Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1200/2XEBblbU0AtO7E6g_mThkL95ubE.roa
File: 2XEBblbU0AtO7E6g_mThkL95ubE.roa (raw, json)
Hash identifier: DUInj+jg8J7IJSWSU2YD6iUFjAi3mK5xuxno0tl+ZGU=
Subject key identifier: D9:71:01:6E:56:D4:D0:0B:4E:EC:4E:A0:FE:64:E1:90:BF:79:B9:B1
Certificate issuer: /CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD
Certificate serial: 12B6
Authority key identifier: 61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/2XEBblbU0AtO7E6g_mThkL95ubE.roa
Signing time: Fri 17 Jan 2025 01:23:57 +0000
ROA not before: Fri 17 Jan 2025 01:23:57 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59022
IP address blocks: 45.115.244.0/22 maxlen: 22
103.56.20.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4790 (0x12b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD
Validity
Not Before: Jan 17 01:23:57 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D971016E56D4D00B4EEC4EA0FE64E190BF79B9B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:c8:9c:91:b1:6e:ae:50:b5:c6:6b:68:0b:
92:f6:23:8c:df:bf:db:23:72:78:32:1f:87:eb:6c:
4a:51:30:30:e5:b4:77:41:67:90:20:ba:a1:b4:d6:
f8:38:63:bf:0c:d4:5c:87:72:31:21:84:b4:97:dd:
fa:5a:1f:e1:05:75:3a:a6:27:6d:08:fb:ca:b9:fa:
7c:bc:61:b0:5c:91:ab:e8:86:b2:8d:75:e9:e7:5a:
ec:d7:fc:10:59:0e:ac:74:9a:3b:18:29:2c:e9:7c:
08:09:1b:9b:bb:de:93:96:f2:8d:85:1d:d5:7a:a1:
d9:1a:e2:f8:0f:4d:8f:5f:fe:f3:c1:fd:d3:5f:cd:
e0:72:0d:a5:62:61:26:3f:e6:55:3e:6d:1e:37:fc:
64:99:ee:3a:5a:d2:10:16:2e:f6:c9:42:6f:6b:83:
31:27:66:e5:a7:15:a4:2b:c6:e2:3f:70:09:ba:f0:
12:ac:20:cb:ea:00:83:c3:42:cd:20:0f:d4:15:8e:
78:0f:2d:a1:48:f2:fd:1c:61:e0:5f:9b:fe:38:a2:
c8:b6:53:0f:3b:d0:74:fb:03:38:22:6a:d0:d1:4d:
e1:a6:ee:c7:5c:89:2d:a0:8e:1d:d7:41:4b:07:cf:
42:69:bf:df:a7:f9:29:ba:73:43:71:33:b2:ad:56:
d5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:71:01:6E:56:D4:D0:0B:4E:EC:4E:A0:FE:64:E1:90:BF:79:B9:B1
X509v3 Authority Key Identifier:
keyid:61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/2XEBblbU0AtO7E6g_mThkL95ubE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.244.0/22
103.56.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:db:e2:8f:98:c4:cb:92:83:9a:0b:c2:fb:26:b2:69:87:39:
63:5f:20:2b:99:ba:b9:2a:ef:e6:d3:c2:14:7e:b7:d4:77:c0:
31:65:a4:e0:4f:de:fe:a5:06:63:d5:bf:e5:81:65:c2:35:01:
1d:62:e9:da:95:f4:cc:85:1d:dc:10:b4:6f:b7:1b:e5:63:5b:
83:3f:e5:dd:63:e1:08:51:e2:e6:cf:09:6b:95:15:5a:8d:66:
c9:3a:00:b2:9d:29:00:3f:50:c9:09:a9:cb:a1:27:45:28:59:
c4:8d:95:db:8b:ce:af:3d:dd:f7:cd:79:8c:13:a1:92:0d:0f:
dc:6b:9f:e6:a1:7f:a0:55:08:7c:5e:d0:20:3b:d3:0d:b8:4c:
da:e6:93:57:24:39:29:9a:ac:75:a2:be:b4:0f:4e:e7:c1:9b:
e0:b7:37:58:0b:48:9c:34:05:27:96:f8:f3:cb:e1:c5:dd:f5:
2b:39:ab:e8:ce:fa:0c:ac:67:35:f0:fb:86:07:d0:a5:77:0a:
80:eb:e3:9c:8d:27:3a:7b:ce:0e:e1:92:59:e5:41:f5:05:8d:
bb:53:73:2e:21:2c:5d:9f:f5:94:f8:ed:1a:c7:c7:6a:9a:14:
df:6b:9e:bd:15:90:61:b1:5d:bb:14:f9:39:a4:52:20:1e:d8:
f1:a9:00:37
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICErYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE5
MUFBQ0RDRTU2MEE3NEQ4M0MwNURBOEVBOTMyN0FGOTQ0REJCRDAeFw0yNTAxMTcw
MTIzNTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ5NzEwMTZFNTZENEQw
MEI0RUVDNEVBMEZFNjRFMTkwQkY3OUI5QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMIcickbFurlC1xmtoC5L2I4zfv9sjcngyH4frbEpRMDDltHdB
Z5AguqG01vg4Y78M1FyHcjEhhLSX3fpaH+EFdTqmJ20I+8q5+ny8YbBckavohrKN
dennWuzX/BBZDqx0mjsYKSzpfAgJG5u73pOW8o2FHdV6odka4vgPTY9f/vPB/dNf
zeByDaViYSY/5lU+bR43/GSZ7jpa0hAWLvbJQm9rgzEnZuWnFaQrxuI/cAm68BKs
IMvqAIPDQs0gD9QVjngPLaFI8v0cYeBfm/44osi2Uw870HT7AzgiatDRTeGm7sdc
iS2gjh3XQUsHz0Jpv9+n+Sm6c0NxM7KtVtWPAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQU2XEBblbU0AtO7E6g/mThkL95ubEwHwYDVR0jBBgwFoAUYZGqzc5WCnTYPAXa
jqkyevlE270wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIw
MC9ZWkdxemM1V0NuVFlQQVhhanFreWV2bEUyNzAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1laR3F6YzVXQ25UWVBBWGFqcWt5ZXZsRTI3MC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMDAvMlhFQmJsYlUwQXRP
N0U2Z19tVGhrTDk1dWJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAi1z9AMEAmc4FDANBgkqhkiG9w0BAQsFAAOCAQEAH9vij5jEy5KDmgvC+yay
aYc5Y18gK5m6uSrv5tPCFH631HfAMWWk4E/e/qUGY9W/5YFlwjUBHWLp2pX0zIUd
3BC0b7cb5WNbgz/l3WPhCFHi5s8Ja5UVWo1myToAsp0pAD9QyQmpy6EnRShZxI2V
24vOrz3d9815jBOhkg0P3Guf5qF/oFUIfF7QIDvTDbhM2uaTVyQ5KZqsdaK+tA9O
58Gb4Lc3WAtInDQFJ5b488vhxd31Kzmr6M76DKxnNfD7hgfQpXcKgOvjnI0nOnvO
DuGSWeVB9QWNu1NzLiEsXZ/1lPjtGsfHapoU32uevRWQYbFduxT5OaRSIB7Y8akA
Nw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 09:09:41 2025 by rpki-client