Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/BM8bQ5ONRnzy1l5XaCqV1LIR3BU.roa
File: BM8bQ5ONRnzy1l5XaCqV1LIR3BU.roa (raw, json)
Hash identifier: wQ5Ffln5eZ/hEFh2Zn8qCbur2cTPG0PNcXsTaVM7P3Q=
Subject key identifier: 04:CF:1B:43:93:8D:46:7C:F2:D6:5E:57:68:2A:95:D4:B2:11:DC:15
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 5A
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/BM8bQ5ONRnzy1l5XaCqV1LIR3BU.roa
Signing time: Tue 27 May 2025 08:36:34 +0000
ROA not before: Tue 27 May 2025 08:36:34 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 24445
IP address blocks: 240a:42bc::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90 (0x5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: May 27 08:36:34 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=04CF1B43938D467CF2D65E57682A95D4B211DC15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6c:cb:df:f1:af:ad:6f:d1:fd:c9:93:1c:9e:
29:80:62:e1:3d:76:82:ec:00:89:20:7a:3c:29:76:
da:20:01:75:fb:7d:1d:d3:95:26:e6:af:36:2d:ea:
e8:7d:55:10:c5:64:b8:cb:7e:db:c7:c6:45:2d:a2:
b4:21:55:59:11:e5:a3:6c:2f:45:e4:d6:c4:b6:8f:
45:f0:88:b6:d5:c9:1c:bb:9e:9c:d6:72:1b:ad:4d:
f3:3f:1b:d5:ca:0e:fa:df:cf:f3:8d:eb:a9:b8:b7:
46:d4:dc:ba:a4:bc:ef:26:0a:45:0f:4d:50:b6:32:
19:a1:3a:0b:a3:03:3d:27:09:6e:cd:95:59:94:56:
f3:1b:e3:d3:aa:ec:e2:7e:d4:53:f4:4a:cd:ea:4d:
f5:af:12:c5:6e:32:f5:2b:d6:45:d4:e4:d6:e4:0e:
57:e7:58:67:b4:22:26:9c:35:af:fc:47:b2:a6:78:
1d:9c:d4:98:9d:f3:a1:2a:a0:41:f5:00:35:7f:cc:
ba:2f:63:fa:b9:6e:e5:00:b8:6e:ec:62:44:62:30:
91:02:ef:44:89:b8:8e:03:f4:58:d0:a8:f1:0d:20:
fe:8c:09:1f:82:5e:4d:df:4c:f6:14:78:19:4b:06:
ee:bb:43:d4:cf:5d:60:85:0e:af:04:23:39:e5:db:
b0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CF:1B:43:93:8D:46:7C:F2:D6:5E:57:68:2A:95:D4:B2:11:DC:15
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/BM8bQ5ONRnzy1l5XaCqV1LIR3BU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:42bc::/31
Signature Algorithm: sha256WithRSAEncryption
1a:2d:2d:fd:cc:8c:e4:64:dd:75:52:a4:6c:38:8b:d3:9e:91:
a1:00:46:e9:fd:f4:dc:db:1c:c9:51:a0:fc:b4:57:ff:d8:df:
80:10:85:d3:91:17:37:45:b8:b6:0c:84:cc:ec:2d:60:74:1b:
e7:a9:bc:b0:95:19:90:a0:31:32:d5:3a:b7:77:bb:40:8f:94:
6f:ce:97:32:6f:09:45:18:20:4f:4e:e6:96:c3:8e:27:d6:4b:
bc:ff:4e:65:e2:80:28:85:2c:38:3b:cd:dd:92:32:68:42:ef:
e0:a1:5a:56:79:a7:cf:c6:0f:5d:73:9b:94:dc:31:de:64:31:
52:5f:e1:44:f2:4c:31:3e:0f:c1:fd:16:c8:9c:e7:f7:cd:34:
6a:be:c4:b8:d4:e6:78:a6:76:34:54:a4:d7:d8:d4:15:0b:e4:
b2:45:48:bd:0a:a4:19:d1:73:37:ba:d0:d9:fa:f6:0f:47:6f:
95:06:dd:e2:cd:01:a8:b4:15:1c:b1:0b:1a:74:6d:60:5b:60:
05:34:b6:15:7c:ce:0d:bd:89:93:d8:87:f7:47:60:0c:c2:ed:
2b:69:46:8b:e8:0a:3f:9e:55:0d:d5:58:60:f3:1e:e1:e3:46:
a5:b2:0d:9c:6d:4f:3e:8c:27:2e:b9:c2:3f:e8:a7:5a:ef:49:
02:00:dd:1e
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG
RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4
MzYzNFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoMDRDRjFCNDM5MzhENDY3
Q0YyRDY1RTU3NjgyQTk1RDRCMjExREMxNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL9sy9/xr61v0f3JkxyeKYBi4T12guwAiSB6PCl22iABdft9HdOV
JuavNi3q6H1VEMVkuMt+28fGRS2itCFVWRHlo2wvReTWxLaPRfCIttXJHLuenNZy
G61N8z8b1coO+t/P843rqbi3RtTcuqS87yYKRQ9NULYyGaE6C6MDPScJbs2VWZRW
8xvj06rs4n7UU/RKzepN9a8SxW4y9SvWRdTk1uQOV+dYZ7QiJpw1r/xHsqZ4HZzU
mJ3zoSqgQfUANX/Mui9j+rlu5QC4buxiRGIwkQLvRIm4jgP0WNCo8Q0g/owJH4Je
Td9M9hR4GUsG7rtD1M9dYIUOrwQjOeXbsBsCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBQEzxtDk41GfPLWXldoKpXUshHcFTAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP
q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy
L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9CTThiUTVPTlJuenkx
bDVYYUNxVjFMSVIzQlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUBJApCvDANBgkqhkiG9w0BAQsFAAOCAQEAGi0t/cyM5GTddVKkbDiL056RoQBG
6f303NscyVGg/LRX/9jfgBCF05EXN0W4tgyEzOwtYHQb56m8sJUZkKAxMtU6t3e7
QI+Ub86XMm8JRRggT07mlsOOJ9ZLvP9OZeKAKIUsODvN3ZIyaELv4KFaVnmnz8YP
XXOblNwx3mQxUl/hRPJMMT4Pwf0WyJzn9800ar7EuNTmeKZ2NFSk19jUFQvkskVI
vQqkGdFzN7rQ2fr2D0dvlQbd4s0BqLQVHLELGnRtYFtgBTS2FXzODb2Jk9iH90dg
DMLtK2lGi+gKP55VDdVYYPMe4eNGpbINnG1PPownLrnCP+inWu9JAgDdHg==
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:58:54 2025 by rpki-client