Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/Ypcjf2hiyfMy69f6XERWHtWKPsc.roa
File: Ypcjf2hiyfMy69f6XERWHtWKPsc.roa (raw, json)
Hash identifier: ZieSV+/ElTaSNOl/T5JbTzo3SiBe8nKw6HwtzuvYHyc=
Subject key identifier: 62:97:23:7F:68:62:C9:F3:32:EB:D7:FA:5C:44:56:1E:D5:8A:3E:C7
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0D7A
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Ypcjf2hiyfMy69f6XERWHtWKPsc.roa
Signing time: Sat 08 Feb 2025 11:57:52 +0000
ROA not before: Sat 08 Feb 2025 11:57:52 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3450 (0xd7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 8 11:57:52 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=6297237F6862C9F332EBD7FA5C44561ED58A3EC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2e:70:6e:b3:13:69:30:96:0d:04:7d:86:59:
b8:bb:cc:24:02:21:6e:5a:06:95:8b:90:cf:b4:ca:
8d:a5:79:04:d7:f0:cb:f7:60:07:11:7e:4d:28:6b:
2d:76:be:53:de:45:28:f1:c1:98:54:d5:ba:41:36:
f8:0e:86:af:46:e5:5a:05:13:5b:de:00:f1:3b:4c:
01:3d:0f:1a:c4:1c:77:99:40:df:bd:61:be:53:41:
d0:1d:bd:fc:dd:97:b1:db:99:4f:91:89:14:ff:8b:
d6:68:89:8b:17:00:4c:c5:83:5e:ff:95:fb:3d:a4:
ff:fb:e7:cc:1a:f4:36:e4:7b:bd:7e:4f:09:a8:24:
76:f7:8b:9a:e4:fd:43:f6:d8:5a:b6:7a:e6:da:08:
43:a5:8a:65:81:c6:fe:54:ed:95:3f:42:dc:2c:35:
30:8e:31:b0:49:65:2e:60:70:c3:53:39:a4:0f:75:
4d:b5:ad:a1:40:0c:78:b9:4b:9c:23:11:ce:61:91:
e5:1c:74:95:40:08:1f:3a:4f:2a:53:f8:45:a7:e7:
af:be:f6:37:fb:d3:bd:73:9a:f0:9c:20:ec:63:03:
35:39:8a:86:32:87:00:24:66:47:b7:32:b8:28:83:
bf:c9:1f:63:de:0b:be:fc:4c:3d:65:6b:6a:82:9e:
32:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:97:23:7F:68:62:C9:F3:32:EB:D7:FA:5C:44:56:1E:D5:8A:3E:C7
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/Ypcjf2hiyfMy69f6XERWHtWKPsc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
24:b9:48:55:3a:47:cb:fb:32:82:ae:e8:da:e8:db:ba:52:ee:
04:2f:f5:5d:d9:8b:05:fb:04:e4:b0:3f:db:8c:3b:b4:00:52:
3c:60:3a:f7:a8:02:39:ea:28:c6:0f:27:e8:f0:6b:b6:d7:d8:
0d:08:99:b3:cc:78:3a:e9:55:90:95:c1:56:1c:e2:1d:1c:f3:
ea:72:f9:db:72:90:2f:ff:e0:fd:ed:1c:c2:29:6c:f1:72:4c:
d3:5e:06:7e:af:ce:43:32:da:c7:bb:02:13:5e:3e:e4:59:6f:
76:13:e8:29:b8:a9:76:2e:28:f7:f6:e0:1a:b8:ef:a5:3c:cf:
ac:ed:fa:68:09:16:15:f0:de:86:de:a6:e9:1c:df:9d:2e:da:
03:21:df:f1:a4:a8:82:41:22:2a:e7:6d:7c:5e:c3:3c:d0:52:
a4:b8:09:42:00:65:34:ae:2a:0a:f1:a6:fc:f0:df:4d:c0:65:
77:1b:0f:56:c1:17:74:81:bd:71:28:9c:ed:ea:f4:28:ba:d0:
98:ff:a8:ff:fa:64:43:d8:1a:e3:bb:a2:3f:23:49:45:df:3d:
2e:0a:e8:65:22:d3:c8:40:b3:49:45:4d:04:3e:71:4e:d8:ba:
22:88:68:63:a9:ae:e1:d2:b5:17:26:ee:b1:12:f5:62:6b:d3:
47:83:d0:cc
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDgx
MTU3NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDYyOTcyMzdGNjg2MkM5
RjMzMkVCRDdGQTVDNDQ1NjFFRDU4QTNFQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqLnBusxNpMJYNBH2GWbi7zCQCIW5aBpWLkM+0yo2leQTX8Mv3
YAcRfk0oay12vlPeRSjxwZhU1bpBNvgOhq9G5VoFE1veAPE7TAE9DxrEHHeZQN+9
Yb5TQdAdvfzdl7HbmU+RiRT/i9ZoiYsXAEzFg17/lfs9pP/758wa9Dbke71+Twmo
JHb3i5rk/UP22Fq2eubaCEOlimWBxv5U7ZU/QtwsNTCOMbBJZS5gcMNTOaQPdU21
raFADHi5S5wjEc5hkeUcdJVACB86TypT+EWn56++9jf7071zmvCcIOxjAzU5ioYy
hwAkZke3Mrgog7/JH2PeC778TD1la2qCnjKHAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUYpcjf2hiyfMy69f6XERWHtWKPscwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1lwY2pmMmhpeWZNeTY5
ZjZYRVJXSHRXS1BzYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBACS5SFU6R8v7MoKu6Nro27pS
7gQv9V3ZiwX7BOSwP9uMO7QAUjxgOveoAjnqKMYPJ+jwa7bX2A0ImbPMeDrpVZCV
wVYc4h0c8+py+dtykC//4P3tHMIpbPFyTNNeBn6vzkMy2se7AhNePuRZb3YT6Cm4
qXYuKPf24Bq476U8z6zt+mgJFhXw3obepukc350u2gMh3/GkqIJBIirnbXxewzzQ
UqS4CUIAZTSuKgrxpvzw303AZXcbD1bBF3SBvXEonO3q9Ci60Jj/qP/6ZEPYGuO7
oj8jSUXfPS4K6GUi08hAs0lFTQQ+cU7YuiKIaGOpruHStRcm7rES9WJr00eD0Mw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:16:21 2025 by rpki-client