Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/ybhnf-02bNmvuaStHyuH_KtVoT4.roa
File: ybhnf-02bNmvuaStHyuH_KtVoT4.roa (raw, json)
Hash identifier: 2NpxpIpG/EXOl+Evgi2F8ga/JYcQOvtl47WORP9fSnQ=
Subject key identifier: C9:B8:67:7F:ED:36:6C:D9:AF:B9:A4:AD:1F:2B:87:FC:AB:55:A1:3E
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 093E
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ybhnf-02bNmvuaStHyuH_KtVoT4.roa
Signing time: Tue 28 Jan 2025 04:55:19 +0000
ROA not before: Tue 28 Jan 2025 04:55:19 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2366 (0x93e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 28 04:55:19 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C9B8677FED366CD9AFB9A4AD1F2B87FCAB55A13E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:57:92:67:e7:3c:c6:2d:8b:06:bc:32:e6:b8:
5d:39:21:2a:99:8e:f5:d7:81:10:ee:44:e1:89:d4:
4b:7f:9e:35:90:84:ba:1a:32:90:8a:bc:85:c0:57:
5a:09:c9:bb:b0:3e:ae:7c:10:a4:ea:61:8f:c9:58:
c5:4c:62:97:c8:09:eb:47:b8:79:13:fb:17:4d:c7:
fa:db:42:c6:11:a1:86:21:d0:f2:6c:c3:58:db:7a:
dd:22:c7:b1:6f:ea:92:04:fe:e6:d9:61:46:d8:f9:
d9:61:ad:17:8a:a5:28:a3:55:17:8e:52:17:8f:86:
65:0a:bf:50:87:90:b7:f6:dc:1c:c8:e7:9a:66:0f:
c3:2b:ac:e2:3c:d9:0b:23:7b:05:c5:1f:de:c1:b4:
c9:01:6a:5c:8c:d2:02:5a:08:1d:2a:bf:e5:c9:27:
b1:c0:10:72:e9:46:36:a0:32:45:0c:c4:4f:a8:f5:
5e:3c:2b:d1:90:5e:32:63:c6:cb:6c:cd:e9:27:e8:
c7:78:37:fd:84:18:e0:dd:57:11:cb:3c:7b:a7:19:
12:25:1e:73:70:4d:ff:05:7f:29:09:6c:eb:6a:c3:
ee:2c:76:80:b4:f2:d9:46:dd:91:b9:50:92:de:a7:
2f:3f:9a:89:b5:ab:35:ce:8b:93:2d:12:37:b9:d8:
f2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B8:67:7F:ED:36:6C:D9:AF:B9:A4:AD:1F:2B:87:FC:AB:55:A1:3E
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/ybhnf-02bNmvuaStHyuH_KtVoT4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
52:34:94:63:58:88:2d:ba:00:9d:56:e3:20:05:4f:77:68:e2:
b9:07:9c:82:f2:f8:b9:83:fa:44:65:82:85:25:0f:f9:6e:d5:
b6:9b:6d:14:50:b7:a2:c7:ec:3d:9a:62:5f:3b:53:35:4f:a0:
37:e2:26:11:d1:c7:e5:73:8e:a9:f8:df:8e:98:5f:f6:42:b1:
04:a9:62:07:54:80:c1:0b:5b:41:25:23:fe:20:44:59:b5:99:
18:44:46:00:cf:fb:a9:3a:fc:97:c2:5e:06:dc:f8:6b:90:74:
92:fd:6c:26:af:fd:75:0e:46:19:73:1b:e8:41:a9:bb:a0:8f:
50:36:df:ab:fa:ff:81:b3:f8:02:9a:71:90:f7:e0:d5:27:02:
eb:0e:f4:c0:01:f9:3a:10:d6:af:59:d5:14:fa:bd:1c:75:bb:
36:ba:fa:43:92:1f:ec:90:bd:21:63:27:fe:6c:12:14:98:16:
e3:23:a8:7d:25:ff:da:8f:c3:8c:94:14:61:f9:8b:88:2f:09:
d2:dd:ad:46:03:1a:cb:2b:39:60:38:2c:a0:97:4d:f1:4b:4d:
9a:40:3f:ea:4d:e7:a2:bb:e3:f4:29:e0:30:ba:2b:e9:78:27:
2a:15:90:32:c9:9a:f5:02:95:4e:67:83:3c:99:28:8b:9f:05:
70:62:4e:b0
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCT4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjgw
NDU1MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM5Qjg2NzdGRUQzNjZD
RDlBRkI5QTRBRDFGMkI4N0ZDQUI1NUExM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXV5Jn5zzGLYsGvDLmuF05ISqZjvXXgRDuROGJ1Et/njWQhLoa
MpCKvIXAV1oJybuwPq58EKTqYY/JWMVMYpfICetHuHkT+xdNx/rbQsYRoYYh0PJs
w1jbet0ix7Fv6pIE/ubZYUbY+dlhrReKpSijVReOUhePhmUKv1CHkLf23BzI55pm
D8MrrOI82QsjewXFH97BtMkBalyM0gJaCB0qv+XJJ7HAEHLpRjagMkUMxE+o9V48
K9GQXjJjxstszekn6Md4N/2EGODdVxHLPHunGRIlHnNwTf8FfykJbOtqw+4sdoC0
8tlG3ZG5UJLepy8/mom1qzXOi5MtEje52PLBAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUybhnf+02bNmvuaStHyuH/KtVoT4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3liaG5mLTAyYk5tdnVh
U3RIeXVIX0t0Vm9UNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAFI0lGNYiC26AJ1W4yAFT3do
4rkHnILy+LmD+kRlgoUlD/lu1babbRRQt6LH7D2aYl87UzVPoDfiJhHRx+Vzjqn4
346YX/ZCsQSpYgdUgMELW0ElI/4gRFm1mRhERgDP+6k6/JfCXgbc+GuQdJL9bCav
/XUORhlzG+hBqbugj1A236v6/4Gz+AKacZD34NUnAusO9MAB+ToQ1q9Z1RT6vRx1
uza6+kOSH+yQvSFjJ/5sEhSYFuMjqH0l/9qPw4yUFGH5i4gvCdLdrUYDGssrOWA4
LKCXTfFLTZpAP+pN56K74/Qp4DC6K+l4JyoVkDLJmvUClU5ngzyZKIufBXBiTrA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:31:45 2025 by rpki-client