Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/TJ9DDUGk3uDrXo3pT07cw1r4YZA.roa
File: TJ9DDUGk3uDrXo3pT07cw1r4YZA.roa (raw, json)
Hash identifier: x2Le+FFnBTal963TfBC8ZMsFpaKHpkLH3HzBEfHJkXg=
Subject key identifier: 4C:9F:43:0D:41:A4:DE:E0:EB:5E:8D:E9:4F:4E:DC:C3:5A:F8:61:90
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: A2
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/TJ9DDUGk3uDrXo3pT07cw1r4YZA.roa
Signing time: Fri 06 Jun 2025 01:46:36 +0000
ROA not before: Fri 06 Jun 2025 01:46:36 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 132525
IP address blocks: 240a:429a::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162 (0xa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 01:46:36 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=4C9F430D41A4DEE0EB5E8DE94F4EDCC35AF86190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8f:de:ec:63:61:0f:41:9a:fa:e5:34:c3:a5:
96:42:fe:6d:14:66:de:15:36:42:ad:c4:b2:97:5f:
a7:51:ad:d1:fe:1a:2a:2c:74:c5:04:66:45:ec:eb:
ac:ba:3f:24:61:22:4b:18:26:ee:d5:6e:fc:d2:95:
90:ff:8e:b9:6c:37:bf:03:28:9b:d6:9e:a0:8e:05:
49:b5:2e:aa:1a:3e:fd:7f:f0:31:af:dd:65:89:ad:
88:a9:a1:43:87:6b:30:6d:25:48:83:db:85:55:01:
e9:b3:bb:00:c6:dc:6d:77:d7:a0:b6:b3:f2:75:4d:
78:99:76:2c:db:80:6e:0c:af:fb:5d:99:ca:74:71:
ed:85:e2:f8:43:9c:25:b7:96:45:b8:17:ca:2f:ba:
66:f1:4b:1a:2a:87:5b:47:44:85:a0:90:dc:70:fe:
41:27:21:d4:d4:31:e2:86:1c:3c:d9:58:3e:29:a6:
97:12:67:24:9b:d1:ff:d0:49:45:4f:40:96:52:58:
84:66:03:16:88:0a:95:be:f8:1b:9d:a0:f1:99:b0:
09:65:a4:b9:7b:47:f4:97:f6:83:b7:74:92:1b:78:
31:54:21:3b:ad:8b:b0:c9:77:b7:6e:dd:db:07:bd:
64:a8:a3:2b:53:ee:dc:e0:05:59:53:3a:0b:eb:d7:
0c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9F:43:0D:41:A4:DE:E0:EB:5E:8D:E9:4F:4E:DC:C3:5A:F8:61:90
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/TJ9DDUGk3uDrXo3pT07cw1r4YZA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:429a::/31
Signature Algorithm: sha256WithRSAEncryption
a8:b2:0b:8d:54:63:43:5c:c4:6c:da:9f:41:48:e4:98:91:82:
39:6e:5b:82:7f:df:68:32:5c:e1:26:cb:31:12:8d:9d:86:05:
8b:9b:62:34:de:7b:44:d1:11:25:06:cd:16:24:45:62:9f:45:
87:b4:34:0e:62:7c:1d:6b:1e:3e:fd:02:ad:2a:8c:29:03:1d:
d1:da:af:d0:ea:fe:8a:6b:d2:43:c9:bb:3d:31:57:a9:b3:e9:
3d:6e:3d:e6:f5:bb:1d:af:4a:73:2c:0f:de:62:b0:3c:15:cc:
77:88:81:30:59:04:c4:61:2f:41:97:51:1d:09:49:18:41:54:
b2:77:41:40:c0:2e:18:40:f6:59:06:b8:50:f1:cb:6f:15:06:
0a:f1:5b:72:f8:90:16:06:53:8b:90:a4:ac:4d:80:9e:1e:1c:
22:75:0b:82:ff:09:0d:33:b5:b6:cc:41:90:01:19:77:39:8b:
dc:a4:1f:cd:b2:71:a5:97:8a:b7:ec:6b:58:a9:95:14:28:ea:
75:25:0a:ee:41:68:a7:43:b4:d8:f6:c7:56:d1:03:7f:f6:e0:
cc:2b:3f:13:69:41:49:97:a6:93:7d:41:79:2b:93:68:89:cc:
31:7f:61:d1:86:e8:6e:78:94:c3:1a:8b:5b:c4:82:60:bc:25:
7a:7f:77:62
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MTQ2MzZaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDRDOUY0MzBENDFBNERF
RTBFQjVFOERFOTRGNEVEQ0MzNUFGODYxOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaj97sY2EPQZr65TTDpZZC/m0UZt4VNkKtxLKXX6dRrdH+Gios
dMUEZkXs66y6PyRhIksYJu7VbvzSlZD/jrlsN78DKJvWnqCOBUm1LqoaPv1/8DGv
3WWJrYipoUOHazBtJUiD24VVAemzuwDG3G1316C2s/J1TXiZdizbgG4Mr/tdmcp0
ce2F4vhDnCW3lkW4F8ovumbxSxoqh1tHRIWgkNxw/kEnIdTUMeKGHDzZWD4pppcS
ZySb0f/QSUVPQJZSWIRmAxaICpW++BudoPGZsAllpLl7R/SX9oO3dJIbeDFUITut
i7DJd7du3dsHvWSooytT7tzgBVlTOgvr1ww/AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUTJ9DDUGk3uDrXo3pT07cw1r4YZAwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvVEo5RERVR2szdURy
WG8zcFQwN2N3MXI0WVpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFASQKQpowDQYJKoZIhvcNAQELBQADggEBAKiyC41UY0NcxGzan0FI5JiRgjlu
W4J/32gyXOEmyzESjZ2GBYubYjTee0TRESUGzRYkRWKfRYe0NA5ifB1rHj79Aq0q
jCkDHdHar9Dq/opr0kPJuz0xV6mz6T1uPeb1ux2vSnMsD95isDwVzHeIgTBZBMRh
L0GXUR0JSRhBVLJ3QUDALhhA9lkGuFDxy28VBgrxW3L4kBYGU4uQpKxNgJ4eHCJ1
C4L/CQ0ztbbMQZABGXc5i9ykH82ycaWXirfsa1iplRQo6nUlCu5BaKdDtNj2x1bR
A3/24MwrPxNpQUmXppN9QXkrk2iJzDF/YdGG6G54lMMai1vEgmC8JXp/d2I=
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:40:46 2025 by rpki-client