Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/xfw5fXUjKspmyek5svOb8y_IDWo.roa
File: xfw5fXUjKspmyek5svOb8y_IDWo.roa (raw, json)
Hash identifier: EQyYgUc/ToAaYddbhsFXXMOYHVk4WJ7ruvoDjt7tD2M=
Subject key identifier: C5:FC:39:7D:75:23:2A:CA:66:C9:E9:39:B2:F3:9B:F3:2F:C8:0D:6A
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 1347
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xfw5fXUjKspmyek5svOb8y_IDWo.roa
Signing time: Thu 22 May 2025 09:04:45 +0000
ROA not before: Thu 22 May 2025 09:04:45 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 55990
IP address blocks: 101.245.64.0/19 maxlen: 19
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4935 (0x1347)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: May 22 09:04:45 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C5FC397D75232ACA66C9E939B2F39BF32FC80D6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:28:2b:ff:97:5c:68:20:6f:88:22:b1:98:7e:
78:82:11:88:98:a0:80:ae:af:81:0a:43:53:04:5c:
98:73:7e:b2:79:f7:fe:70:2d:a6:cf:51:b6:bd:10:
20:42:3b:14:8b:bb:47:f7:11:45:b5:af:81:87:01:
0f:2b:36:78:0d:77:df:67:58:fe:07:d1:fe:5f:e2:
de:8e:74:24:a2:c0:cc:e5:73:7c:e4:3f:4d:4a:cd:
91:af:da:d9:4c:80:63:e8:98:a7:76:81:0e:5b:f5:
3b:64:60:07:1b:d0:29:ea:3d:ab:36:dc:fe:30:5e:
8d:6a:c4:52:b0:f1:f0:3d:57:d8:05:aa:48:5d:0e:
12:8a:61:35:94:c9:df:d8:dc:a1:e1:9f:61:be:04:
d7:04:c6:d2:e8:7c:99:2b:5a:99:c9:78:f6:f1:2c:
61:f6:6e:17:c7:8a:5a:85:89:8e:08:61:05:0c:5d:
f0:dc:8e:97:6c:86:53:b0:3e:70:95:08:3a:3a:90:
74:03:be:76:09:4f:4a:7c:a7:90:89:00:b6:f9:5e:
ed:fa:6d:f9:b2:d9:66:da:b7:6f:54:1f:d7:24:64:
46:02:67:95:12:17:91:7d:3b:34:bd:be:10:9d:c2:
d2:9e:a6:df:89:c3:7c:4e:6e:23:24:4d:c5:97:7d:
61:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FC:39:7D:75:23:2A:CA:66:C9:E9:39:B2:F3:9B:F3:2F:C8:0D:6A
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xfw5fXUjKspmyek5svOb8y_IDWo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.245.64.0/19
Signature Algorithm: sha256WithRSAEncryption
39:67:3a:c5:dd:bf:3d:51:2e:cf:b4:df:18:8a:ae:69:fb:8f:
ac:6d:03:c5:0c:f7:dc:8e:d2:f2:9a:43:5b:2d:89:1e:f7:35:
93:5e:19:ef:e9:eb:20:95:1c:f9:52:d7:3e:12:d7:77:00:ee:
d9:91:8c:da:71:37:f2:3c:75:a9:ca:cb:74:3a:9e:cf:22:d5:
61:56:97:1d:b2:3e:58:a6:5d:02:52:47:6a:96:db:ec:56:6a:
97:90:da:49:a9:2e:f1:38:0d:eb:19:9b:89:19:97:8f:93:e4:
bc:ff:49:4c:91:7a:74:f7:fe:1b:48:c3:6a:51:1c:aa:36:4e:
55:72:7d:c6:b5:3f:e4:b2:9f:f7:f6:7e:a2:26:db:6d:af:68:
9b:77:07:92:da:7f:3d:9a:58:2c:ce:40:37:67:6b:60:42:66:
c4:1d:89:70:27:75:d1:88:f0:bd:b5:48:52:df:ed:d0:32:c5:
76:62:c4:ef:e4:af:8f:6c:ba:e2:6e:23:52:77:88:aa:b9:56:
64:ab:79:51:52:46:42:d7:e4:e4:8e:77:e7:6b:86:32:b9:03:
20:f2:ec:b9:9e:47:c1:2c:09:00:05:ef:1d:95:cb:27:31:67:
56:df:6e:7c:ac:81:08:4a:e6:41:be:29:41:54:19:c9:46:86:
1a:5a:03:fe
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE0cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw
OTA0NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM1RkMzOTdENzUyMzJB
Q0E2NkM5RTkzOUIyRjM5QkYzMkZDODBENkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAKCv/l1xoIG+IIrGYfniCEYiYoICur4EKQ1MEXJhzfrJ59/5w
LabPUba9ECBCOxSLu0f3EUW1r4GHAQ8rNngNd99nWP4H0f5f4t6OdCSiwMzlc3zk
P01KzZGv2tlMgGPomKd2gQ5b9TtkYAcb0CnqPas23P4wXo1qxFKw8fA9V9gFqkhd
DhKKYTWUyd/Y3KHhn2G+BNcExtLofJkrWpnJePbxLGH2bhfHilqFiY4IYQUMXfDc
jpdshlOwPnCVCDo6kHQDvnYJT0p8p5CJALb5Xu36bfmy2Wbat29UH9ckZEYCZ5US
F5F9OzS9vhCdwtKept+Jw3xObiMkTcWXfWH/AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUxfw5fXUjKspmyek5svOb8y/IDWowHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQveGZ3NWZYVWpLc3Bt
eWVrNXN2T2I4eV9JRFdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBWX1QDANBgkqhkiG9w0BAQsFAAOCAQEAOWc6xd2/PVEuz7TfGIquafuPrG0D
xQz33I7S8ppDWy2JHvc1k14Z7+nrIJUc+VLXPhLXdwDu2ZGM2nE38jx1qcrLdDqe
zyLVYVaXHbI+WKZdAlJHapbb7FZql5DaSaku8TgN6xmbiRmXj5PkvP9JTJF6dPf+
G0jDalEcqjZOVXJ9xrU/5LKf9/Z+oibbba9om3cHktp/PZpYLM5AN2drYEJmxB2J
cCd10YjwvbVIUt/t0DLFdmLE7+Svj2y64m4jUneIqrlWZKt5UVJGQtfk5I5352uG
MrkDIPLsuZ5HwSwJAAXvHZXLJzFnVt9ufKyBCErmQb4pQVQZyUaGGloD/g==
-----END CERTIFICATE-----
Generated at Sun Oct 26 05:23:19 2025 by rpki-client