Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/nYTWpndZmCiiWpvksa3q7Hg8I9M.roa
File: nYTWpndZmCiiWpvksa3q7Hg8I9M.roa (raw, json)
Hash identifier: 8UxncYAIt9n9W5L3O/ZbZd5NHgMH+LUQSRj5Yd+ic9Y=
Subject key identifier: 9D:84:D6:A6:77:59:98:28:A2:5A:9B:E4:B1:AD:EA:EC:78:3C:23:D3
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: AB
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/nYTWpndZmCiiWpvksa3q7Hg8I9M.roa
Signing time: Fri 06 Jun 2025 02:21:23 +0000
ROA not before: Fri 06 Jun 2025 02:21:23 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56042
IP address blocks: 240a:40c0:e000::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171 (0xab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 02:21:23 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=9D84D6A677599828A25A9BE4B1ADEAEC783C23D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cf:15:b9:ee:a8:d6:9f:42:c1:56:b6:3a:47:
e0:7f:65:7d:f1:bb:df:c2:11:f0:2a:2e:70:9d:b5:
46:ad:a7:f7:b3:4c:b2:97:5b:31:9c:d9:b9:fd:ae:
4c:80:63:4f:c2:8e:e5:f8:09:92:44:da:eb:c7:c9:
f5:53:c4:4d:dc:8b:59:41:63:44:68:8c:6d:6f:97:
b1:7a:fb:01:81:f0:57:09:b6:e8:6a:0b:b6:8f:b4:
35:fa:b4:56:e8:1a:93:e5:16:15:f3:83:da:d1:d1:
22:26:62:63:ce:45:a3:5e:11:c4:74:94:a4:71:de:
d2:f7:a2:02:d0:13:c3:af:6c:3d:6c:54:87:5f:07:
22:27:39:f0:ae:2b:70:4f:da:d2:53:f1:e4:82:20:
cb:52:7b:d3:a0:6e:76:4b:06:3a:07:25:8e:d2:9a:
b3:4f:15:13:58:d7:7a:3d:11:04:c3:2c:40:64:ec:
f1:cd:11:5c:07:86:d7:01:17:e8:c8:9b:53:69:90:
22:7d:3f:6c:f1:78:44:db:10:38:7d:1b:15:eb:5a:
68:d2:ce:ce:4f:ac:05:b9:27:fe:a0:02:54:c4:e7:
af:9c:9b:c0:b8:91:a5:ca:ff:da:ea:16:77:00:95:
df:70:95:36:2f:50:28:0e:0c:07:a1:7a:d0:06:48:
7f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:84:D6:A6:77:59:98:28:A2:5A:9B:E4:B1:AD:EA:EC:78:3C:23:D3
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/nYTWpndZmCiiWpvksa3q7Hg8I9M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:40c0:e000::/44
Signature Algorithm: sha256WithRSAEncryption
8a:e3:f4:d4:61:e2:8d:2f:e9:79:8a:b6:7f:ee:3a:b4:26:6f:
0d:33:13:90:0d:24:bf:6d:ec:eb:92:6e:33:9c:e2:b1:4a:12:
dc:d0:a6:9e:8d:01:a4:06:e1:e4:af:46:77:b3:c6:b8:7d:ff:
68:a5:dc:4d:4e:25:a5:b2:de:8e:fa:04:d9:99:76:a4:d1:9f:
6c:cf:01:a3:ac:f2:bc:63:b7:af:0c:e9:bf:21:3d:cf:06:6e:
8d:e2:bd:9b:ca:59:74:2b:93:d3:7a:61:2b:bf:a3:ef:43:3f:
1c:03:9a:d1:ad:ac:ad:17:64:31:4d:ba:18:62:fb:ae:b5:4e:
85:fc:5b:ea:e1:48:97:9a:c1:f8:52:40:80:33:1d:93:53:07:
b5:9c:78:b9:dc:e0:df:d5:24:a6:8c:e0:48:27:df:9f:a4:17:
3f:13:c8:7d:d6:80:55:98:06:c0:35:52:23:0e:13:5f:be:c5:
6f:f1:9b:0f:ef:ae:d3:f8:17:25:69:cb:66:57:23:10:64:3e:
c9:51:c6:e2:47:38:07:65:29:e6:88:cb:42:ba:55:d5:d5:3d:
7f:f9:aa:4d:2a:88:aa:28:47:3b:9a:e5:46:9d:e3:d4:a2:82:
e8:cc:c2:74:ca:9f:d7:dd:fa:f4:87:89:a6:4e:1c:31:26:1e:
bb:aa:56:84
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MjIxMjNaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDlEODRENkE2Nzc1OTk4
MjhBMjVBOUJFNEIxQURFQUVDNzgzQzIzRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChzxW57qjWn0LBVrY6R+B/ZX3xu9/CEfAqLnCdtUatp/ezTLKX
WzGc2bn9rkyAY0/CjuX4CZJE2uvHyfVTxE3ci1lBY0RojG1vl7F6+wGB8FcJtuhq
C7aPtDX6tFboGpPlFhXzg9rR0SImYmPORaNeEcR0lKRx3tL3ogLQE8OvbD1sVIdf
ByInOfCuK3BP2tJT8eSCIMtSe9OgbnZLBjoHJY7SmrNPFRNY13o9EQTDLEBk7PHN
EVwHhtcBF+jIm1NpkCJ9P2zxeETbEDh9GxXrWmjSzs5PrAW5J/6gAlTE56+cm8C4
kaXK/9rqFncAld9wlTYvUCgODAehetAGSH/TAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUnYTWpndZmCiiWpvksa3q7Hg8I9MwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvbllUV3BuZFptQ2lp
V3B2a3NhM3E3SGc4STlNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQKQMDgADANBgkqhkiG9w0BAQsFAAOCAQEAiuP01GHijS/peYq2f+46tCZv
DTMTkA0kv23s65JuM5zisUoS3NCmno0BpAbh5K9Gd7PGuH3/aKXcTU4lpbLejvoE
2Zl2pNGfbM8Bo6zyvGO3rwzpvyE9zwZujeK9m8pZdCuT03phK7+j70M/HAOa0a2s
rRdkMU26GGL7rrVOhfxb6uFIl5rB+FJAgDMdk1MHtZx4udzg39UkpozgSCffn6QX
PxPIfdaAVZgGwDVSIw4TX77Fb/GbD++u0/gXJWnLZlcjEGQ+yVHG4kc4B2Up5ojL
QrpV1dU9f/mqTSqIqihHO5rlRp3j1KKC6MzCdMqf19369IeJpk4cMSYeu6pWhA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:47:10 2025 by rpki-client