Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/L0NqQwXc60-zZA_ZnPtud82xNbE.roa
File: L0NqQwXc60-zZA_ZnPtud82xNbE.roa (raw, json)
Hash identifier: tUWEI8Bagxt/B/pXWMqyU8WFWpO6jS3ve0PwCEa86JI=
Subject key identifier: 2F:43:6A:43:05:DC:EB:4F:B3:64:0F:D9:9C:FB:6E:77:CD:B1:35:B1
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: A8
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/L0NqQwXc60-zZA_ZnPtud82xNbE.roa
Signing time: Fri 06 Jun 2025 02:21:22 +0000
ROA not before: Fri 06 Jun 2025 02:21:22 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56048
IP address blocks: 240a:40c0:8010::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168 (0xa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 02:21:22 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=2F436A4305DCEB4FB3640FD99CFB6E77CDB135B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:cd:d8:fe:ff:af:b1:f1:c7:33:15:ef:67:
12:28:7b:33:25:50:6c:52:f7:ed:9f:f0:8f:11:61:
aa:b1:ee:63:f6:e1:05:aa:86:b5:c1:bd:da:a5:ec:
ab:9f:a6:4e:bd:ad:24:aa:10:02:6f:7e:2a:3e:6d:
31:d2:25:ed:ea:98:40:05:ae:d8:57:0c:f6:ac:82:
8a:93:28:63:c1:cd:1b:41:6e:7c:94:a2:bf:97:37:
fd:4d:ce:b5:10:4f:e4:9d:d8:04:06:f7:e8:29:77:
57:47:13:0a:1c:1c:c6:02:18:7f:ac:f0:ca:bd:e9:
4a:52:37:83:93:fb:90:f4:39:67:d2:45:51:8b:43:
a1:98:41:3f:c5:c7:d0:64:18:f8:ee:de:ab:b5:d4:
3c:c8:93:f2:ff:6a:eb:0e:84:10:c9:e5:1e:5c:85:
8e:c9:6e:3d:82:88:85:c8:75:2c:14:34:af:f1:0e:
4f:44:0d:ed:f8:48:a9:7c:89:46:e0:2f:cd:29:1f:
5e:80:96:dc:43:0f:9d:71:12:61:3d:86:75:e3:b6:
94:5b:ed:cd:e9:5f:91:2b:c8:bf:6f:e8:32:dc:9f:
4a:f2:7d:fb:6a:3e:84:e7:8a:10:fa:85:19:57:13:
84:0c:37:85:7f:fb:bf:b7:6b:4c:d3:43:f4:fd:d4:
aa:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:43:6A:43:05:DC:EB:4F:B3:64:0F:D9:9C:FB:6E:77:CD:B1:35:B1
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/L0NqQwXc60-zZA_ZnPtud82xNbE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:40c0:8010::/44
Signature Algorithm: sha256WithRSAEncryption
1c:d7:43:07:5f:45:5a:bf:c7:08:75:db:6c:81:5d:2b:41:a4:
d1:65:e4:4a:93:30:bf:a9:b9:e1:5d:eb:4c:c7:ff:f0:57:94:
02:4e:dc:23:86:02:9b:4e:95:ef:61:0e:60:c4:17:82:1c:7c:
dd:d0:d0:63:41:38:e2:d3:88:e4:aa:ea:1f:86:04:91:77:be:
1e:61:7b:e4:82:45:3a:07:1a:f3:50:1e:4f:dc:1b:86:70:2f:
a8:74:3f:a0:6b:52:31:2c:41:2b:d7:5a:fd:82:ba:bc:e6:fd:
7b:c6:b4:8d:88:72:1b:1c:99:a1:e3:89:d7:bd:69:b8:53:2a:
a4:4f:d3:f1:0e:cc:f1:56:eb:20:8b:4d:2d:a2:11:f9:36:9c:
13:bc:97:5c:bb:9a:e1:d7:71:fa:99:3c:54:8c:f3:c8:53:7a:
bb:78:2f:5b:b9:f8:ea:1a:6a:9c:20:d3:02:7f:ad:ae:47:67:
5e:f6:a0:26:f4:5c:3d:dd:e3:1d:00:f9:70:6c:d6:88:b8:38:
57:dc:63:9e:d7:83:3e:ed:1e:d5:a3:55:35:fc:85:e8:03:c5:
89:f4:de:00:23:4f:c6:36:3d:29:63:48:e6:11:17:01:a0:4d:
bf:e0:69:f7:d4:76:c3:da:db:98:3a:51:1c:9d:38:44:82:f6:
80:85:d8:22
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MjIxMjJaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDJGNDM2QTQzMDVEQ0VC
NEZCMzY0MEZEOTlDRkI2RTc3Q0RCMTM1QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFLM3Y/v+vsfHHMxXvZxIoezMlUGxS9+2f8I8RYaqx7mP24QWq
hrXBvdql7Kufpk69rSSqEAJvfio+bTHSJe3qmEAFrthXDPasgoqTKGPBzRtBbnyU
or+XN/1NzrUQT+Sd2AQG9+gpd1dHEwocHMYCGH+s8Mq96UpSN4OT+5D0OWfSRVGL
Q6GYQT/Fx9BkGPju3qu11DzIk/L/ausOhBDJ5R5chY7Jbj2CiIXIdSwUNK/xDk9E
De34SKl8iUbgL80pH16AltxDD51xEmE9hnXjtpRb7c3pX5EryL9v6DLcn0ryfftq
PoTnihD6hRlXE4QMN4V/+7+3a0zTQ/T91KobAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUL0NqQwXc60+zZA/ZnPtud82xNbEwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvTDBOcVF3WGM2MC16
WkFfWm5QdHVkODJ4TmJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQKQMCAEDANBgkqhkiG9w0BAQsFAAOCAQEAHNdDB19FWr/HCHXbbIFdK0Gk
0WXkSpMwv6m54V3rTMf/8FeUAk7cI4YCm06V72EOYMQXghx83dDQY0E44tOI5Krq
H4YEkXe+HmF75IJFOgca81AeT9wbhnAvqHQ/oGtSMSxBK9da/YK6vOb9e8a0jYhy
GxyZoeOJ171puFMqpE/T8Q7M8VbrIItNLaIR+TacE7yXXLua4ddx+pk8VIzzyFN6
u3gvW7n46hpqnCDTAn+trkdnXvagJvRcPd3jHQD5cGzWiLg4V9xjnteDPu0e1aNV
NfyF6APFifTeACNPxjY9KWNI5hEXAaBNv+Bp99R2w9rbmDpRHJ04RIL2gIXYIg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:46:22 2025 by rpki-client