Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/IU4645tbwQzNvlZJtIYypEo_pEg.roa
File: IU4645tbwQzNvlZJtIYypEo_pEg.roa (raw, json)
Hash identifier: mJiq0ns41nlHGyqhZ9qv786mK+SXJXilVdSri2mbtFM=
Subject key identifier: 21:4E:3A:E3:9B:5B:C1:0C:CD:BE:56:49:B4:86:32:A4:4A:3F:A4:48
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: C6
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/IU4645tbwQzNvlZJtIYypEo_pEg.roa
Signing time: Fri 06 Jun 2025 02:29:18 +0000
ROA not before: Fri 06 Jun 2025 02:29:18 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56046
IP address blocks: 240a:40c1:a000::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198 (0xc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 02:29:18 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=214E3AE39B5BC10CCDBE5649B48632A44A3FA448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9a:45:d5:7d:12:dd:99:e8:a2:5d:22:32:4d:
ec:31:c6:2d:a5:05:72:8b:e5:73:f8:05:57:7e:43:
fd:70:b6:f4:ad:f9:25:7e:a8:bb:f5:5c:df:ee:e5:
4a:64:35:2d:4d:31:bd:95:9b:86:f4:6d:b1:f2:a7:
d3:0c:0c:ca:bb:3a:c6:0d:e1:6f:66:08:04:41:e9:
d9:e7:a1:e9:02:19:39:19:5d:8c:1c:ac:c5:d8:8a:
5a:e8:3a:35:22:e6:a7:6d:87:be:f9:1f:23:23:34:
95:cf:c0:d6:84:f7:86:7c:46:b4:41:5f:85:96:4b:
ca:59:a5:0c:21:9d:ce:ad:88:8d:10:23:04:0e:32:
75:d8:ef:11:48:32:c8:46:18:68:e5:dc:5f:44:59:
35:09:36:0f:ed:f0:ef:16:21:6e:94:ad:4f:4f:1a:
d6:05:d4:6b:a1:39:7b:7b:2b:86:89:39:b1:f5:11:
b9:d1:3c:29:21:02:f8:94:73:c3:ba:bc:c8:39:3d:
12:c2:78:26:15:f8:de:3e:0c:cf:ad:74:8b:b4:c1:
c5:f0:b1:43:88:19:70:00:95:36:02:52:cc:80:0f:
67:3b:25:30:50:f2:05:d6:1f:66:a3:c9:fd:86:5c:
25:85:9d:1c:6d:82:3b:30:85:ca:ba:8b:e7:62:71:
00:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4E:3A:E3:9B:5B:C1:0C:CD:BE:56:49:B4:86:32:A4:4A:3F:A4:48
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/IU4645tbwQzNvlZJtIYypEo_pEg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:40c1:a000::/44
Signature Algorithm: sha256WithRSAEncryption
3a:fa:a7:97:2a:4d:47:9d:6d:93:09:9c:41:d6:03:7f:c0:81:
69:e3:25:43:f8:72:3e:36:4a:06:4a:87:8f:7a:c2:84:98:0b:
62:a7:92:7b:fb:70:79:24:e6:95:ca:58:8c:69:03:f0:1a:8b:
7a:a4:fe:f1:66:44:20:70:32:fa:8d:2c:a6:1a:6e:9a:fa:71:
f9:9c:49:c5:0e:66:f8:da:61:e9:11:13:20:3f:54:6a:40:35:
56:fa:66:17:6a:86:67:f1:0f:cb:22:6b:7e:9e:89:a0:1a:56:
05:11:80:87:a8:04:bd:93:ef:95:e8:df:86:fb:34:94:fb:02:
2d:a6:73:60:05:e5:00:3c:93:41:f1:65:bd:14:9b:43:fd:29:
bd:10:07:39:6d:e0:5d:73:b5:73:cb:93:1f:ab:f9:b7:66:6a:
fe:36:56:63:84:aa:24:10:3e:38:d9:09:a1:3a:cc:d9:7b:ee:
da:d9:8a:54:6f:4f:56:27:a8:ee:9a:78:cd:65:a0:69:32:af:
65:9b:71:d3:f6:e1:8c:d5:ec:25:86:2a:90:a2:38:72:3f:a2:
c5:cd:39:f1:38:e3:25:b6:d8:ea:6c:5c:89:88:08:54:80:17:
ff:3e:6c:f8:7b:26:cd:0d:b8:5f:7f:05:aa:3d:be:27:15:1f:
43:0b:ee:be
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MjI5MThaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDIxNEUzQUUzOUI1QkMx
MENDREJFNTY0OUI0ODYzMkE0NEEzRkE0NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXmkXVfRLdmeiiXSIyTewxxi2lBXKL5XP4BVd+Q/1wtvSt+SV+
qLv1XN/u5UpkNS1NMb2Vm4b0bbHyp9MMDMq7OsYN4W9mCARB6dnnoekCGTkZXYwc
rMXYilroOjUi5qdth775HyMjNJXPwNaE94Z8RrRBX4WWS8pZpQwhnc6tiI0QIwQO
MnXY7xFIMshGGGjl3F9EWTUJNg/t8O8WIW6UrU9PGtYF1GuhOXt7K4aJObH1EbnR
PCkhAviUc8O6vMg5PRLCeCYV+N4+DM+tdIu0wcXwsUOIGXAAlTYCUsyAD2c7JTBQ
8gXWH2ajyf2GXCWFnRxtgjswhcq6i+dicQATAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUIU4645tbwQzNvlZJtIYypEo/pEgwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvSVU0NjQ1dGJ3UXpO
dmxaSnRJWXlwRW9fcEVnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQKQMGgADANBgkqhkiG9w0BAQsFAAOCAQEAOvqnlypNR51tkwmcQdYDf8CB
aeMlQ/hyPjZKBkqHj3rChJgLYqeSe/tweSTmlcpYjGkD8BqLeqT+8WZEIHAy+o0s
phpumvpx+ZxJxQ5m+Nph6RETID9UakA1VvpmF2qGZ/EPyyJrfp6JoBpWBRGAh6gE
vZPvlejfhvs0lPsCLaZzYAXlADyTQfFlvRSbQ/0pvRAHOW3gXXO1c8uTH6v5t2Zq
/jZWY4SqJBA+ONkJoTrM2Xvu2tmKVG9PVieo7pp4zWWgaTKvZZtx0/bhjNXsJYYq
kKI4cj+ixc058TjjJbbY6mxciYgIVIAX/z5s+HsmzQ24X38Fqj2+JxUfQwvuvg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:43:02 2025 by rpki-client