Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/hq9TDq6LE81Ov8wCzXE6cXtRMKo.roa
File: hq9TDq6LE81Ov8wCzXE6cXtRMKo.roa (raw, json)
Hash identifier: 3R4659VRIH6MyoyVcnJnqfS3Ce/1Ey2JCJ42FVbI8Bo=
Subject key identifier: 86:AF:53:0E:AE:8B:13:CD:4E:BF:CC:02:CD:71:3A:71:7B:51:30:AA
Certificate issuer: /CN=DEB86EAADEE1C17ECE2A7FF6388526F7A9260D47
Certificate serial: 0EE1
Authority key identifier: DE:B8:6E:AA:DE:E1:C1:7E:CE:2A:7F:F6:38:85:26:F7:A9:26:0D:47
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3rhuqt7hwX7OKn_2OIUm96kmDUc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/hq9TDq6LE81Ov8wCzXE6cXtRMKo.roa
Signing time: Fri 21 Mar 2025 03:28:56 +0000
ROA not before: Fri 21 Mar 2025 03:28:56 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4134
IP address blocks: 113.31.128.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3809 (0xee1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEB86EAADEE1C17ECE2A7FF6388526F7A9260D47
Validity
Not Before: Mar 21 03:28:56 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=86AF530EAE8B13CD4EBFCC02CD713A717B5130AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:c3:47:38:55:fe:9b:7d:ed:19:76:ff:dc:
9c:9c:c7:d0:4f:60:07:16:95:41:1d:96:e4:e0:dc:
ee:43:7f:1b:ac:d1:06:1f:27:b8:2d:23:6c:94:5f:
97:10:c8:8e:bf:7e:ce:5c:1e:35:1b:1b:e5:a6:0b:
73:c6:44:20:2e:82:8c:ee:81:9a:d5:fe:8a:79:d0:
1d:ba:99:9b:b2:41:0e:bb:a2:07:b7:90:a0:c9:fe:
6d:88:d0:11:7b:1f:a6:7d:08:fb:db:80:7a:64:2a:
0e:92:eb:d6:44:04:6d:c8:f5:6a:12:33:4c:fa:1d:
7f:99:0a:29:f4:c9:ad:e5:f0:0d:d0:33:2f:ea:f5:
f3:15:ac:44:1b:70:df:c8:c6:65:bc:e3:2d:fc:27:
2f:0e:d7:35:c0:3e:e7:3e:b5:63:fc:37:e4:3b:72:
e7:73:63:29:54:6a:20:94:88:07:61:1c:31:98:0a:
2b:d1:cf:ef:a7:ea:ea:0b:8c:40:77:bf:12:3d:40:
48:38:8b:1d:ca:60:77:96:d5:73:05:1c:14:4c:2c:
9f:f0:74:05:ab:cc:2e:bd:2f:3d:9b:5c:35:ce:71:
17:28:dd:3c:46:9b:18:2e:bf:d1:75:89:ec:d3:3d:
c2:14:ec:15:21:2b:18:a0:17:9a:3d:60:f3:5e:fc:
74:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AF:53:0E:AE:8B:13:CD:4E:BF:CC:02:CD:71:3A:71:7B:51:30:AA
X509v3 Authority Key Identifier:
keyid:DE:B8:6E:AA:DE:E1:C1:7E:CE:2A:7F:F6:38:85:26:F7:A9:26:0D:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/3rhuqt7hwX7OKn_2OIUm96kmDUc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3rhuqt7hwX7OKn_2OIUm96kmDUc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/hq9TDq6LE81Ov8wCzXE6cXtRMKo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.128.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:af:c8:fd:15:4e:b1:cd:7a:fc:f4:06:7c:33:a4:a6:aa:3d:
81:84:f1:ef:ee:7f:b1:8b:ae:7a:6c:42:d3:5e:26:47:9f:12:
37:b6:6d:10:a8:d2:57:60:15:65:81:d9:98:66:b2:c4:d6:b1:
fd:93:1e:78:83:33:b6:1a:6b:61:0f:8d:4a:60:26:68:66:32:
31:ed:e2:16:ce:c8:68:43:34:1b:e9:34:38:8e:1a:44:66:1e:
9f:f6:99:a1:f1:7e:af:6a:6c:2d:d5:ac:cb:1f:d4:f8:71:72:
d4:29:82:78:cb:1a:a4:50:68:fc:95:5a:81:9c:a3:62:76:db:
39:65:95:2d:41:12:3a:45:b7:01:4d:2f:e6:96:82:2a:c4:38:
5e:23:53:96:d5:ae:d5:a4:f5:3f:8d:e1:5b:9b:f4:36:73:45:
6c:5c:d6:58:bb:f1:bb:52:37:a3:7d:b6:96:cd:c1:0c:6e:be:
68:6c:95:7c:29:3e:89:1e:29:e2:bf:6d:2e:7f:47:05:48:3c:
fb:93:0c:98:14:c7:2b:63:4b:da:1a:29:93:af:2b:22:a6:d1:
a2:58:a2:bc:8f:41:16:46:9e:78:d6:77:4e:0f:a4:f1:f5:7c:
e4:95:c9:e3:29:57:2f:e6:59:2a:74:de:9c:ff:e9:b8:ab:2d:
69:cf:72:dd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDuEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC
ODZFQUFERUUxQzE3RUNFMkE3RkY2Mzg4NTI2RjdBOTI2MEQ0NzAeFw0yNTAzMjEw
MzI4NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg2QUY1MzBFQUU4QjEz
Q0Q0RUJGQ0MwMkNENzEzQTcxN0I1MTMwQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0+sNHOFX+m33tGXb/3Jycx9BPYAcWlUEdluTg3O5Dfxus0QYf
J7gtI2yUX5cQyI6/fs5cHjUbG+WmC3PGRCAugozugZrV/op50B26mZuyQQ67oge3
kKDJ/m2I0BF7H6Z9CPvbgHpkKg6S69ZEBG3I9WoSM0z6HX+ZCin0ya3l8A3QMy/q
9fMVrEQbcN/IxmW84y38Jy8O1zXAPuc+tWP8N+Q7cudzYylUaiCUiAdhHDGYCivR
z++n6uoLjEB3vxI9QEg4ix3KYHeW1XMFHBRMLJ/wdAWrzC69Lz2bXDXOcRco3TxG
mxguv9F1iezTPcIU7BUhKxigF5o9YPNe/HTrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhq9TDq6LE81Ov8wCzXE6cXtRMKowHwYDVR0jBBgwFoAU3rhuqt7hwX7OKn/2
OIUm96kmDUcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
LzNyaHVxdDdod1g3T0tuXzJPSVVtOTZrbURVYy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvM3JodXF0N2h3WDdPS25fMk9JVW05NmttRFVjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2hxOVREcTZMRTgxT3Y4
d0N6WEU2Y1h0Uk1Lby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANxH4AwDQYJKoZIhvcNAQELBQADggEBALevyP0VTrHNevz0BnwzpKaqPYGE8e/u
f7GLrnpsQtNeJkefEje2bRCo0ldgFWWB2ZhmssTWsf2THniDM7Yaa2EPjUpgJmhm
MjHt4hbOyGhDNBvpNDiOGkRmHp/2maHxfq9qbC3VrMsf1PhxctQpgnjLGqRQaPyV
WoGco2J22zlllS1BEjpFtwFNL+aWgirEOF4jU5bVrtWk9T+N4Vub9DZzRWxc1li7
8btSN6N9tpbNwQxuvmhslXwpPokeKeK/bS5/RwVIPPuTDJgUxytjS9oaKZOvKyKm
0aJYoryPQRZGnnjWd04PpPH1fOSVyeMpVy/mWSp03pz/6birLWnPct0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:41 2025 by rpki-client