Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa
File: XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa (raw, json)
Hash identifier: HgLWNCoewgztXDMInYU1fjL5uUjEdzctKTT+Bg59jgo=
Subject key identifier: 5E:98:02:14:33:AA:D9:0F:4B:C8:39:6A:04:4E:4A:1F:6C:50:A4:7C
Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Certificate serial: 1447
Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa
Signing time: Tue 27 May 2025 00:18:51 +0000
ROA not before: Tue 27 May 2025 00:18:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 211392
IP address blocks: 45.250.153.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5191 (0x1447)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Validity
Not Before: May 27 00:18:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5E98021433AAD90F4BC8396A044E4A1F6C50A47C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cd:2f:35:42:e1:f5:c2:85:6a:04:21:d4:31:
60:64:ad:75:97:10:b8:c1:25:8e:8c:ea:d0:a1:4c:
7f:a7:d2:fc:6d:e2:ea:12:77:cd:a7:b0:5a:c2:b3:
11:4d:55:d4:df:40:52:c5:52:54:29:75:8c:06:6e:
32:d1:89:07:00:64:9b:f7:7a:90:ba:86:3a:de:ea:
7f:4f:59:03:d3:ba:50:ff:f2:df:cf:aa:7c:b0:4e:
da:cd:41:7a:b2:a1:b8:5c:f1:15:6e:d4:9f:60:37:
7d:04:0e:94:78:3b:03:30:17:7a:5d:df:e4:0f:7e:
05:27:cf:1f:c3:6d:17:a9:70:f9:22:dd:09:7a:d6:
6a:86:1a:dc:8d:64:fe:f4:6b:4e:97:56:64:86:3a:
56:a7:62:ad:58:da:38:64:3b:6c:ff:5e:36:42:9b:
e8:07:ae:a7:2c:8c:3d:1e:7b:ab:77:25:2f:14:ec:
8f:e3:0c:c4:43:23:e8:8b:a3:21:38:94:7b:a7:af:
cc:b1:56:dd:a0:1c:be:24:cd:8c:8a:2e:d5:90:90:
20:92:d5:e6:e0:62:aa:73:fb:46:0a:1c:69:52:48:
3c:26:15:78:5b:d3:3c:b8:ec:e4:5f:df:95:40:c7:
3d:ac:2d:20:8e:66:b5:2c:d1:6d:09:0a:cd:bd:dd:
54:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:98:02:14:33:AA:D9:0F:4B:C8:39:6A:04:4E:4A:1F:6C:50:A4:7C
X509v3 Authority Key Identifier:
keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.153.0/24
Signature Algorithm: sha256WithRSAEncryption
19:35:51:de:82:22:f3:b7:25:17:53:ba:6a:6a:8e:44:e4:6d:
ed:43:fa:31:4c:8a:76:a6:0a:ce:7f:70:6f:3f:ec:40:fe:a6:
f3:77:c5:58:b8:7d:14:d7:ef:8a:74:61:6f:de:a8:cb:35:0a:
15:dc:1d:73:a1:8b:45:3b:e0:38:ba:03:57:6b:7f:e9:66:37:
97:74:b2:b2:1b:8d:63:b1:98:76:12:c7:67:7c:9b:d3:f9:06:
7a:b5:b0:62:9b:37:67:6a:cc:bf:16:80:d5:93:1c:8c:15:5d:
03:aa:1a:d7:32:d9:0c:be:2f:2d:2e:4b:b1:ef:04:a8:d2:59:
8c:b4:81:5a:22:37:d3:de:47:70:6d:d9:1a:be:5f:45:05:1f:
12:0f:68:80:96:79:99:b9:71:52:7b:1f:32:ad:db:dc:f8:20:
cf:dd:8f:d0:6e:c3:79:70:56:40:93:8b:4f:e8:4e:72:67:25:
5c:89:b6:4a:49:28:30:00:8b:fd:1a:07:5d:85:4f:9e:c3:0d:
a2:5a:b1:1c:ff:c2:0b:06:0e:47:a5:30:f0:87:e9:68:5d:b1:
75:67:1b:9a:d4:4d:ec:73:18:27:47:1f:11:98:99:c8:ae:3c:
85:9a:e1:d8:9f:d4:97:3c:b6:a0:af:19:ea:e8:b0:f3:bd:1d:
a3:7d:8c:c3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw
OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1Mjcw
MDE4NTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVFOTgwMjE0MzNBQUQ5
MEY0QkM4Mzk2QTA0NEU0QTFGNkM1MEE0N0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRzS81QuH1woVqBCHUMWBkrXWXELjBJY6M6tChTH+n0vxt4uoS
d82nsFrCsxFNVdTfQFLFUlQpdYwGbjLRiQcAZJv3epC6hjre6n9PWQPTulD/8t/P
qnywTtrNQXqyobhc8RVu1J9gN30EDpR4OwMwF3pd3+QPfgUnzx/DbRepcPki3Ql6
1mqGGtyNZP70a06XVmSGOlanYq1Y2jhkO2z/XjZCm+gHrqcsjD0ee6t3JS8U7I/j
DMRDI+iLoyE4lHunr8yxVt2gHL4kzYyKLtWQkCCS1ebgYqpz+0YKHGlSSDwmFXhb
0zy47ORf35VAxz2sLSCOZrUs0W0JCs293VS1AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUXpgCFDOq2Q9LyDlqBE5KH2xQpHwwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R
7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2
OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvWHBnQ0ZET3EyUTlM
eURscUJFNUtIMnhRcEh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAC36mTANBgkqhkiG9w0BAQsFAAOCAQEAGTVR3oIi87clF1O6amqORORt7UP6
MUyKdqYKzn9wbz/sQP6m83fFWLh9FNfvinRhb96oyzUKFdwdc6GLRTvgOLoDV2t/
6WY3l3SyshuNY7GYdhLHZ3yb0/kGerWwYps3Z2rMvxaA1ZMcjBVdA6oa1zLZDL4v
LS5Lse8EqNJZjLSBWiI3095HcG3ZGr5fRQUfEg9ogJZ5mblxUnsfMq3b3Pggz92P
0G7DeXBWQJOLT+hOcmclXIm2SkkoMACL/RoHXYVPnsMNolqxHP/CCwYOR6Uw8Ifp
aF2xdWcbmtRN7HMYJ0cfEZiZyK48hZrh2J/Ulzy2oK8Z6uiw870do32Mww==
-----END CERTIFICATE-----
Generated at Mon Jul 21 13:28:56 2025 by rpki-client