Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/3m_0t9tLUk_fLyxR-mjB3D5xcH4.roa
File: 3m_0t9tLUk_fLyxR-mjB3D5xcH4.roa (raw, json)
Hash identifier: TXDcqyBrW3YGnOdOGEGkdYh6sZvdGUWsGOS0LwkRM3Q=
Subject key identifier: DE:6F:F4:B7:DB:4B:52:4F:DF:2F:2C:51:FA:68:C1:DC:3E:71:70:7E
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: A1
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/3m_0t9tLUk_fLyxR-mjB3D5xcH4.roa
Signing time: Fri 06 Jun 2025 01:46:35 +0000
ROA not before: Fri 06 Jun 2025 01:46:35 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 24400
IP address blocks: 240a:429e::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161 (0xa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 01:46:35 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=DE6FF4B7DB4B524FDF2F2C51FA68C1DC3E71707E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d9:8d:12:e3:39:e3:ba:f3:df:b6:4e:71:b8:
23:9d:72:5f:22:66:f9:57:18:eb:52:84:86:eb:91:
0c:cc:b5:9e:08:b8:fb:7b:60:44:4d:1c:77:59:16:
12:00:33:fd:83:08:4e:bf:ac:7b:2a:74:b6:49:4b:
b1:8d:ea:ef:74:58:2a:66:a3:7e:0d:00:b8:59:ca:
69:81:39:d5:52:82:7f:36:5f:f7:fd:1f:78:af:27:
31:40:cd:bc:4c:93:99:d3:37:d3:bf:b1:8b:02:c6:
8d:a3:65:fc:18:05:9c:cc:1d:c1:6b:41:f5:f1:28:
44:bc:bc:84:0e:39:0c:22:df:ef:34:48:76:8c:f9:
f3:02:06:65:db:9d:23:9f:60:56:37:9d:ec:6a:cd:
db:69:a0:7a:a3:c8:c3:0b:b9:07:a0:38:7c:fb:76:
8e:1f:ee:69:f6:35:41:20:f1:39:31:40:18:8b:a4:
0e:cb:bb:ce:56:f0:40:6c:88:23:2b:9b:ea:ba:5e:
36:71:34:84:1a:18:9e:19:a4:fe:76:fd:c7:8f:5c:
87:04:a2:fb:db:82:e2:fd:7b:87:78:af:bd:eb:f2:
2a:5b:eb:2c:a9:33:a0:a6:8e:c6:91:27:f6:c4:6d:
3f:34:47:a2:64:f1:7f:eb:6a:c6:c1:eb:64:e0:3e:
9b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6F:F4:B7:DB:4B:52:4F:DF:2F:2C:51:FA:68:C1:DC:3E:71:70:7E
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/3m_0t9tLUk_fLyxR-mjB3D5xcH4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:429e::/31
Signature Algorithm: sha256WithRSAEncryption
2c:43:28:a8:e0:82:13:d8:3c:52:7d:39:43:55:8d:a7:21:fe:
68:5d:fa:db:79:a4:c6:d8:6a:cd:31:2e:31:ab:4f:80:67:94:
3e:a8:2b:de:6b:16:05:6e:fa:cd:e8:05:c9:1c:6b:48:2a:92:
26:2b:de:07:9b:0a:43:1d:b9:93:09:ef:5c:86:7a:29:4e:05:
b2:52:c3:e2:08:de:1f:35:b2:33:65:2b:7b:2c:7f:2f:c9:75:
11:61:22:42:82:0f:9c:9e:ef:02:7d:14:e8:04:36:10:19:d6:
dc:73:ad:66:a8:13:68:56:19:9c:82:b2:fd:91:b5:96:48:47:
6d:f3:35:88:76:be:61:19:ba:92:00:4e:37:d1:07:6c:d2:e6:
12:20:42:10:f4:92:33:54:d5:e4:0a:a1:30:d1:12:d3:ce:3b:
4e:aa:c8:d7:65:5a:df:11:81:6a:4e:b2:8a:ca:7d:19:46:0a:
52:b0:89:17:30:b7:04:ec:a8:66:c2:c4:76:96:04:df:c9:45:
6b:d8:87:23:ca:cb:ca:38:55:33:af:fe:2d:74:7f:e6:be:06:
d1:80:cd:2b:94:9e:3a:fa:87:b8:a4:f6:bb:3c:d7:95:c5:99:
1e:06:3e:dc:2d:50:b2:61:6d:82:f9:44:3f:68:2d:50:fc:d1:
c8:61:f8:29
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MTQ2MzVaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKERFNkZGNEI3REI0QjUy
NEZERjJGMkM1MUZBNjhDMURDM0U3MTcwN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCb2Y0S4znjuvPftk5xuCOdcl8iZvlXGOtShIbrkQzMtZ4IuPt7
YERNHHdZFhIAM/2DCE6/rHsqdLZJS7GN6u90WCpmo34NALhZymmBOdVSgn82X/f9
H3ivJzFAzbxMk5nTN9O/sYsCxo2jZfwYBZzMHcFrQfXxKES8vIQOOQwi3+80SHaM
+fMCBmXbnSOfYFY3nexqzdtpoHqjyMMLuQegOHz7do4f7mn2NUEg8TkxQBiLpA7L
u85W8EBsiCMrm+q6XjZxNIQaGJ4ZpP52/cePXIcEovvbguL9e4d4r73r8ipb6yyp
M6CmjsaRJ/bEbT80R6Jk8X/rasbB62TgPpulAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU3m/0t9tLUk/fLyxR+mjB3D5xcH4wHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvM21fMHQ5dExVa19m
THl4Ui1takIzRDV4Y0g0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFASQKQp4wDQYJKoZIhvcNAQELBQADggEBACxDKKjgghPYPFJ9OUNVjach/mhd
+tt5pMbYas0xLjGrT4BnlD6oK95rFgVu+s3oBckca0gqkiYr3gebCkMduZMJ71yG
eilOBbJSw+II3h81sjNlK3ssfy/JdRFhIkKCD5ye7wJ9FOgENhAZ1txzrWaoE2hW
GZyCsv2RtZZIR23zNYh2vmEZupIATjfRB2zS5hIgQhD0kjNU1eQKoTDREtPOO06q
yNdlWt8RgWpOsorKfRlGClKwiRcwtwTsqGbCxHaWBN/JRWvYhyPKy8o4VTOv/i10
f+a+BtGAzSuUnjr6h7ik9rs815XFmR4GPtwtULJhbYL5RD9oLVD80chh+Ck=
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:53:34 2025 by rpki-client