Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/CYZj5v31jAC4RJA_dg61zpo0e5I.roa
File: CYZj5v31jAC4RJA_dg61zpo0e5I.roa (raw, json)
Hash identifier: 5yHVVy/atLJIlYKNxABjRwfZMM+tAJFkzwEbnXTHnJk=
Subject key identifier: 09:86:63:E6:FD:F5:8C:00:B8:44:90:3F:76:0E:B5:CE:9A:34:7B:92
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 94
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/CYZj5v31jAC4RJA_dg61zpo0e5I.roa
Signing time: Fri 06 Jun 2025 01:44:54 +0000
ROA not before: Fri 06 Jun 2025 01:44:54 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56044
IP address blocks: 240a:4296::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148 (0x94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 01:44:54 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=098663E6FDF58C00B844903F760EB5CE9A347B92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:41:33:20:2e:8d:1e:16:39:62:ef:cf:b6:
40:0a:b7:27:a3:69:65:17:4c:10:c2:cd:ea:ba:b7:
30:1f:61:21:34:b7:3f:d5:db:32:6d:48:82:87:c8:
a4:1a:8f:a9:6f:09:a9:42:d6:94:9f:ae:92:99:06:
20:33:03:59:b3:7e:b5:e5:9d:61:cc:f1:f9:00:44:
e5:03:7a:e6:65:35:dd:d6:b4:ef:15:93:04:35:c0:
67:95:92:64:50:28:26:c5:13:ec:5a:b2:af:55:b5:
db:3a:68:b4:d9:0a:dd:03:82:68:4a:e9:18:80:8c:
85:93:fa:d0:7c:d8:93:2a:68:45:ec:90:9f:0b:3c:
69:46:39:e7:0f:93:7a:93:13:5d:a9:54:ec:c5:af:
17:89:6d:47:00:e8:d7:75:72:b3:ea:11:ea:67:64:
71:e1:51:47:95:1a:e2:4d:a6:8c:b4:21:6c:57:ca:
af:ad:72:f2:c9:9c:a1:a1:0b:b3:3c:99:33:e0:68:
79:16:0d:ac:dc:00:89:e2:5d:db:08:25:12:12:2c:
aa:8c:0d:fd:d5:7d:51:25:54:1f:3c:05:01:d4:d3:
d6:75:67:97:a8:cc:b0:32:e3:6b:97:c7:54:64:a0:
ed:9e:09:dc:63:c2:23:8d:9c:d5:b6:f4:fd:06:16:
76:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:86:63:E6:FD:F5:8C:00:B8:44:90:3F:76:0E:B5:CE:9A:34:7B:92
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/CYZj5v31jAC4RJA_dg61zpo0e5I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:4296::/31
Signature Algorithm: sha256WithRSAEncryption
9e:17:9e:a7:82:6f:7b:df:ce:d0:49:9b:cb:4b:f2:67:1b:c0:
90:da:4e:de:a9:ef:b1:dd:60:f5:9d:e2:c7:84:b4:ee:db:c3:
29:34:d8:5c:f6:3d:e9:48:a7:9b:c1:ad:fb:c2:96:ba:fd:48:
ab:15:8e:31:3d:56:0e:98:15:fd:87:52:b0:a3:81:ab:8a:a0:
66:3c:10:3b:40:2d:42:53:e2:9b:38:b7:53:ac:35:a5:b1:64:
ca:16:11:74:0b:36:c5:d0:20:38:03:df:53:08:4a:a5:1a:ba:
62:6e:18:39:d0:22:4c:ca:6d:91:fd:fd:5b:6d:a8:53:bb:96:
51:b4:36:bf:85:ec:23:14:12:59:56:e3:82:d4:ea:ee:98:6b:
07:d7:9f:71:6f:bf:78:82:7f:d1:4f:01:52:e2:6a:9c:03:56:
db:51:60:a8:57:ea:93:36:96:ca:92:5a:5d:bb:f0:39:2c:21:
15:a2:99:da:a6:39:b7:48:72:a1:31:f4:bd:8b:37:25:0b:b3:
89:5d:33:01:1a:ee:ac:51:47:9d:78:12:ba:a0:95:fd:bf:4b:
cf:5b:6c:ff:2e:cd:e6:26:cf:a7:d0:0e:1b:8b:82:d1:55:d0:
97:54:03:46:f9:87:d2:d0:2e:6a:f4:8a:e3:50:78:58:f0:c3:
4b:5b:90:0c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICAJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MTQ0NTRaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDA5ODY2M0U2RkRGNThD
MDBCODQ0OTAzRjc2MEVCNUNFOUEzNDdCOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6QkEzIC6NHhY5Yu/PtkAKtyejaWUXTBDCzeq6tzAfYSE0tz/V
2zJtSIKHyKQaj6lvCalC1pSfrpKZBiAzA1mzfrXlnWHM8fkAROUDeuZlNd3WtO8V
kwQ1wGeVkmRQKCbFE+xasq9Vtds6aLTZCt0DgmhK6RiAjIWT+tB82JMqaEXskJ8L
PGlGOecPk3qTE12pVOzFrxeJbUcA6Nd1crPqEepnZHHhUUeVGuJNpoy0IWxXyq+t
cvLJnKGhC7M8mTPgaHkWDazcAIniXdsIJRISLKqMDf3VfVElVB88BQHU09Z1Z5eo
zLAy42uXx1RkoO2eCdxjwiONnNW29P0GFnYhAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUCYZj5v31jAC4RJA/dg61zpo0e5IwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvQ1laajV2MzFqQUM0
UkpBX2RnNjF6cG8wZTVJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFASQKQpYwDQYJKoZIhvcNAQELBQADggEBAJ4XnqeCb3vfztBJm8tL8mcbwJDa
Tt6p77HdYPWd4seEtO7bwyk02Fz2PelIp5vBrfvClrr9SKsVjjE9Vg6YFf2HUrCj
gauKoGY8EDtALUJT4ps4t1OsNaWxZMoWEXQLNsXQIDgD31MISqUaumJuGDnQIkzK
bZH9/VttqFO7llG0Nr+F7CMUEllW44LU6u6YawfXn3Fvv3iCf9FPAVLiapwDVttR
YKhX6pM2lsqSWl278DksIRWimdqmObdIcqEx9L2LNyULs4ldMwEa7qxRR514Erqg
lf2/S89bbP8uzeYmz6fQDhuLgtFV0JdUA0b5h9LQLmr0iuNQeFjww0tbkAw=
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:56:00 2025 by rpki-client