Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/ztsoh119TYJM6he8hE8G2KFSoWg.roa
File: ztsoh119TYJM6he8hE8G2KFSoWg.roa (raw, json)
Hash identifier: jaJusWCB/WX0KzXxydiHIbklVbCIsVY0PzZZc/g8lsc=
Subject key identifier: CE:DB:28:87:5D:7D:4D:82:4C:EA:17:BC:84:4F:06:D8:A1:52:A1:68
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 2B
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/ztsoh119TYJM6he8hE8G2KFSoWg.roa
Signing time: Tue 27 May 2025 08:19:38 +0000
ROA not before: Tue 27 May 2025 08:19:38 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56048
IP address blocks: 240a:4280::/31 maxlen: 31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43 (0x2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: May 27 08:19:38 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=CEDB28875D7D4D824CEA17BC844F06D8A152A168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:78:ea:06:65:99:79:b5:1f:66:2b:f8:52:bd:
c6:99:37:24:c5:bd:f5:3d:c0:06:08:24:f4:ec:81:
7d:75:ce:ed:28:82:62:ec:f0:3f:ad:6d:11:70:7d:
40:dd:70:d8:7c:ad:75:30:93:15:45:50:3c:2e:34:
a9:f9:81:5a:0b:0c:76:be:9b:cc:ec:33:2e:54:93:
e8:95:31:97:2c:0b:8f:35:97:f4:ac:4d:74:5f:ad:
ff:08:ef:13:a5:f4:65:95:80:e9:11:ae:e5:58:97:
94:7c:a2:c3:f6:58:21:4a:af:00:b0:11:01:c0:28:
86:3b:c1:fe:18:fc:2b:3b:54:4a:a1:98:be:4e:81:
84:8b:cd:24:bc:d0:39:00:be:f5:ee:14:24:1f:d9:
53:cd:5d:31:ef:b6:9f:a5:23:86:6f:82:07:fa:a0:
d7:60:81:ce:ab:68:c8:e7:1b:77:d3:59:94:b8:1e:
90:92:3d:c9:b6:4b:c6:a8:bf:95:49:f0:42:8c:ad:
86:f7:df:f4:ba:a4:80:b1:0a:74:e4:3c:42:b4:b7:
54:a8:bb:21:61:10:f4:88:d6:58:d9:5b:13:f4:8f:
12:3d:cd:0b:0a:2a:43:df:f1:a0:0d:77:4f:61:c8:
49:9b:66:75:ec:80:15:67:24:bf:7a:2d:92:b2:d9:
43:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:DB:28:87:5D:7D:4D:82:4C:EA:17:BC:84:4F:06:D8:A1:52:A1:68
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/ztsoh119TYJM6he8hE8G2KFSoWg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:4280::/31
Signature Algorithm: sha256WithRSAEncryption
23:cb:de:f6:2f:70:33:10:de:64:ff:2e:fa:9c:33:72:45:68:
b3:52:36:1f:b0:ae:86:f3:0a:a1:84:65:8e:5e:8b:92:12:0e:
6b:3d:24:2b:b4:bc:f2:46:8b:2b:7c:86:85:a2:c8:73:c4:38:
71:51:3d:f7:b7:8d:c5:83:18:90:f5:c7:fa:67:96:24:47:58:
bf:50:f5:bf:e6:35:24:45:a2:6a:e8:06:6f:a6:20:f4:e9:e3:
d1:25:2e:2d:69:93:b7:93:6b:96:3d:f1:66:ee:7b:98:7c:65:
65:9c:73:ac:9e:9e:fa:90:ca:10:f7:fb:83:3e:cd:9b:28:df:
2c:20:94:24:ce:a9:f9:f8:7e:7f:2e:97:cd:8c:a3:65:b3:93:
53:c3:16:fc:65:d1:7e:d8:d5:58:d1:79:d3:8b:69:36:1b:d3:
bf:7c:4f:6b:ea:a5:c0:93:a6:2f:5b:d6:2e:62:30:b2:23:70:
a9:20:9f:a5:3f:37:09:58:ad:64:51:62:0d:a2:71:51:a2:58:
4e:99:c9:9c:ea:15:75:c8:e1:d4:31:c7:e7:b8:9f:d4:eb:65:
d4:da:04:15:ed:93:eb:4b:2c:41:e2:07:79:59:55:5a:5b:3b:
c2:9e:0f:0d:63:71:8e:32:f4:ef:d5:4b:b9:90:e3:54:5a:9f:
f8:15:3d:13
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG
RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4
MTkzOFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoQ0VEQjI4ODc1RDdENEQ4
MjRDRUExN0JDODQ0RjA2RDhBMTUyQTE2ODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJx46gZlmXm1H2Yr+FK9xpk3JMW99T3ABggk9OyBfXXO7SiCYuzw
P61tEXB9QN1w2HytdTCTFUVQPC40qfmBWgsMdr6bzOwzLlST6JUxlywLjzWX9KxN
dF+t/wjvE6X0ZZWA6RGu5ViXlHyiw/ZYIUqvALARAcAohjvB/hj8KztUSqGYvk6B
hIvNJLzQOQC+9e4UJB/ZU81dMe+2n6Ujhm+CB/qg12CBzqtoyOcbd9NZlLgekJI9
ybZLxqi/lUnwQoythvff9LqkgLEKdOQ8QrS3VKi7IWEQ9IjWWNlbE/SPEj3NCwoq
Q9/xoA13T2HISZtmdeyAFWckv3otkrLZQ9UCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBTO2yiHXX1NgkzqF7yETwbYoVKhaDAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP
q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy
L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi96dHNvaDExOVRZSk02
aGU4aEU4RzJLRlNvV2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUBJApCgDANBgkqhkiG9w0BAQsFAAOCAQEAI8ve9i9wMxDeZP8u+pwzckVos1I2
H7CuhvMKoYRljl6LkhIOaz0kK7S88kaLK3yGhaLIc8Q4cVE997eNxYMYkPXH+meW
JEdYv1D1v+Y1JEWiaugGb6Yg9Onj0SUuLWmTt5Nrlj3xZu57mHxlZZxzrJ6e+pDK
EPf7gz7NmyjfLCCUJM6p+fh+fy6XzYyjZbOTU8MW/GXRftjVWNF504tpNhvTv3xP
a+qlwJOmL1vWLmIwsiNwqSCfpT83CVitZFFiDaJxUaJYTpnJnOoVdcjh1DHH57if
1Otl1NoEFe2T60ssQeIHeVlVWls7wp4PDWNxjjL079VLuZDjVFqf+BU9Ew==
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:01:44 2025 by rpki-client