Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/22/si24gGFg-sQtUpvK4DZtlqNS05c.roa
File: si24gGFg-sQtUpvK4DZtlqNS05c.roa (raw, json)
Hash identifier: /h7TLGBM959FC9Cv5rtuoN4A205gm+8xj8hpkkz0h/c=
Subject key identifier: B2:2D:B8:80:61:60:FA:C4:2D:52:9B:CA:E0:36:6D:96:A3:52:D3:97
Certificate issuer: /CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850
Certificate serial: 07
Authority key identifier: EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/si24gGFg-sQtUpvK4DZtlqNS05c.roa
Signing time: Tue 14 Jan 2025 08:18:20 +0000
ROA not before: Tue 14 Jan 2025 08:18:20 +0000
ROA not after: Wed 14 Jan 2026 07:53:29 +0000
asID: 17969
IP address blocks: 27.144.0.0/16 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850
Validity
Not Before: Jan 14 08:18:20 2025 GMT
Not After : Jan 14 07:53:29 2026 GMT
Subject: CN=B22DB8806160FAC42D529BCAE0366D96A352D397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:51:b0:c7:f4:63:03:48:3b:25:85:69:5f:dc:
36:de:34:2e:b8:03:d4:70:56:c7:a4:0a:88:b1:3a:
1d:26:ad:0d:68:c8:1a:d1:fb:f2:86:b3:3e:50:1d:
46:e6:58:e1:fb:87:cf:42:1c:d5:66:7e:df:18:8c:
67:29:08:4f:e4:46:34:e5:26:2b:8a:5c:b7:c8:4b:
ee:38:03:29:9a:2e:22:c8:db:ad:f1:c7:57:33:fb:
bb:ec:09:2c:22:70:5d:3b:84:97:dc:65:1e:98:d4:
b3:71:fb:c7:b5:b9:43:69:36:75:9e:2b:e4:a7:45:
76:9d:f5:00:d8:d7:b8:9a:55:95:6b:ea:57:05:31:
1e:9f:01:51:d1:06:be:f7:eb:5a:52:5c:68:8d:0f:
c0:0c:11:77:75:51:a6:1a:62:28:4c:3f:29:7e:5a:
ca:4d:6e:da:96:9d:f5:9e:3e:46:86:7f:f4:a7:ce:
b8:a7:18:ff:e7:ae:c2:d2:77:68:e3:c4:f9:f8:70:
33:e0:34:04:5f:52:2f:85:2b:59:01:e0:f1:07:d0:
ec:89:bf:d7:09:46:3e:01:48:50:c5:d7:e6:83:28:
a1:0d:7d:26:ee:43:25:c4:d5:89:fc:3e:ee:28:fe:
75:9c:98:77:a9:0c:b3:d9:da:24:38:d5:31:12:ab:
21:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2D:B8:80:61:60:FA:C4:2D:52:9B:CA:E0:36:6D:96:A3:52:D3:97
X509v3 Authority Key Identifier:
keyid:EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/si24gGFg-sQtUpvK4DZtlqNS05c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.144.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:8a:f8:f7:bb:f3:08:75:9a:78:5b:e6:3e:40:ea:8a:70:47:
eb:ca:41:98:43:91:f7:c7:2d:3e:39:6a:64:d1:a5:ff:4a:fe:
ce:47:a8:14:53:58:1d:ad:69:73:86:68:ff:92:8f:cc:2f:15:
1f:b6:40:f1:3f:37:ab:bb:42:e6:5f:59:b1:f2:53:ac:cf:13:
c4:3e:02:9c:fc:a3:fa:7d:df:63:4d:76:39:96:50:4c:83:3e:
9f:0c:e3:60:69:55:5b:d0:44:6f:24:72:7b:2e:cb:4d:85:1b:
ca:ea:69:2a:63:3f:c6:fb:8f:ca:7a:b8:f9:9d:57:c0:00:ea:
4c:7f:87:65:ea:b2:08:99:9e:57:ac:d7:29:88:dc:ea:9f:93:
93:05:96:c4:63:e5:17:83:69:6b:70:58:6d:a7:60:e4:ca:55:
03:54:d7:a4:78:9f:2b:42:1d:00:c5:fb:1d:dc:80:f3:40:4d:
9a:4d:c8:61:67:cd:a6:ce:de:62:5a:1f:7c:36:21:79:78:63:
ba:1b:72:8c:57:0a:fe:22:ea:4d:7f:d1:37:23:75:30:ef:c8:
37:5a:9d:89:f6:34:ae:d7:9a:70:8f:1d:f3:1e:5c:ed:7e:80:
08:ee:23:73:5e:d8:1c:5d:32:d6:54:bd:71:62:83:e3:c5:21:
6a:76:da:69
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFQ0Iy
NzNCMDk3OTk3QzAyQjRGNTJFNUMxQkI0RkVGRTY2Nzk3ODUwMB4XDTI1MDExNDA4
MTgyMFoXDTI2MDExNDA3NTMyOVowMzExMC8GA1UEAxMoQjIyREI4ODA2MTYwRkFD
NDJENTI5QkNBRTAzNjZEOTZBMzUyRDM5NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMdRsMf0YwNIOyWFaV/cNt40LrgD1HBWx6QKiLE6HSatDWjIGtH7
8oazPlAdRuZY4fuHz0Ic1WZ+3xiMZykIT+RGNOUmK4pct8hL7jgDKZouIsjbrfHH
VzP7u+wJLCJwXTuEl9xlHpjUs3H7x7W5Q2k2dZ4r5KdFdp31ANjXuJpVlWvqVwUx
Hp8BUdEGvvfrWlJcaI0PwAwRd3VRphpiKEw/KX5ayk1u2pad9Z4+RoZ/9KfOuKcY
/+euwtJ3aOPE+fhwM+A0BF9SL4UrWQHg8QfQ7Im/1wlGPgFIUMXX5oMooQ19Ju5D
JcTVifw+7ij+dZyYd6kMs9naJDjVMRKrIYsCAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBSyLbiAYWD6xC1Sm8rgNm2Wo1LTlzAfBgNVHSMEGDAWgBTssnOwl5l8ArT1Llwb
tP7+Znl4UDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yMi83
TEp6c0plWmZBSzA5UzVjRzdULV9tWjVlRkEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwLzdMSnpzSmVaZkFLMDlTNWNHN1QtX21aNWVGQS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIyL3NpMjRnR0ZnLXNRdFVwdks0
RFp0bHFOUzA1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j
bi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwAb
kDANBgkqhkiG9w0BAQsFAAOCAQEAR4r497vzCHWaeFvmPkDqinBH68pBmEOR98ct
PjlqZNGl/0r+zkeoFFNYHa1pc4Zo/5KPzC8VH7ZA8T83q7tC5l9ZsfJTrM8TxD4C
nPyj+n3fY012OZZQTIM+nwzjYGlVW9BEbyRyey7LTYUbyuppKmM/xvuPynq4+Z1X
wADqTH+HZeqyCJmeV6zXKYjc6p+TkwWWxGPlF4Npa3BYbadg5MpVA1TXpHifK0Id
AMX7HdyA80BNmk3IYWfNps7eYloffDYheXhjuhtyjFcK/iLqTX/RNyN1MO/IN1qd
ifY0rteacI8d8x5c7X6ACO4jc17YHF0y1lS9cWKD48UhanbaaQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:57:03 2025 by rpki-client