Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/-ybr-dcSIWPceYu2-pLt0-kpv1o.roa
File: -ybr-dcSIWPceYu2-pLt0-kpv1o.roa (raw, json)
Hash identifier: LdEfhtCa4j1FrF3UbJdEVgOqwiK6i3JzDYchxh73YVY=
Subject key identifier: FB:26:EB:F9:D7:12:21:63:DC:79:8B:B6:FA:92:ED:D3:E9:29:BF:5A
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0670
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-ybr-dcSIWPceYu2-pLt0-kpv1o.roa
Signing time: Mon 20 Jan 2025 17:25:29 +0000
ROA not before: Mon 20 Jan 2025 17:25:29 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1648 (0x670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 20 17:25:29 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FB26EBF9D7122163DC798BB6FA92EDD3E929BF5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:4b:93:17:0c:a4:3b:7f:3f:4a:60:53:63:
45:2a:39:f3:a6:dd:cf:81:bc:6f:16:75:a4:d1:21:
00:70:d3:c3:b8:53:a8:45:53:0f:cc:2c:60:cd:25:
ef:96:38:e4:0e:60:de:dc:1b:34:96:b3:98:a2:67:
71:d6:41:0a:fb:af:23:f3:1a:28:dd:75:7a:0c:bd:
44:18:38:1d:2a:c1:ba:e5:bf:ac:62:10:dc:2b:81:
2d:17:2c:c6:6a:01:31:b0:eb:c4:f6:df:2a:b3:7b:
0d:3e:68:16:bd:c2:7b:51:0f:74:0b:21:90:67:83:
ff:a8:1e:84:aa:21:ac:28:00:07:c3:a6:ac:11:2a:
39:23:39:7e:cc:32:70:d5:fe:82:66:8f:42:61:ae:
45:1f:cd:b1:c1:e3:97:fe:86:29:4d:2b:49:9d:77:
75:21:d0:ff:41:2e:d2:83:68:d9:06:1e:76:34:06:
42:25:16:8f:f7:a3:34:db:be:39:c0:52:1b:71:24:
70:dc:e2:e7:35:b8:69:e9:38:99:52:90:aa:83:8c:
2a:cd:fb:48:d7:8c:5d:e4:ff:cb:3b:d7:6c:54:97:
5c:9e:1a:1f:27:ed:4c:32:e3:74:0a:35:81:a9:8a:
f6:f8:b7:05:d6:b0:02:f7:c8:ea:c4:1d:93:e2:30:
3e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:26:EB:F9:D7:12:21:63:DC:79:8B:B6:FA:92:ED:D3:E9:29:BF:5A
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/-ybr-dcSIWPceYu2-pLt0-kpv1o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:e4:87:4f:d9:c8:bf:3a:7d:4a:1b:cf:dd:31:eb:cb:3d:ec:
2c:d9:d7:4b:c1:1c:68:fb:e8:42:71:0c:99:24:25:ec:de:99:
59:51:ee:75:36:a0:0b:cf:23:2d:8d:e8:54:f2:83:2a:18:f4:
dc:9d:d7:f8:9b:24:0c:80:39:0f:61:7c:12:87:91:36:39:ea:
43:44:95:5d:84:59:42:b2:c3:4c:98:45:62:4c:82:6f:1d:de:
4e:be:5d:13:b1:31:ae:46:34:cc:b5:12:d2:f2:b4:91:f8:28:
86:fa:fe:1a:c4:b2:ee:7e:ff:9d:f5:16:d4:89:23:44:36:50:
41:ce:cf:ea:4a:04:c6:5e:e0:23:89:6a:d9:82:92:3a:36:8a:
dd:68:ed:ca:6b:0d:c8:2c:45:c9:fe:19:ff:fb:ed:53:55:86:
ab:db:3b:aa:2a:a7:2f:b9:a7:af:a3:2a:2e:ab:34:8e:1f:4b:
d9:e4:8f:d6:7b:db:76:06:04:aa:b8:ac:69:60:4f:be:7a:b9:
f1:4c:1a:a8:6e:83:55:13:37:83:93:15:1c:c9:b4:d6:e6:22:
fb:63:38:66:db:9d:6f:c3:aa:59:30:e5:bf:c2:bf:59:79:16:
4a:6e:32:fd:5e:24:d6:0f:8e:89:5c:22:04:e2:af:ce:cb:4d:
fa:1c:3d:7d
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjAx
NzI1MjlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZCMjZFQkY5RDcxMjIx
NjNEQzc5OEJCNkZBOTJFREQzRTkyOUJGNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5vUuTFwykO38/SmBTY0UqOfOm3c+BvG8WdaTRIQBw08O4U6hF
Uw/MLGDNJe+WOOQOYN7cGzSWs5iiZ3HWQQr7ryPzGijddXoMvUQYOB0qwbrlv6xi
ENwrgS0XLMZqATGw68T23yqzew0+aBa9wntRD3QLIZBng/+oHoSqIawoAAfDpqwR
KjkjOX7MMnDV/oJmj0JhrkUfzbHB45f+hilNK0mdd3Uh0P9BLtKDaNkGHnY0BkIl
Fo/3ozTbvjnAUhtxJHDc4uc1uGnpOJlSkKqDjCrN+0jXjF3k/8s712xUl1yeGh8n
7Uwy43QKNYGpivb4twXWsAL3yOrEHZPiMD6xAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU+ybr+dcSIWPceYu2+pLt0+kpv1owHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwLy15YnItZGNTSVdQY2VZ
dTItcEx0MC1rcHYxby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBAIzkh0/ZyL86fUobz90x68s9
7CzZ10vBHGj76EJxDJkkJezemVlR7nU2oAvPIy2N6FTygyoY9Nyd1/ibJAyAOQ9h
fBKHkTY56kNElV2EWUKyw0yYRWJMgm8d3k6+XROxMa5GNMy1EtLytJH4KIb6/hrE
su5+/531FtSJI0Q2UEHOz+pKBMZe4COJatmCkjo2it1o7cprDcgsRcn+Gf/77VNV
hqvbO6oqpy+5p6+jKi6rNI4fS9nkj9Z723YGBKq4rGlgT756ufFMGqhug1UTN4OT
FRzJtNbmIvtjOGbbnW/Dqlkw5b/Cv1l5FkpuMv1eJNYPjolcIgTir87LTfocPX0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:24 2025 by rpki-client