Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/y5oMs9Jn81NPLHSM1R5okxYVYwc.roa
File: y5oMs9Jn81NPLHSM1R5okxYVYwc.roa (raw, json)
Hash identifier: o4ZQiGxN2X+lOvToLkMSZELaIkNri+DTgwtf0gjsIKs=
Subject key identifier: CB:9A:0C:B3:D2:67:F3:53:4F:2C:74:8C:D5:1E:68:93:16:15:63:07
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 1F
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/y5oMs9Jn81NPLHSM1R5okxYVYwc.roa
Signing time: Tue 27 May 2025 08:19:34 +0000
ROA not before: Tue 27 May 2025 08:19:34 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 9808
IP address blocks: 240a:428e::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: May 27 08:19:34 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=CB9A0CB3D267F3534F2C748CD51E689316156307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:50:0d:3e:ad:d2:35:5b:57:f1:6d:5c:b3:42:
64:64:07:b1:8a:0a:d9:ef:22:6f:e9:dd:dc:4b:e1:
c5:71:a8:c6:8b:c2:fa:b8:f2:2e:5a:71:be:ae:51:
08:4e:7a:8f:79:d2:88:81:7e:57:c6:cd:0c:1e:fd:
6d:92:cd:89:e7:5f:e5:f9:71:81:e8:5c:df:37:41:
f9:af:5c:bc:4a:38:4d:58:90:9c:7c:e6:25:da:1b:
9e:b0:28:17:88:1d:00:50:01:c7:a3:f0:d0:04:36:
f6:70:65:e7:b5:8e:ba:8f:29:de:3e:fd:de:8a:52:
3c:dd:e5:84:7f:1f:b1:2d:02:71:ae:39:e7:ab:4e:
21:81:1e:4f:38:94:72:3f:72:54:16:df:6b:78:0f:
15:92:23:0f:b9:8e:63:c8:6c:fb:a1:54:91:4f:fa:
9a:58:1a:20:3b:89:05:c8:73:84:b7:95:e3:78:83:
cc:fd:07:17:e7:74:12:48:22:4d:ab:13:fb:09:21:
da:f4:09:f5:d6:8e:bc:e9:9c:f8:e9:62:64:a4:bc:
a3:47:2b:af:9f:55:cf:bf:a8:2e:3c:a5:09:ba:e6:
6a:89:28:14:95:e0:f6:9e:ca:9e:97:a9:f9:8a:75:
76:eb:9a:cc:c1:3f:1a:5d:88:fd:85:74:98:ec:cb:
f7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9A:0C:B3:D2:67:F3:53:4F:2C:74:8C:D5:1E:68:93:16:15:63:07
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/y5oMs9Jn81NPLHSM1R5okxYVYwc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:428e::/31
Signature Algorithm: sha256WithRSAEncryption
20:e8:a8:c0:82:7d:97:61:ba:df:b3:7c:68:48:2c:af:cc:0c:
eb:dc:a9:de:92:19:1f:a6:41:67:8b:d4:12:df:bd:36:9d:cc:
f7:d1:6e:10:b6:b3:8a:8c:cc:60:e0:1d:53:f9:22:45:3f:d9:
a2:07:72:cb:6b:55:e0:b5:17:d6:c9:5e:24:65:cc:ed:53:c9:
49:59:dd:78:8e:c5:fe:48:ab:49:a0:50:cc:12:1f:0c:4e:44:
d6:e3:67:5b:2f:5d:c4:fb:91:9b:8f:26:b3:71:f7:32:6e:a8:
db:e6:8e:34:d2:01:57:ee:5a:32:16:17:a5:32:2b:fe:4b:e3:
55:f4:c0:88:5d:b1:45:38:d2:ed:b1:9c:a4:d7:dd:79:15:6a:
a3:67:f7:e8:08:05:c6:49:58:4e:3d:48:dd:3f:bd:b5:ce:d7:
8a:8e:05:6c:50:0d:6c:67:07:a7:fb:18:3b:17:c0:7f:a4:20:
bf:c0:48:77:01:72:de:6b:5d:f7:dc:36:a1:d4:86:97:52:93:
03:a6:a7:85:3f:e3:7e:3b:d4:07:da:25:d5:54:92:66:63:41:
b3:38:84:00:17:d4:72:97:61:ab:44:0a:1d:8f:39:9f:9b:1b:
61:6c:af:c4:f1:bb:98:fb:d2:30:e7:34:00:55:3a:b6:ed:79:
bb:80:f1:43
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG
RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4
MTkzNFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoQ0I5QTBDQjNEMjY3RjM1
MzRGMkM3NDhDRDUxRTY4OTMxNjE1NjMwNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK9QDT6t0jVbV/FtXLNCZGQHsYoK2e8ib+nd3EvhxXGoxovC+rjy
Llpxvq5RCE56j3nSiIF+V8bNDB79bZLNiedf5flxgehc3zdB+a9cvEo4TViQnHzm
JdobnrAoF4gdAFABx6Pw0AQ29nBl57WOuo8p3j793opSPN3lhH8fsS0Cca4556tO
IYEeTziUcj9yVBbfa3gPFZIjD7mOY8hs+6FUkU/6mlgaIDuJBchzhLeV43iDzP0H
F+d0EkgiTasT+wkh2vQJ9daOvOmc+OliZKS8o0crr59Vz7+oLjylCbrmaokoFJXg
9p7Knpep+Yp1duuazME/Gl2I/YV0mOzL9zcCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBTLmgyz0mfzU08sdIzVHmiTFhVjBzAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP
q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy
L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi95NW9NczlKbjgxTlBM
SFNNMVI1b2t4WVZZd2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUBJApCjjANBgkqhkiG9w0BAQsFAAOCAQEAIOiowIJ9l2G637N8aEgsr8wM69yp
3pIZH6ZBZ4vUEt+9Np3M99FuELaziozMYOAdU/kiRT/Zogdyy2tV4LUX1sleJGXM
7VPJSVndeI7F/kirSaBQzBIfDE5E1uNnWy9dxPuRm48ms3H3Mm6o2+aONNIBV+5a
MhYXpTIr/kvjVfTAiF2xRTjS7bGcpNfdeRVqo2f36AgFxklYTj1I3T+9tc7Xio4F
bFANbGcHp/sYOxfAf6Qgv8BIdwFy3mtd99w2odSGl1KTA6anhT/jfjvUB9ol1VSS
ZmNBsziEABfUcpdhq0QKHY85n5sbYWyvxPG7mPvSMOc0AFU6tu15u4DxQw==
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:46:17 2025 by rpki-client