyQqLmOe9BMgaBHHCKIPAxvJ6sEJ9ylJw8=
Subject key identifier: 23:29:A6:86:5F:50:D1:99:4E:42:62:83:A8:F4:94:57:B7:4E:65:1A
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 056E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Iymmhl9Q0ZlOQmKDqPSUV7dOZRo.roa
Signing time: Sat 18 Jan 2025 00:54:45 +0000
ROA not before: Sat 18 Jan 2025 00:54:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1390 (0x56e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 18 00:54:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2329A6865F50D1994E426283A8F49457B74E651A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ef:14:bf:f8:14:9e:27:0f:a9:03:4b:db:69:
b7:da:c4:60:d8:89:e8:29:95:5d:3d:24:b8:85:9a:
da:df:d1:e9:65:c8:6f:5a:4e:66:86:34:81:e8:1f:
81:f2:33:bd:31:3b:db:76:23:19:7c:17:e7:c5:12:
ca:43:ba:1e:92:7d:31:76:62:fe:5c:15:d9:fc:54:
2c:cf:2d:69:ad:ab:69:af:9b:52:53:56:1d:0f:0b:
01:5a:52:68:29:3e:55:d1:e2:41:06:03:14:7f:9c:
ac:38:51:e8:57:dc:63:f8:5b:9a:14:7f:d3:91:a6:
e4:d8:45:7c:43:c2:c3:84:10:04:df:ad:95:c1:41:
c7:74:6b:8a:22:5b:0b:f5:f0:c6:28:f2:91:6e:4a:
83:5c:b3:54:f0:d8:20:80:fd:e7:3d:f6:df:d4:e5:
32:3c:68:4c:3c:4b:6b:9f:3d:ef:ca:43:40:0b:df:
06:9a:4d:4e:41:94:57:a4:08:d3:4d:cf:b6:49:f9:
76:38:90:88:64:5c:fd:3f:70:70:9f:3c:f6:50:e9:
8f:ba:8d:22:6c:70:1e:de:52:cf:f3:27:b8:e4:f6:
00:bb:aa:10:b8:71:d0:f7:11:45:e8:f5:86:fa:74:
ad:a1:26:e3:35:94:c3:61:15:b0:62:bc:f7:aa:13:
08:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:29:A6:86:5F:50:D1:99:4E:42:62:83:A8:F4:94:57:B7:4E:65:1A
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Iymmhl9Q0ZlOQmKDqPSUV7dOZRo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
89:de:a7:0b:00:f5:5b:fd:55:17:6b:28:01:0f:c7:d8:35:cf:
1d:5a:61:69:e0:e3:76:3a:08:55:3f:83:cf:31:f1:b7:4f:2b:
37:28:0b:bd:de:cb:93:c0:3a:8a:fc:b0:f2:3b:54:c2:45:0e:
38:85:8c:8e:ca:29:75:17:29:07:57:96:fe:ed:8f:70:e7:e7:
e3:66:0f:eb:53:dd:7f:c8:e1:36:a4:91:f4:24:35:e6:96:e3:
f8:49:67:cf:fc:87:82:1f:05:7a:34:ef:6f:28:96:8a:44:53:
7b:38:c1:43:da:93:b7:93:0c:c6:c5:9d:2c:31:b8:bd:35:5d:
2e:9e:9d:03:e7:7e:27:54:d8:0a:fd:19:ef:4e:d7:8e:87:fb:
ec:df:1b:ba:bf:cc:be:10:18:d3:83:22:ed:ed:ae:f1:de:0e:
d6:9f:c0:f0:1b:ea:0d:2a:61:50:cf:29:90:7d:7b:61:89:6f:
44:a7:8e:0c:3a:4f:75:55:bb:ce:81:df:04:ea:0b:9f:8f:bd:
17:a3:6c:cf:27:2f:c2:1e:6a:9b:2e:c7:08:c4:95:8d:24:ad:
e9:69:f5:6c:ca:7a:86:47:93:72:fc:24:d0:8a:af:07:49:90:
9b:1c:05:75:fa:41:3e:23:4b:e0:74:e4:b0:ec:e3:39:4f:64:
80:91:0a:f9
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMTgw
MDU0NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIzMjlBNjg2NUY1MEQx
OTk0RTQyNjI4M0E4RjQ5NDU3Qjc0RTY1MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU7xS/+BSeJw+pA0vbabfaxGDYiegplV09JLiFmtrf0ellyG9a
TmaGNIHoH4HyM70xO9t2Ixl8F+fFEspDuh6SfTF2Yv5cFdn8VCzPLWmtq2mvm1JT
Vh0PCwFaUmgpPlXR4kEGAxR/nKw4UehX3GP4W5oUf9ORpuTYRXxDwsOEEATfrZXB
Qcd0a4oiWwv18MYo8pFuSoNcs1Tw2CCA/ec99t/U5TI8aEw8S2ufPe/KQ0AL3waa
TU5BlFekCNNNz7ZJ+XY4kIhkXP0/cHCfPPZQ6Y+6jSJscB7eUs/zJ7jk9gC7qhC4
cdD3EUXo9Yb6dK2hJuM1lMNhFbBivPeqEwh9AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUIymmhl9Q0ZlOQmKDqPSUV7dOZRowHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0l5bW1obDlRMFpsT1Ft
S0RxUFNVVjdkT1pSby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAInepwsA9Vv9VRdrKAEPx9g1
zx1aYWng43Y6CFU/g88x8bdPKzcoC73ey5PAOor8sPI7VMJFDjiFjI7KKXUXKQdX
lv7tj3Dn5+NmD+tT3X/I4TakkfQkNeaW4/hJZ8/8h4IfBXo0728olopEU3s4wUPa
k7eTDMbFnSwxuL01XS6enQPnfidU2Ar9Ge9O146H++zfG7q/zL4QGNODIu3trvHe
DtafwPAb6g0qYVDPKZB9e2GJb0Snjgw6T3VVu86B3wTqC5+PvRejbM8nL8Ieapsu
xwjElY0krelp9WzKeoZHk3L8JNCKrwdJkJscBXX6QT4jS+B05LDs4zlPZICRCvk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:12:41 2025 by rpki-client