Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/MKUg3TQ8WUUti61jXZuzGw871aE.roa
File: MKUg3TQ8WUUti61jXZuzGw871aE.roa (raw, json)
Hash identifier: G/q7pu3F7qWjoqr5shQ7tgwaLQebWgT5FGTmIYKjEx8=
Subject key identifier: 30:A5:20:DD:34:3C:59:45:2D:8B:AD:63:5D:9B:B3:1B:0F:3B:D5:A1
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 95
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/MKUg3TQ8WUUti61jXZuzGw871aE.roa
Signing time: Fri 06 Jun 2025 01:44:55 +0000
ROA not before: Fri 06 Jun 2025 01:44:55 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56046
IP address blocks: 240a:42a6::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149 (0x95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 01:44:55 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=30A520DD343C59452D8BAD635D9BB31B0F3BD5A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:da:5a:9d:a9:95:10:bf:3b:ef:2b:ac:45:
6e:6c:3d:97:f9:3d:42:2c:24:fc:f6:bc:92:d8:42:
45:8c:e4:87:c8:f2:14:52:ad:b2:00:06:f7:b5:6a:
ce:7e:31:4f:13:ab:3b:88:e6:74:f7:50:c0:51:74:
98:80:ed:64:c0:cd:2b:8a:0d:fe:b7:38:63:88:0f:
86:75:85:0e:08:13:fb:fc:1b:ad:6c:f1:c2:ee:0d:
b8:d9:23:f5:71:d1:b0:46:ba:4e:bc:62:ed:7b:eb:
cb:1d:e4:33:fe:24:e9:82:99:1c:6f:40:f3:7b:f9:
9c:16:1e:b9:54:57:80:43:03:ff:39:5e:cd:df:29:
e0:39:08:25:94:cc:a8:b2:49:34:5e:eb:f5:9e:a7:
12:fb:0b:58:3b:bc:d2:40:ca:c0:c3:c1:6a:28:31:
7f:a9:96:78:59:91:f1:c4:0d:0e:a5:d0:fe:54:25:
96:44:cb:00:0c:72:e3:82:37:80:d8:5a:1a:53:cc:
78:40:e6:7e:99:02:d9:d0:44:72:18:8b:cd:04:59:
67:d8:3b:27:1c:70:5e:f2:d2:8f:04:7c:6c:d4:fd:
34:cc:1d:97:5a:a1:82:3f:cb:7c:89:b1:6f:16:af:
db:9f:38:94:a0:22:eb:b8:5b:4e:e8:5a:f3:8c:33:
2a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A5:20:DD:34:3C:59:45:2D:8B:AD:63:5D:9B:B3:1B:0F:3B:D5:A1
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/MKUg3TQ8WUUti61jXZuzGw871aE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:42a6::/31
Signature Algorithm: sha256WithRSAEncryption
02:44:d0:25:fe:47:2a:dd:fc:0d:68:44:4d:81:84:e1:0b:09:
1a:3a:8f:12:ef:60:b1:01:c1:84:6b:cf:2a:5b:9a:6b:3a:57:
26:a9:6c:bf:39:ea:5e:6c:d5:32:df:da:b3:24:2a:ef:f9:e2:
8d:4f:52:22:a3:7e:ee:cb:25:b1:ea:50:7b:33:b8:87:b2:7b:
ef:43:03:ca:dc:f4:fe:02:d1:54:16:4c:fa:af:d2:56:8a:23:
75:70:e2:42:8e:26:aa:6e:23:83:c3:a2:be:35:a4:40:1b:97:
b5:7d:ea:9e:67:aa:1a:79:3e:f2:05:6b:db:76:ac:da:6a:b7:
bf:25:a4:03:97:76:d8:e5:b7:98:6b:aa:c8:9a:eb:af:6c:13:
45:b3:b3:e5:f4:ec:ad:6c:85:87:63:ae:9f:d7:46:fb:45:03:
07:39:e2:3a:bb:47:00:28:11:a1:04:23:19:60:11:f0:16:02:
06:a3:fa:01:4e:57:f8:b7:ec:7a:24:41:f5:ca:da:97:71:d2:
d7:4d:21:fc:6e:0a:8f:e6:83:cb:5f:33:f1:39:4d:15:37:83:
38:6a:ce:1e:9f:11:32:ba:ae:53:47:02:0f:d9:a4:8e:0b:65:
11:b9:70:58:9a:a6:17:d9:96:af:e7:d7:41:4f:2c:4d:dc:51:
99:e7:a5:10
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICAJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MTQ0NTVaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDMwQTUyMEREMzQzQzU5
NDUyRDhCQUQ2MzVEOUJCMzFCMEYzQkQ1QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8G9panamVEL877yusRW5sPZf5PUIsJPz2vJLYQkWM5IfI8hRS
rbIABve1as5+MU8TqzuI5nT3UMBRdJiA7WTAzSuKDf63OGOID4Z1hQ4IE/v8G61s
8cLuDbjZI/Vx0bBGuk68Yu1768sd5DP+JOmCmRxvQPN7+ZwWHrlUV4BDA/85Xs3f
KeA5CCWUzKiySTRe6/WepxL7C1g7vNJAysDDwWooMX+plnhZkfHEDQ6l0P5UJZZE
ywAMcuOCN4DYWhpTzHhA5n6ZAtnQRHIYi80EWWfYOycccF7y0o8EfGzU/TTMHZda
oYI/y3yJsW8Wr9ufOJSgIuu4W07oWvOMMyp7AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUMKUg3TQ8WUUti61jXZuzGw871aEwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvTUtVZzNUUThXVVV0
aTYxalhadXpHdzg3MWFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFASQKQqYwDQYJKoZIhvcNAQELBQADggEBAAJE0CX+Ryrd/A1oRE2BhOELCRo6
jxLvYLEBwYRrzypbmms6VyapbL856l5s1TLf2rMkKu/54o1PUiKjfu7LJbHqUHsz
uIeye+9DA8rc9P4C0VQWTPqv0laKI3Vw4kKOJqpuI4PDor41pEAbl7V96p5nqhp5
PvIFa9t2rNpqt78lpAOXdtjlt5hrqsia669sE0Wzs+X07K1shYdjrp/XRvtFAwc5
4jq7RwAoEaEEIxlgEfAWAgaj+gFOV/i37HokQfXK2pdx0tdNIfxuCo/mg8tfM/E5
TRU3gzhqzh6fETK6rlNHAg/ZpI4LZRG5cFiaphfZlq/n10FPLE3cUZnnpRA=
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:53:18 2025 by rpki-client