Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/KyyWplk-vm9Y4Kk0cpLTV3W0ipc.roa
File: KyyWplk-vm9Y4Kk0cpLTV3W0ipc.roa (raw, json)
Hash identifier: xhzM9btTTJFNYMwiiHJHICRUjPun3XufZe0OAhOHZ1o=
Subject key identifier: 2B:2C:96:A6:59:3E:BE:6F:58:E0:A9:34:72:92:D3:57:75:B4:8A:97
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D5C
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/KyyWplk-vm9Y4Kk0cpLTV3W0ipc.roa
Signing time: Sat 08 Feb 2025 04:25:50 +0000
ROA not before: Sat 08 Feb 2025 04:25:50 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3420 (0xd5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 8 04:25:50 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2B2C96A6593EBE6F58E0A9347292D35775B48A97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d4:61:90:be:66:80:f7:59:cd:99:ec:ca:a7:
a1:7e:e4:d6:b8:00:97:1c:df:52:32:95:dd:66:a5:
89:c0:bf:98:eb:eb:2a:2c:bb:66:e8:76:2c:f1:6c:
3f:8d:3f:3e:33:2a:d9:0b:73:3e:ba:51:63:bb:ce:
06:41:ef:77:8d:4e:31:aa:4b:4f:ee:f1:24:77:d7:
2b:78:57:f1:f2:b8:eb:28:c8:29:a6:9c:24:03:06:
8e:3c:2a:3b:d7:69:18:52:b1:0c:e4:f8:b4:97:b1:
aa:22:9a:cd:da:08:dd:59:0c:d3:1e:fb:e2:d2:94:
f0:4c:16:f4:0e:8a:28:bd:a7:f4:7d:f1:79:2d:20:
08:72:0d:18:05:58:8b:5e:65:7c:b5:23:cc:c6:10:
3a:cc:7a:8e:ed:1c:35:0e:36:78:71:73:f5:c3:07:
ea:f3:7c:3e:20:c3:ed:f8:75:23:88:f5:7f:66:c7:
03:35:dc:57:6e:f9:4d:7f:ed:b3:39:31:ab:67:b3:
79:d9:5d:97:6a:f6:e9:bb:48:5b:3b:9f:62:95:4d:
0a:e4:e0:bf:82:75:3c:e4:77:e5:30:84:a2:09:b6:
38:6d:9b:ec:f0:f8:23:03:4b:f5:5c:03:f4:ea:e3:
b4:67:f1:73:e3:38:bc:18:82:64:fc:c2:92:f1:82:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2C:96:A6:59:3E:BE:6F:58:E0:A9:34:72:92:D3:57:75:B4:8A:97
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/KyyWplk-vm9Y4Kk0cpLTV3W0ipc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:a8:62:df:ef:f0:10:8b:db:36:3d:c5:04:8a:91:1c:45:f9:
53:9c:94:f6:98:b8:cb:5e:3b:61:37:5a:81:03:43:73:32:d6:
4d:28:c1:21:9e:7d:b4:63:e2:a8:ca:38:44:d0:c9:89:6a:ed:
d0:30:54:65:17:b6:42:bd:16:38:b3:02:bc:c9:d4:4d:f0:9d:
76:7f:0d:14:fc:f2:d0:bc:44:2e:e9:93:27:3e:b5:f9:fd:bf:
84:ba:b5:76:01:7f:4c:ea:5d:0a:a0:5c:cd:c6:0d:82:1f:31:
61:15:22:c2:96:18:51:da:18:a7:af:a0:d4:e4:df:dd:7b:3b:
9a:2a:da:a3:36:32:a5:13:15:b0:18:9a:0b:a7:da:2a:09:88:
e2:13:f2:21:2b:94:a2:b6:47:ee:06:26:29:8e:98:a1:62:f6:
ac:69:a5:28:e6:bd:8c:0b:a3:99:f9:69:13:17:73:e9:8b:9b:
39:02:89:41:61:96:36:73:dc:c4:7d:47:f3:4c:91:12:7f:a3:
7a:f0:41:26:c4:9a:4d:e9:31:f3:75:94:b5:65:99:2b:05:92:
83:6e:d4:98:ad:71:82:e6:79:e6:5f:2a:ec:c5:9c:c9:4b:ac:
92:93:4a:70:f4:7f:57:be:c1:6a:07:59:c4:fa:bb:92:2e:97:
44:2b:6c:ce
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDgw
NDI1NTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJCMkM5NkE2NTkzRUJF
NkY1OEUwQTkzNDcyOTJEMzU3NzVCNDhBOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf1GGQvmaA91nNmezKp6F+5Na4AJcc31Iyld1mpYnAv5jr6yos
u2bodizxbD+NPz4zKtkLcz66UWO7zgZB73eNTjGqS0/u8SR31yt4V/HyuOsoyCmm
nCQDBo48KjvXaRhSsQzk+LSXsaoims3aCN1ZDNMe++LSlPBMFvQOiii9p/R98Xkt
IAhyDRgFWIteZXy1I8zGEDrMeo7tHDUONnhxc/XDB+rzfD4gw+34dSOI9X9mxwM1
3Fdu+U1/7bM5Matns3nZXZdq9um7SFs7n2KVTQrk4L+CdTzkd+UwhKIJtjhtm+zw
+CMDS/VcA/Tq47Rn8XPjOLwYgmT8wpLxgpVBAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUKyyWplk+vm9Y4Kk0cpLTV3W0ipcwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0t5eVdwbGstdm05WTRL
azBjcExUVjNXMGlwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAGuoYt/v8BCL2zY9xQSKkRxF
+VOclPaYuMteO2E3WoEDQ3My1k0owSGefbRj4qjKOETQyYlq7dAwVGUXtkK9Fjiz
ArzJ1E3wnXZ/DRT88tC8RC7pkyc+tfn9v4S6tXYBf0zqXQqgXM3GDYIfMWEVIsKW
GFHaGKevoNTk3917O5oq2qM2MqUTFbAYmgun2ioJiOIT8iErlKK2R+4GJimOmKFi
9qxppSjmvYwLo5n5aRMXc+mLmzkCiUFhljZz3MR9R/NMkRJ/o3rwQSbEmk3pMfN1
lLVlmSsFkoNu1JitcYLmeeZfKuzFnMlLrJKTSnD0f1e+wWoHWcT6u5Iul0QrbM4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:15:35 2025 by rpki-client