Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/UhFay5GmHxAbnkodyARI0NNUBU8.roa
File: UhFay5GmHxAbnkodyARI0NNUBU8.roa (raw, json)
Hash identifier: sj36YF5MEnpJbjEKh5Cq3/oCFcDbQz7x9RM8M7E9HHk=
Subject key identifier: 52:11:5A:CB:91:A6:1F:10:1B:9E:4A:1D:C8:04:48:D0:D3:54:05:4F
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CD4
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/UhFay5GmHxAbnkodyARI0NNUBU8.roa
Signing time: Thu 06 Feb 2025 18:25:45 +0000
ROA not before: Thu 06 Feb 2025 18:25:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3284 (0xcd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 18:25:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=52115ACB91A61F101B9E4A1DC80448D0D354054F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:10:bc:1b:f0:fe:48:bd:c5:b8:83:9e:1a:70:
9b:2a:e5:86:2d:21:13:cb:ee:86:31:b9:96:11:c4:
8d:00:b1:24:1f:64:b7:11:ed:42:3a:38:57:37:80:
d1:f2:c1:90:0d:ee:9a:af:ce:e5:67:78:e2:15:d1:
e6:63:ff:4d:46:52:0a:ad:a0:dc:e0:a2:38:65:24:
6e:f6:35:8b:90:c3:88:93:6a:11:bd:be:f0:35:52:
42:43:01:4a:ff:fc:3e:47:83:f7:fe:7a:b5:97:6b:
18:7f:c8:fa:bc:8d:75:d9:cc:46:a9:14:b9:fd:71:
1d:02:e5:4f:a9:30:e9:0e:15:be:f2:71:4d:f8:a0:
ef:e3:5f:9c:2b:1f:cf:73:41:01:1f:2b:09:82:ff:
ae:f2:a9:be:69:1d:ca:75:72:08:7b:7b:70:d3:3d:
00:cc:4a:51:7a:09:b8:a7:b3:93:e1:ac:93:5b:ab:
7f:57:0a:a4:1d:cb:4c:c2:ec:5a:56:83:89:b3:47:
5a:87:54:80:0c:29:9d:91:12:b9:26:6e:e0:42:24:
b5:5d:10:56:33:fa:cc:11:2c:8e:35:8b:95:d2:8a:
75:d9:5a:6a:4b:9b:0d:56:3d:3b:40:47:ff:fd:df:
d1:2e:81:59:5e:5a:bf:a8:6f:6e:2a:3c:da:6d:cb:
6c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:11:5A:CB:91:A6:1F:10:1B:9E:4A:1D:C8:04:48:D0:D3:54:05:4F
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/UhFay5GmHxAbnkodyARI0NNUBU8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
84:a0:5d:c8:bd:c5:6a:a8:2c:e6:4c:40:32:fb:5c:8d:d3:6d:
17:93:f8:06:16:01:7a:f3:29:18:36:5c:19:d4:da:99:9b:0a:
c2:07:8f:88:1e:11:db:2c:e6:3c:6a:42:95:eb:d8:ce:49:55:
2b:46:1d:f9:73:04:fc:e0:25:72:bc:43:02:e9:7c:db:1d:0d:
68:36:87:08:82:1c:9a:99:e5:ef:3e:15:98:a1:2d:5e:77:fa:
95:e9:56:00:88:ac:d6:3b:dc:65:63:60:f1:63:95:25:cd:4c:
52:da:9e:e8:46:30:46:d0:bc:a3:62:56:fe:dc:d2:54:17:fb:
10:93:33:95:d5:d5:a5:1b:21:31:34:5f:7b:c4:58:d2:77:40:
a9:2f:e5:20:08:c5:e1:0e:e7:68:c4:4c:34:ec:bc:ef:07:7c:
c2:12:af:96:5c:e1:12:2e:84:f9:4a:ae:b7:7f:c8:fa:ad:c4:
c1:fb:20:5a:f2:64:ab:ad:ab:fe:1c:b0:a0:72:b1:13:02:83:
d7:85:7b:16:61:41:6c:d0:c0:70:af:b4:32:c5:6c:7d:66:de:
57:af:c6:f8:77:9f:6f:29:ed:fc:7a:22:09:b1:85:48:c1:77:
f4:c4:4d:97:aa:bb:4b:4e:7a:92:9c:13:3f:82:f7:cf:ec:3d:
a1:b4:d3:a4
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDNQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYx
ODI1NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUyMTE1QUNCOTFBNjFG
MTAxQjlFNEExREM4MDQ0OEQwRDM1NDA1NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2ELwb8P5IvcW4g54acJsq5YYtIRPL7oYxuZYRxI0AsSQfZLcR
7UI6OFc3gNHywZAN7pqvzuVneOIV0eZj/01GUgqtoNzgojhlJG72NYuQw4iTahG9
vvA1UkJDAUr//D5Hg/f+erWXaxh/yPq8jXXZzEapFLn9cR0C5U+pMOkOFb7ycU34
oO/jX5wrH89zQQEfKwmC/67yqb5pHcp1cgh7e3DTPQDMSlF6Cbins5PhrJNbq39X
CqQdy0zC7FpWg4mzR1qHVIAMKZ2RErkmbuBCJLVdEFYz+swRLI41i5XSinXZWmpL
mw1WPTtAR//939EugVleWr+ob24qPNpty2ybAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUUhFay5GmHxAbnkodyARI0NNUBU8wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1VoRmF5NUdtSHhBYm5r
b2R5QVJJME5OVUJVOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAISgXci9xWqoLOZMQDL7XI3T
bReT+AYWAXrzKRg2XBnU2pmbCsIHj4geEdss5jxqQpXr2M5JVStGHflzBPzgJXK8
QwLpfNsdDWg2hwiCHJqZ5e8+FZihLV53+pXpVgCIrNY73GVjYPFjlSXNTFLanuhG
MEbQvKNiVv7c0lQX+xCTM5XV1aUbITE0X3vEWNJ3QKkv5SAIxeEO52jETDTsvO8H
fMISr5Zc4RIuhPlKrrd/yPqtxMH7IFryZKutq/4csKBysRMCg9eFexZhQWzQwHCv
tDLFbH1m3levxvh3n28p7fx6IgmxhUjBd/TETZequ0tOepKcEz+C98/sPaG006Q=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:32:47 2025 by rpki-client