Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/RaRyP-J3pxFA5bncv0FsEOEXTTs.roa
File: RaRyP-J3pxFA5bncv0FsEOEXTTs.roa (raw, json)
Hash identifier: yXLhlqwOf7eXJbOyZswJUhPt3jCUu5NXN37zwxUXxQg=
Subject key identifier: 45:A4:72:3F:E2:77:A7:11:40:E5:B9:DC:BF:41:6C:10:E1:17:4D:3B
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 18
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/RaRyP-J3pxFA5bncv0FsEOEXTTs.roa
Signing time: Tue 27 May 2025 08:11:31 +0000
ROA not before: Tue 27 May 2025 08:11:31 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56040
IP address blocks: 240a:4090:250::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: May 27 08:11:31 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=45A4723FE277A71140E5B9DCBF416C10E1174D3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6d:78:9c:77:72:79:8a:30:7a:5f:20:8d:d4:
cd:2b:03:7e:c4:2b:92:27:bf:e9:87:d5:fc:d2:24:
5b:e6:af:13:79:58:15:38:cd:58:d0:3b:0f:98:d2:
7b:bb:1b:df:53:f5:ce:58:b6:91:c1:08:0a:03:5f:
02:0d:00:e6:db:73:d1:d6:22:b5:5d:32:99:10:36:
a9:5c:1c:a0:ef:ef:82:67:90:53:8d:19:ca:24:46:
1f:16:d6:79:49:4f:39:f2:12:d5:4d:c5:e2:3e:34:
7b:fe:d7:22:d4:66:c0:5e:f3:0f:df:01:94:4b:d6:
48:c4:37:06:1a:56:37:3a:ae:fa:11:7d:85:2c:cb:
dc:53:6f:21:fb:65:08:88:17:05:fb:e9:f8:11:67:
2b:ff:71:58:01:62:54:50:1d:96:b7:27:ec:66:26:
45:95:a9:46:29:23:2a:48:2f:57:b0:2b:c0:84:a9:
75:d0:a4:6a:c9:3a:bc:81:4a:70:4d:ff:45:53:f1:
80:d6:6f:11:f1:80:df:f4:7b:64:71:8c:61:b5:94:
2a:62:57:74:36:96:fd:5e:0d:2f:8a:34:54:93:28:
f5:e0:79:ce:42:64:8d:81:3c:51:bf:ce:eb:41:66:
c9:31:d2:04:a8:01:da:02:55:50:6f:48:c4:0a:dd:
a5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A4:72:3F:E2:77:A7:11:40:E5:B9:DC:BF:41:6C:10:E1:17:4D:3B
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/RaRyP-J3pxFA5bncv0FsEOEXTTs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:4090:250::/48
Signature Algorithm: sha256WithRSAEncryption
59:cd:ab:6b:fc:2a:49:60:a8:31:ac:7a:ac:a0:ca:4d:6d:08:
7a:7c:9a:3a:ac:c3:18:27:84:4d:94:99:d7:04:db:1c:9b:8c:
7c:6a:a2:29:9d:59:7a:c5:fd:71:06:eb:6d:2f:f9:42:90:64:
36:3f:7e:0b:62:1e:bf:8a:b1:6b:56:79:0e:91:27:c0:19:80:
ce:df:eb:1c:cb:28:ff:1d:9a:cf:de:20:86:15:91:7a:d1:78:
b4:ba:c1:9d:0a:df:1a:b7:46:07:cf:13:62:cb:fa:d9:3f:33:
9a:df:df:26:0c:83:6b:50:6d:80:78:12:63:3c:e3:de:54:f3:
6f:c5:8f:d8:e3:3e:90:b7:ba:e2:9e:a6:32:26:24:ed:03:66:
b8:42:31:2f:9a:54:c5:ba:44:37:f0:15:ff:74:0e:ce:29:60:
dc:bf:ef:59:26:f4:4c:fe:87:78:6c:cc:d8:01:c6:e3:93:9f:
d7:c5:1f:46:0b:e8:f9:6a:7c:de:55:96:0d:89:bd:47:d1:d6:
e8:d7:6a:38:c1:ca:22:5c:3a:28:a8:52:4e:d7:a1:5f:54:45:
bf:3a:f3:09:bb:da:70:0c:5b:6c:e1:aa:2c:15:4a:a8:97:ac:
dc:6d:05:0d:19:c1:23:e4:c0:92:a7:d5:1b:7a:f0:fc:20:1d:
82:98:0f:7c
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIBGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG
RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4
MTEzMVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoNDVBNDcyM0ZFMjc3QTcx
MTQwRTVCOURDQkY0MTZDMTBFMTE3NEQzQjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKZteJx3cnmKMHpfII3UzSsDfsQrkie/6YfV/NIkW+avE3lYFTjN
WNA7D5jSe7sb31P1zli2kcEICgNfAg0A5ttz0dYitV0ymRA2qVwcoO/vgmeQU40Z
yiRGHxbWeUlPOfIS1U3F4j40e/7XItRmwF7zD98BlEvWSMQ3BhpWNzqu+hF9hSzL
3FNvIftlCIgXBfvp+BFnK/9xWAFiVFAdlrcn7GYmRZWpRikjKkgvV7ArwISpddCk
ask6vIFKcE3/RVPxgNZvEfGA3/R7ZHGMYbWUKmJXdDaW/V4NL4o0VJMo9eB5zkJk
jYE8Ub/O60FmyTHSBKgB2gJVUG9IxArdpRMCAwEAAaOCAfYwggHyMB0GA1UdDgQW
BBRFpHI/4nenEUDludy/QWwQ4RdNOzAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP
q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy
L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9SYVJ5UC1KM3B4RkE1
Ym5jdjBGc0VPRVhUVHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJApAkAJQMA0GCSqGSIb3DQEBCwUAA4IBAQBZzatr/CpJYKgxrHqsoMpNbQh6
fJo6rMMYJ4RNlJnXBNscm4x8aqIpnVl6xf1xButtL/lCkGQ2P34LYh6/irFrVnkO
kSfAGYDO3+scyyj/HZrP3iCGFZF60Xi0usGdCt8at0YHzxNiy/rZPzOa398mDINr
UG2AeBJjPOPeVPNvxY/Y4z6Qt7rinqYyJiTtA2a4QjEvmlTFukQ38BX/dA7OKWDc
v+9ZJvRM/od4bMzYAcbjk5/XxR9GC+j5anzeVZYNib1H0dbo12o4wcoiXDooqFJO
16FfVEW/OvMJu9pwDFts4aosFUqol6zcbQUNGcEj5MCSp9UbevD8IB2CmA98
-----END CERTIFICATE-----
Generated at Tue Sep 9 03:35:25 2025 by rpki-client