Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/WYg58vzfd_Z6TaUKprLQDalWh2s.roa
File: WYg58vzfd_Z6TaUKprLQDalWh2s.roa (raw, json)
Hash identifier: KSZELNOJuW9Falt6rRG++x8aitpS9YEmBBfZ2+gI+7s=
Subject key identifier: 59:88:39:F2:FC:DF:77:F6:7A:4D:A5:0A:A6:B2:D0:0D:A9:56:87:6B
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 0680
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/WYg58vzfd_Z6TaUKprLQDalWh2s.roa
Signing time: Mon 20 Jan 2025 21:24:58 +0000
ROA not before: Mon 20 Jan 2025 21:24:58 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139076
IP address blocks: 113.31.64.0/21 maxlen: 24
113.31.72.0/21 maxlen: 24
113.31.128.0/21 maxlen: 24
113.31.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1664 (0x680)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jan 20 21:24:58 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=598839F2FCDF77F67A4DA50AA6B2D00DA956876B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:17:74:95:59:36:02:38:e0:8c:62:66:e7:e0:
bb:3e:40:4f:04:37:a8:6f:8a:26:22:76:d9:31:13:
d8:16:55:e3:79:b5:a4:8a:b0:40:ff:ac:23:23:89:
89:66:a1:a8:eb:90:37:47:0c:aa:f1:f3:aa:33:12:
5f:88:d4:f8:38:60:77:b1:b9:d0:dc:8c:2e:26:31:
c8:d5:3f:7c:de:9c:34:38:60:64:e1:ae:8a:87:2d:
dc:21:89:e7:5f:b7:41:50:d5:b7:28:96:08:50:4b:
09:1a:1a:bc:a4:65:75:df:a1:c4:82:77:74:ca:aa:
36:40:4e:d8:cf:56:22:b9:a8:e5:ec:fb:5e:01:b8:
c6:a4:61:15:c4:2a:b9:09:7b:b9:98:dc:13:56:5e:
3b:d1:d7:10:17:86:27:f7:7a:2c:a1:e4:f9:43:81:
fd:72:9d:2e:96:7e:bc:3c:8d:01:6e:05:b7:bd:1f:
2e:f1:74:15:65:f9:a9:f2:2e:1c:cf:6a:10:8d:96:
2e:ca:28:90:24:8d:17:99:49:41:90:07:c7:97:96:
37:ac:b4:da:55:d9:2f:43:60:9c:b9:75:dc:44:2e:
fb:3d:4e:53:65:9b:d4:7b:cd:12:96:50:6a:fb:8f:
54:74:6c:99:50:27:24:f1:9c:6c:05:6d:74:46:3f:
fb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:88:39:F2:FC:DF:77:F6:7A:4D:A5:0A:A6:B2:D0:0D:A9:56:87:6B
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/WYg58vzfd_Z6TaUKprLQDalWh2s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/20
113.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
20:85:d7:f5:be:f0:db:63:ac:1f:60:d2:4c:e4:49:a2:d3:c7:
44:55:c7:d4:cc:fc:ce:eb:0b:d1:4a:60:be:8f:29:4d:de:1a:
c9:bc:57:69:5f:64:2c:c6:2e:6b:4a:0c:d9:b2:00:b1:f9:44:
74:27:0a:89:c0:93:35:05:52:e9:9c:4e:bf:b1:bb:3f:8c:bc:
2a:ba:1a:92:9a:ac:b0:1c:b0:53:4c:5c:e7:f0:62:07:7a:b1:
09:b5:01:ca:1d:8c:ce:9b:1e:b9:1b:4c:c5:65:13:80:3a:c2:
2f:fa:56:b6:39:02:b8:d7:43:11:c2:3b:d9:c4:96:c9:b7:17:
41:8b:a6:2a:64:c9:61:7e:c9:ee:5f:6b:f8:11:64:0f:76:21:
ed:30:fe:c4:9f:45:7a:f6:8a:4a:54:96:7a:b0:7e:99:1a:d9:
be:cb:d8:6b:de:14:17:4a:41:e1:71:f4:9d:fc:fe:8b:66:70:
9f:96:82:62:49:7f:38:ee:c5:36:4a:c0:56:e7:57:de:b8:a5:
53:af:b0:9c:fa:6e:ba:23:4d:f9:60:74:c9:6e:37:19:84:28:
2c:fb:c5:85:e0:fc:fb:87:aa:a1:5d:c9:45:ca:3b:03:12:c2:
01:c0:b1:2f:e3:c4:83:10:42:7c:a5:78:69:19:57:d5:46:ba:
7d:6c:a3:dd
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAxMjAy
MTI0NThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU5ODgzOUYyRkNERjc3
RjY3QTREQTUwQUE2QjJEMDBEQTk1Njg3NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRF3SVWTYCOOCMYmbn4Ls+QE8EN6hviiYidtkxE9gWVeN5taSK
sED/rCMjiYlmoajrkDdHDKrx86ozEl+I1Pg4YHexudDcjC4mMcjVP3zenDQ4YGTh
roqHLdwhiedft0FQ1bcolghQSwkaGrykZXXfocSCd3TKqjZATtjPViK5qOXs+14B
uMakYRXEKrkJe7mY3BNWXjvR1xAXhif3eiyh5PlDgf1ynS6Wfrw8jQFuBbe9Hy7x
dBVl+anyLhzPahCNli7KKJAkjReZSUGQB8eXljestNpV2S9DYJy5ddxELvs9TlNl
m9R7zRKWUGr7j1R0bJlQJyTxnGwFbXRGP/vNAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUWYg58vzfd/Z6TaUKprLQDalWh2swHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL1dZZzU4dnpmZF9aNlRh
VUtwckxRRGFsV2gycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BARxH0ADBARxH4AwDQYJKoZIhvcNAQELBQADggEBACCF1/W+8NtjrB9g0kzkSaLT
x0RVx9TM/M7rC9FKYL6PKU3eGsm8V2lfZCzGLmtKDNmyALH5RHQnConAkzUFUumc
Tr+xuz+MvCq6GpKarLAcsFNMXOfwYgd6sQm1AcodjM6bHrkbTMVlE4A6wi/6VrY5
ArjXQxHCO9nElsm3F0GLpipkyWF+ye5fa/gRZA92Ie0w/sSfRXr2ikpUlnqwfpka
2b7L2GveFBdKQeFx9J38/otmcJ+WgmJJfzjuxTZKwFbnV964pVOvsJz6brojTflg
dMluNxmEKCz7xYXg/PuHqqFdyUXKOwMSwgHAsS/jxIMQQnyleGkZV9VGun1so90=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:11 2025 by rpki-client