Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/qkzRmSzn7HXILcpMmbCjvAKgamc.roa
File: qkzRmSzn7HXILcpMmbCjvAKgamc.roa (raw, json)
Hash identifier: 2b5xsFAn3vkQzu1p5zPZaqy410mFGjaRyn7WO0tb8yQ=
Subject key identifier: AA:4C:D1:99:2C:E7:EC:75:C8:2D:CA:4C:99:B0:A3:BC:02:A0:6A:67
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 134A
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/qkzRmSzn7HXILcpMmbCjvAKgamc.roa
Signing time: Thu 22 May 2025 09:04:46 +0000
ROA not before: Thu 22 May 2025 09:04:46 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 55990
IP address blocks: 115.175.160.0/19 maxlen: 19
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4938 (0x134a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: May 22 09:04:46 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=AA4CD1992CE7EC75C82DCA4C99B0A3BC02A06A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:a4:20:4c:b9:72:60:55:95:77:1d:6b:91:
79:cd:0c:ec:82:25:5d:88:aa:cc:aa:07:b2:e8:ed:
f4:f5:f4:3b:47:81:57:f0:a1:ff:24:7b:35:9c:fe:
3d:23:2d:60:36:2d:37:69:35:1d:fa:4f:b2:c7:dc:
8c:61:5e:f6:30:9d:95:36:87:2c:a2:17:7b:b0:ca:
f7:ab:bf:d5:98:81:3d:35:35:07:01:67:f7:71:f5:
c7:26:28:c6:5f:8a:7e:34:7e:62:02:45:d0:0e:7a:
a6:f5:aa:0e:e8:59:14:dc:ea:37:57:39:84:87:ad:
ed:ca:b8:00:9c:5f:7e:d8:e0:18:84:fe:a8:19:49:
6b:78:4f:5e:e8:b2:93:47:c0:b5:ee:13:96:7a:09:
4c:b7:f1:32:10:46:41:b3:df:ee:6e:8b:97:24:a6:
92:d9:8c:15:d4:f4:39:fb:7e:14:fa:6e:60:58:5c:
eb:99:9a:f5:dd:a2:bc:b7:b0:c8:b8:16:66:27:62:
49:c7:1f:66:da:34:98:62:16:4d:95:6d:18:cc:94:
3a:db:80:eb:30:53:db:b4:9d:b1:3c:ea:52:1d:6e:
d2:38:b1:0d:eb:32:2f:2f:16:54:bb:97:ad:10:67:
60:fc:cd:17:45:45:76:32:4d:91:e9:09:88:5b:04:
ee:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4C:D1:99:2C:E7:EC:75:C8:2D:CA:4C:99:B0:A3:BC:02:A0:6A:67
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/qkzRmSzn7HXILcpMmbCjvAKgamc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
09:d4:a8:62:dc:32:24:49:4c:1e:2b:1d:14:ac:16:40:c2:6f:
20:cd:08:82:95:d5:8f:3c:c3:c8:f5:e3:25:6a:7d:7d:e3:d1:
18:62:70:ca:74:85:2d:ee:4f:a4:86:e1:57:8a:83:18:07:00:
92:13:e6:d8:07:79:ca:8a:0a:b0:b9:63:50:e4:41:12:c0:6e:
af:c6:4e:cf:05:4c:fd:17:58:e6:1a:39:13:c8:cd:8a:a3:84:
7f:23:51:e4:73:88:2d:85:13:4a:a8:ce:6b:56:e9:85:46:6c:
aa:1c:72:ac:f3:14:79:ec:90:8b:b0:db:91:34:7e:45:3f:cf:
73:5c:3a:e2:da:cd:7d:88:75:4b:55:96:5f:12:3a:f2:9f:cd:
f2:2a:0c:d5:78:0e:c7:49:24:5e:9c:da:21:f5:25:56:30:d5:
90:3b:b4:0d:ff:62:ab:c9:e6:ee:2f:b0:1f:51:5c:26:56:34:
6d:d0:a3:c1:24:68:32:c0:75:d5:49:0b:c8:19:34:4f:da:83:
40:e6:3d:1b:35:43:99:58:55:df:01:fe:90:5a:52:dc:ac:93:
1a:f3:71:07:3f:c8:90:f7:fe:36:57:b2:7b:32:59:0a:5f:f1:
ac:4e:e8:99:5c:d6:97:f3:2b:35:77:2f:87:01:cb:84:3b:6b:
95:5f:30:cc
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw
OTA0NDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFBNENEMTk5MkNFN0VD
NzVDODJEQ0E0Qzk5QjBBM0JDMDJBMDZBNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmtqQgTLlyYFWVdx1rkXnNDOyCJV2IqsyqB7Lo7fT19DtHgVfw
of8kezWc/j0jLWA2LTdpNR36T7LH3IxhXvYwnZU2hyyiF3uwyverv9WYgT01NQcB
Z/dx9ccmKMZfin40fmICRdAOeqb1qg7oWRTc6jdXOYSHre3KuACcX37Y4BiE/qgZ
SWt4T17ospNHwLXuE5Z6CUy38TIQRkGz3+5ui5ckppLZjBXU9Dn7fhT6bmBYXOuZ
mvXdory3sMi4FmYnYknHH2baNJhiFk2VbRjMlDrbgOswU9u0nbE86lIdbtI4sQ3r
Mi8vFlS7l60QZ2D8zRdFRXYyTZHpCYhbBO6nAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUqkzRmSzn7HXILcpMmbCjvAKgamcwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvcWt6Um1Tem43SFhJ
TGNwTW1iQ2p2QUtnYW1jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBXOvoDANBgkqhkiG9w0BAQsFAAOCAQEACdSoYtwyJElMHisdFKwWQMJvIM0I
gpXVjzzDyPXjJWp9fePRGGJwynSFLe5PpIbhV4qDGAcAkhPm2Ad5yooKsLljUORB
EsBur8ZOzwVM/RdY5ho5E8jNiqOEfyNR5HOILYUTSqjOa1bphUZsqhxyrPMUeeyQ
i7DbkTR+RT/Pc1w64trNfYh1S1WWXxI68p/N8ioM1XgOx0kkXpzaIfUlVjDVkDu0
Df9iq8nm7i+wH1FcJlY0bdCjwSRoMsB11UkLyBk0T9qDQOY9GzVDmVhV3wH+kFpS
3KyTGvNxBz/IkPf+NleyezJZCl/xrE7omVzWl/MrNXcvhwHLhDtrlV8wzA==
-----END CERTIFICATE-----
Generated at Sun Oct 26 05:23:21 2025 by rpki-client