Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/BtA-Phj3i5DHzi7u_Ylen1k0pSU.roa
File: BtA-Phj3i5DHzi7u_Ylen1k0pSU.roa (raw, json)
Hash identifier: rKBBnjVdYNT8On+j57xLW+YS9lbezquCvnRcA4cZPIw=
Subject key identifier: 06:D0:3E:3E:18:F7:8B:90:C7:CE:2E:EE:FD:89:5E:9F:59:34:A5:25
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 015B
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/BtA-Phj3i5DHzi7u_Ylen1k0pSU.roa
Signing time: Wed 24 Jul 2024 14:32:32 +0000
ROA not before: Wed 24 Jul 2024 14:32:32 +0000
ROA not after: Wed 21 May 2025 03:30:10 +0000
asID: 398704
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347 (0x15b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jul 24 14:32:32 2024 GMT
Not After : May 21 03:30:10 2025 GMT
Subject: CN=06D03E3E18F78B90C7CE2EEEFD895E9F5934A525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:91:e1:ad:a7:af:d3:dd:5a:dd:27:ad:25:15:
57:d2:78:0b:0d:0a:b2:a6:a8:c2:66:a3:58:9f:04:
f4:e6:dc:09:13:b6:25:cc:ea:2b:71:c8:46:3a:5b:
01:a9:9b:c4:8c:ee:dc:f4:cc:70:85:ad:96:19:7f:
6f:b8:24:46:ce:6d:9d:12:d0:89:76:f8:f6:43:e3:
ec:0e:85:c8:2a:f9:39:2f:9a:15:8c:42:cb:a5:3d:
a9:97:0f:bb:34:b9:d1:1b:39:57:af:b1:6e:91:e4:
20:74:99:77:ed:ec:ce:e1:01:5e:b4:83:de:e2:be:
95:df:23:02:d5:9a:13:24:eb:7a:e3:61:10:5f:20:
2e:67:5d:53:61:f8:b8:9d:f9:32:e3:0a:cb:2f:bd:
4e:82:7a:43:06:3f:a1:cb:72:fc:04:28:25:02:1d:
25:d3:73:e4:84:59:7b:3b:6e:6b:cb:a6:d3:45:93:
9d:1b:eb:9d:48:e9:4e:91:7d:94:db:61:51:0b:cd:
2c:ad:2b:cf:2d:43:e4:35:84:41:53:91:ab:c1:3d:
22:bf:ce:b7:69:ff:46:81:4c:db:f9:92:45:32:ab:
06:c9:09:ab:28:a9:92:1c:d8:a9:7b:d4:67:b7:e7:
ae:4d:b3:79:7b:56:06:2e:0b:9c:5c:d2:3c:61:a6:
44:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D0:3E:3E:18:F7:8B:90:C7:CE:2E:EE:FD:89:5E:9F:59:34:A5:25
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/BtA-Phj3i5DHzi7u_Ylen1k0pSU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/21
113.31.76.0/22
Signature Algorithm: sha256WithRSAEncryption
22:31:e8:33:84:9f:22:a0:d1:44:c2:8a:0a:ea:ee:45:b3:bb:
38:ca:2a:22:06:5c:47:5d:28:0a:7e:1a:0f:cc:23:3a:76:96:
2b:0d:43:37:3a:32:62:7f:f5:0d:8c:c0:ae:84:23:90:6f:95:
a9:7f:0a:53:e4:56:a9:65:95:0c:51:da:a3:f7:a2:85:ed:7b:
71:06:0f:74:8c:a3:3d:9e:a0:42:e3:0b:a3:cf:0e:3c:2c:50:
29:3a:9c:64:75:8d:9b:62:4f:ae:76:11:63:97:7c:c4:17:43:
a8:1f:83:4b:bc:1e:78:fd:1a:92:84:11:29:6d:bd:eb:84:d3:
38:e1:83:ab:ae:0a:39:e7:f8:04:92:07:1f:22:c1:83:ac:26:
07:a4:48:eb:d7:77:3d:51:bd:ab:2e:05:9a:c2:80:b3:99:77:
d3:8e:43:7b:59:cd:b3:1f:5e:52:3d:3d:2a:61:21:32:26:7d:
18:36:4b:b2:40:d0:ac:21:55:f1:60:bc:f5:18:d6:b1:36:a0:
25:11:c8:6f:f5:07:36:cd:9a:30:03:12:6c:4d:9c:a3:88:3a:
01:ad:13:ec:26:29:0d:de:aa:7e:81:1d:11:58:ed:91:19:c4:
db:fe:ff:11:de:b2:39:eb:d9:43:20:93:9e:37:f5:06:7c:5a:
ba:0d:97:b3
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICAVswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNDA3MjQx
NDMyMzJaFw0yNTA1MjEwMzMwMTBaMDMxMTAvBgNVBAMTKDA2RDAzRTNFMThGNzhC
OTBDN0NFMkVFRUZEODk1RTlGNTkzNEE1MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCskeGtp6/T3VrdJ60lFVfSeAsNCrKmqMJmo1ifBPTm3AkTtiXM
6itxyEY6WwGpm8SM7tz0zHCFrZYZf2+4JEbObZ0S0Il2+PZD4+wOhcgq+TkvmhWM
QsulPamXD7s0udEbOVevsW6R5CB0mXft7M7hAV60g97ivpXfIwLVmhMk63rjYRBf
IC5nXVNh+Lid+TLjCssvvU6CekMGP6HLcvwEKCUCHSXTc+SEWXs7bmvLptNFk50b
651I6U6RfZTbYVELzSytK88tQ+Q1hEFTkavBPSK/zrdp/0aBTNv5kkUyqwbJCaso
qZIc2Kl71Ge3565Ns3l7VgYuC5xc0jxhpkQjAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUBtA+Phj3i5DHzi7u/Ylen1k0pSUwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0J0QS1QaGozaTVESHpp
N3VfWWxlbjFrMHBTVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BANxH0ADBAJxH0wwDQYJKoZIhvcNAQELBQADggEBACIx6DOEnyKg0UTCigrq7kWz
uzjKKiIGXEddKAp+Gg/MIzp2lisNQzc6MmJ/9Q2MwK6EI5Bvlal/ClPkVqlllQxR
2qP3ooXte3EGD3SMoz2eoELjC6PPDjwsUCk6nGR1jZtiT652EWOXfMQXQ6gfg0u8
Hnj9GpKEESltveuE0zjhg6uuCjnn+ASSBx8iwYOsJgekSOvXdz1RvasuBZrCgLOZ
d9OOQ3tZzbMfXlI9PSphITImfRg2S7JA0KwhVfFgvPUY1rE2oCURyG/1BzbNmjAD
EmxNnKOIOgGtE+wmKQ3eqn6BHRFY7ZEZxNv+/xHesjnr2UMgk5439QZ8WroNl7M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:28 2025 by rpki-client