Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/-_kLPA-YFoNck_1_iia04YW3yx8.roa
File: -_kLPA-YFoNck_1_iia04YW3yx8.roa (raw, json)
Hash identifier: vhyz9esh368dvU64nL6oJd5FdggFPPzQdgoyWtBv+h0=
Subject key identifier: FB:F9:0B:3C:0F:98:16:83:5C:93:FD:7F:8A:26:B4:E1:85:B7:CB:1F
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0CBA
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-_kLPA-YFoNck_1_iia04YW3yx8.roa
Signing time: Thu 06 Feb 2025 11:55:44 +0000
ROA not before: Thu 06 Feb 2025 11:55:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3258 (0xcba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Feb 6 11:55:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FBF90B3C0F9816835C93FD7F8A26B4E185B7CB1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:90:b4:2c:70:0d:2d:ce:f4:c2:7c:de:d6:08:
76:d2:79:8b:de:78:4b:f9:e3:33:e1:3c:d2:aa:b3:
66:84:38:13:e8:1d:0e:1e:50:d7:56:4e:f2:54:14:
e1:b0:f8:34:e9:be:ca:13:56:e5:3c:37:b7:22:f7:
bf:bb:8d:66:e0:eb:c8:47:c2:9e:cc:d5:bc:8c:e1:
39:c8:dc:2d:a5:b8:b9:24:9d:c5:35:fe:d7:a6:98:
de:80:ae:77:1a:d3:1c:d9:1c:9f:37:f5:e0:5e:f7:
06:43:f0:4f:a4:15:41:ac:ed:90:d8:71:c0:9a:3d:
de:35:2a:4f:c4:9a:e6:08:c7:78:d8:43:3c:ed:3a:
b9:c9:35:5a:3c:06:c2:d8:92:9c:a5:aa:49:36:f0:
d2:95:ac:aa:2d:80:d3:1c:91:41:9e:a0:14:e4:b3:
2a:02:c6:0f:f6:23:eb:41:d1:ca:0a:d0:d9:34:4e:
00:6a:4d:e3:47:0a:f6:bc:eb:2e:ca:da:4c:ef:71:
c6:04:2f:1f:2e:6a:4d:02:e3:d5:8d:ea:cf:37:fd:
01:bf:a1:97:a4:8a:7f:aa:4a:42:5e:bd:71:d7:d4:
32:b3:c0:b8:c3:8f:bc:66:e6:7b:4d:fb:d3:3c:6c:
1a:43:d1:bf:7f:ea:6e:99:16:f6:0b:7f:25:06:a4:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F9:0B:3C:0F:98:16:83:5C:93:FD:7F:8A:26:B4:E1:85:B7:CB:1F
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-_kLPA-YFoNck_1_iia04YW3yx8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
55:04:48:91:bd:6b:ba:f6:15:79:62:82:9d:a8:df:56:1c:d2:
e7:6e:a5:13:51:14:8a:ad:12:f4:12:f5:3a:3c:63:08:b9:99:
b2:fb:0e:cf:00:ba:e4:e8:85:24:7c:41:77:d9:a1:58:12:30:
18:7b:b9:79:b4:5d:e6:a3:71:87:43:00:cb:b9:b2:08:07:45:
d3:a8:55:d0:10:e8:b3:56:26:76:88:fd:72:e0:9f:ed:5a:d8:
84:03:25:7a:4e:f7:9a:e2:e9:6b:2f:7c:4b:e5:bb:3d:fb:10:
fd:9f:af:d9:16:79:f5:f7:2c:10:76:b0:3c:22:74:2b:c3:ff:
11:bb:8b:6f:87:c3:f9:85:ee:d1:8e:f7:d8:78:f3:18:00:30:
65:1c:ad:6c:6f:68:50:1b:39:fb:2a:07:c7:8b:be:7e:4f:1e:
0d:57:66:c4:58:05:c0:1d:25:58:71:f0:12:2c:1d:67:08:a7:
32:3f:f5:59:49:9d:6b:6a:d5:a6:61:73:f4:de:f8:d3:7f:a7:
30:0d:a9:f3:ec:1e:96:6b:7d:7f:21:32:3c:a2:73:27:89:32:
86:a7:47:85:af:ef:f7:72:ff:db:38:36:11:5a:c8:f1:64:04:
e1:84:63:4f:09:a0:6e:23:92:47:55:08:d4:1e:27:08:b2:c5:
ea:5b:ed:ca
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDLowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDYx
MTU1NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZCRjkwQjNDMEY5ODE2
ODM1QzkzRkQ3RjhBMjZCNEUxODVCN0NCMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdkLQscA0tzvTCfN7WCHbSeYveeEv54zPhPNKqs2aEOBPoHQ4e
UNdWTvJUFOGw+DTpvsoTVuU8N7ci97+7jWbg68hHwp7M1byM4TnI3C2luLkkncU1
/temmN6Arnca0xzZHJ839eBe9wZD8E+kFUGs7ZDYccCaPd41Kk/EmuYIx3jYQzzt
OrnJNVo8BsLYkpylqkk28NKVrKotgNMckUGeoBTksyoCxg/2I+tB0coK0Nk0TgBq
TeNHCva86y7K2kzvccYELx8uak0C49WN6s83/QG/oZekin+qSkJevXHX1DKzwLjD
j7xm5ntN+9M8bBpD0b9/6m6ZFvYLfyUGpFArAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU+/kLPA+YFoNck/1/iia04YW3yx8wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLy1fa0xQQS1ZRm9OY2tf
MV9paWEwNFlXM3l4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAFUESJG9a7r2FXligp2o31Yc
0udupRNRFIqtEvQS9To8Ywi5mbL7Ds8AuuTohSR8QXfZoVgSMBh7uXm0XeajcYdD
AMu5sggHRdOoVdAQ6LNWJnaI/XLgn+1a2IQDJXpO95ri6WsvfEvluz37EP2fr9kW
efX3LBB2sDwidCvD/xG7i2+Hw/mF7tGO99h48xgAMGUcrWxvaFAbOfsqB8eLvn5P
Hg1XZsRYBcAdJVhx8BIsHWcIpzI/9VlJnWtq1aZhc/Te+NN/pzANqfPsHpZrfX8h
MjyicyeJMoanR4Wv7/dy/9s4NhFayPFkBOGEY08JoG4jkkdVCNQeJwiyxepb7co=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:15 2025 by rpki-client