Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/Pn2GYWy-HcPs-iNWo13aWTC_6z4.roa
File: Pn2GYWy-HcPs-iNWo13aWTC_6z4.roa (raw, json)
Hash identifier: vc/No7ruvfkizIFtbe9YfD03b0E3wbPO/NBpEeYB2Ao=
Subject key identifier: 3E:7D:86:61:6C:BE:1D:C3:EC:FA:23:56:A3:5D:DA:59:30:BF:EB:3E
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 3D
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/Pn2GYWy-HcPs-iNWo13aWTC_6z4.roa
Signing time: Tue 27 May 2025 08:25:29 +0000
ROA not before: Tue 27 May 2025 08:25:29 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 9808
IP address blocks: 240a:42da::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61 (0x3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: May 27 08:25:29 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=3E7D86616CBE1DC3ECFA2356A35DDA5930BFEB3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d8:a3:08:e5:51:a4:d9:36:95:91:1d:6c:18:
7c:6c:ec:5f:e2:ba:35:d3:1e:19:14:b8:10:fe:00:
56:cd:72:ab:87:71:b7:69:d4:2c:a1:d5:bc:b7:50:
04:7e:df:f6:85:82:d2:f0:ef:87:08:93:c8:43:14:
e8:fe:4f:57:3d:46:bc:dc:ef:e4:86:24:66:b0:98:
81:52:3c:eb:89:fe:2f:d9:66:87:c5:75:45:cd:ec:
c5:56:f0:e7:92:b5:3d:73:e4:e1:fd:5c:3b:1e:e0:
56:71:47:d6:4e:cd:2c:1c:6f:62:a6:c3:9a:94:7d:
f7:7d:6d:db:62:1f:54:3a:df:ed:d2:c8:06:e0:2f:
9f:ca:b5:c8:82:0f:0d:2d:19:9a:bd:46:cb:ef:8c:
06:9c:fb:0e:42:ed:29:43:42:1d:d3:6e:e6:fb:fe:
97:ee:02:32:b3:c4:aa:66:9b:c2:63:f7:3b:b5:db:
d0:60:40:5d:f1:54:25:8a:f0:ff:6f:69:66:9c:92:
3c:09:2a:27:f4:f4:c2:67:57:09:28:83:89:7a:c8:
f9:30:33:07:cb:f1:e3:ed:b9:7e:55:a0:4d:89:a1:
7c:eb:bb:9d:cb:f5:95:12:09:f2:a1:a3:87:f8:32:
64:6a:7d:6f:3a:c6:a4:c9:e5:41:04:f9:61:54:1a:
83:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7D:86:61:6C:BE:1D:C3:EC:FA:23:56:A3:5D:DA:59:30:BF:EB:3E
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/Pn2GYWy-HcPs-iNWo13aWTC_6z4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:42da::/31
Signature Algorithm: sha256WithRSAEncryption
48:ea:b5:4a:94:f8:ae:06:07:d2:8f:6f:11:01:b4:e3:05:00:
79:2b:d6:6e:be:8f:f9:f3:64:5f:0b:a7:4b:d6:18:04:39:c6:
d5:7e:a6:13:c5:d9:b8:a1:0f:0c:fd:42:3a:cc:2d:a3:08:04:
37:3b:86:8a:51:18:10:96:5c:d4:16:fd:ec:65:9f:5f:3a:4b:
e1:c9:0c:7c:8e:b9:ca:18:b3:ed:1d:a8:4d:df:ca:15:41:8b:
08:33:e3:bb:72:5b:89:3d:c9:b7:01:f7:75:d4:8a:1a:19:20:
25:ff:22:9a:1b:6c:29:db:7a:02:c2:44:e6:01:a3:9a:4d:4e:
dd:df:b2:16:40:df:d8:83:37:10:aa:b6:f3:d7:7e:ea:57:6d:
0d:95:5e:cf:f4:50:41:74:d0:31:99:ed:42:93:f1:aa:4c:72:
3f:ad:0b:85:3e:ae:bc:63:19:cd:74:71:86:4c:b9:26:8b:72:
ed:bf:93:84:b3:e4:af:a1:ba:4e:35:df:c5:c2:22:54:8a:6e:
46:4d:66:57:d8:32:5c:4b:d4:a9:f0:86:07:49:37:04:d7:c5:
04:87:bb:0d:21:de:25:50:06:b9:66:06:41:58:b2:2c:e7:ec:
12:00:6b:5f:aa:93:88:5c:6a:a8:67:00:20:de:e4:b6:2a:e1:
05:51:f2:5a
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG
RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4
MjUyOVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoM0U3RDg2NjE2Q0JFMURD
M0VDRkEyMzU2QTM1RERBNTkzMEJGRUIzRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOLYowjlUaTZNpWRHWwYfGzsX+K6NdMeGRS4EP4AVs1yq4dxt2nU
LKHVvLdQBH7f9oWC0vDvhwiTyEMU6P5PVz1GvNzv5IYkZrCYgVI864n+L9lmh8V1
Rc3sxVbw55K1PXPk4f1cOx7gVnFH1k7NLBxvYqbDmpR9931t22IfVDrf7dLIBuAv
n8q1yIIPDS0Zmr1Gy++MBpz7DkLtKUNCHdNu5vv+l+4CMrPEqmabwmP3O7Xb0GBA
XfFUJYrw/29pZpySPAkqJ/T0wmdXCSiDiXrI+TAzB8vx4+25flWgTYmhfOu7ncv1
lRIJ8qGjh/gyZGp9bzrGpMnlQQT5YVQag78CAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBQ+fYZhbL4dw+z6I1ajXdpZML/rPjAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP
q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy
L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9QbjJHWVd5LUhjUHMt
aU5XbzEzYVdUQ182ejQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUBJApC2jANBgkqhkiG9w0BAQsFAAOCAQEASOq1SpT4rgYH0o9vEQG04wUAeSvW
br6P+fNkXwunS9YYBDnG1X6mE8XZuKEPDP1COswtowgENzuGilEYEJZc1Bb97GWf
XzpL4ckMfI65yhiz7R2oTd/KFUGLCDPju3JbiT3JtwH3ddSKGhkgJf8imhtsKdt6
AsJE5gGjmk1O3d+yFkDf2IM3EKq289d+6ldtDZVez/RQQXTQMZntQpPxqkxyP60L
hT6uvGMZzXRxhky5Joty7b+ThLPkr6G6TjXfxcIiVIpuRk1mV9gyXEvUqfCGB0k3
BNfFBIe7DSHeJVAGuWYGQViyLOfsEgBrX6qTiFxqqGcAIN7ktirhBVHyWg==
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:00:10 2025 by rpki-client