Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/heDEyW_7qDgZPy-mQpTi-9_SrqQ.roa
File: heDEyW_7qDgZPy-mQpTi-9_SrqQ.roa (raw, json)
Hash identifier: RIcp9403YbdFP0eGf6Jy+0fn7CYtHsD60idxpW5tnag=
Subject key identifier: 85:E0:C4:C9:6F:FB:A8:38:19:3F:2F:A6:42:94:E2:FB:DF:D2:AE:A4
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: C4
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/heDEyW_7qDgZPy-mQpTi-9_SrqQ.roa
Signing time: Fri 06 Jun 2025 02:29:18 +0000
ROA not before: Fri 06 Jun 2025 02:29:18 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56044
IP address blocks: 240a:40c1:2000::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196 (0xc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 02:29:18 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=85E0C4C96FFBA838193F2FA64294E2FBDFD2AEA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:49:32:07:9e:5d:c6:2b:5d:be:86:5a:d1:8b:
05:7b:fb:98:06:e2:37:01:58:db:61:e4:3a:3f:ba:
7a:3b:ad:f6:ff:2c:ea:cf:7a:23:29:2d:c9:c3:b8:
c1:1d:c5:bb:d8:4f:9a:4f:8d:01:10:82:17:bb:5b:
c1:31:3f:3f:f2:4b:c1:a6:ad:03:f9:7a:cd:db:67:
8b:00:ca:b7:1a:5b:36:c7:5c:e3:5f:d5:78:1b:11:
14:d9:8e:61:88:7e:0b:3f:0b:cb:90:d1:46:62:94:
dd:2c:60:b5:72:2f:43:63:00:84:bb:a2:fb:67:0c:
51:c0:1d:a6:3d:e2:9b:d5:15:f3:ea:d6:e0:f8:0b:
0f:d8:4c:9f:9b:2f:26:9d:83:b5:f8:01:fa:0d:7b:
6a:13:55:9f:02:b6:16:c3:43:b6:4e:71:82:c7:d6:
2d:d6:4b:61:ac:ca:ce:ba:32:3c:7c:1e:9e:6d:01:
77:69:25:9a:78:39:07:fb:db:0b:b2:29:cc:2a:2e:
62:74:ae:14:92:d6:b3:58:a5:cd:93:ce:90:09:e1:
ea:e6:3f:68:f8:f3:cd:c2:f4:82:cc:4f:0b:69:b1:
0c:66:89:89:df:ff:9e:fd:a3:5a:b2:1f:5c:74:80:
90:3a:68:cf:c4:0e:55:71:c8:26:57:f1:80:11:c3:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E0:C4:C9:6F:FB:A8:38:19:3F:2F:A6:42:94:E2:FB:DF:D2:AE:A4
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/heDEyW_7qDgZPy-mQpTi-9_SrqQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:40c1:2000::/44
Signature Algorithm: sha256WithRSAEncryption
aa:6e:96:12:0d:7c:a7:62:16:c0:34:29:69:e7:29:b8:8b:04:
21:22:6f:f3:6e:15:f4:f8:79:52:73:2f:2f:d3:27:93:9e:5f:
46:33:16:d1:a0:2a:a1:99:3a:2b:ee:33:0c:7b:39:24:2f:6f:
98:14:9b:c4:3a:36:f4:29:90:eb:8d:82:f5:40:76:b7:3b:9c:
36:0c:da:89:35:79:5c:a6:67:39:5d:a4:61:e9:60:f5:34:fd:
43:84:58:4c:1a:27:3c:19:28:db:cf:26:ae:0d:ff:6c:4f:0e:
f2:32:f6:85:38:9d:d1:80:2a:cb:78:93:75:11:4b:77:b3:bf:
1a:8c:8e:0d:17:12:a8:83:28:08:50:e5:59:51:c7:fe:02:a1:
70:86:3c:1d:9e:b1:b2:33:79:30:a1:0d:ca:f2:0d:01:bf:2d:
89:b6:b6:d8:a5:98:8a:8a:2b:bc:be:62:de:7f:97:77:8d:fb:
5c:c1:c5:42:03:cb:33:45:2d:af:28:69:13:53:68:50:b2:8f:
d8:96:fb:77:1c:92:cc:a1:da:d1:71:ec:9a:a8:39:2f:6e:cf:
62:65:24:29:a2:6c:62:2e:bd:7d:d8:2d:77:3f:eb:d7:bf:7e:
2a:d3:4e:9b:4e:ce:5c:0b:2b:cc:ce:52:4b:fc:d5:ac:24:d6:
33:16:37:7e
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MjI5MThaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDg1RTBDNEM5NkZGQkE4
MzgxOTNGMkZBNjQyOTRFMkZCREZEMkFFQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcSTIHnl3GK12+hlrRiwV7+5gG4jcBWNth5Do/uno7rfb/LOrP
eiMpLcnDuMEdxbvYT5pPjQEQghe7W8ExPz/yS8GmrQP5es3bZ4sAyrcaWzbHXONf
1XgbERTZjmGIfgs/C8uQ0UZilN0sYLVyL0NjAIS7ovtnDFHAHaY94pvVFfPq1uD4
Cw/YTJ+bLyadg7X4AfoNe2oTVZ8CthbDQ7ZOcYLH1i3WS2Gsys66Mjx8Hp5tAXdp
JZp4OQf72wuyKcwqLmJ0rhSS1rNYpc2TzpAJ4ermP2j4883C9ILMTwtpsQxmiYnf
/579o1qyH1x0gJA6aM/EDlVxyCZX8YARw9SbAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUheDEyW/7qDgZPy+mQpTi+9/SrqQwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvaGVERXlXXzdxRGda
UHktbVFwVGktOV9TcnFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQKQMEgADANBgkqhkiG9w0BAQsFAAOCAQEAqm6WEg18p2IWwDQpaecpuIsE
ISJv824V9Ph5UnMvL9Mnk55fRjMW0aAqoZk6K+4zDHs5JC9vmBSbxDo29CmQ642C
9UB2tzucNgzaiTV5XKZnOV2kYelg9TT9Q4RYTBonPBko288mrg3/bE8O8jL2hTid
0YAqy3iTdRFLd7O/GoyODRcSqIMoCFDlWVHH/gKhcIY8HZ6xsjN5MKENyvINAb8t
iba22KWYioorvL5i3n+Xd437XMHFQgPLM0UtryhpE1NoULKP2Jb7dxySzKHa0XHs
mqg5L27PYmUkKaJsYi69fdgtdz/r179+KtNOm07OXAsrzM5SS/zVrCTWMxY3fg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:41:50 2025 by rpki-client