Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_yUfdeufBrasGDj6tlyOFMWmMg.roa
File: I_yUfdeufBrasGDj6tlyOFMWmMg.roa (raw, json)
Hash identifier: TySkQ9SimG8Jp4VlBwqL4O5fpRTpUS1Ck/5Dy1Bdp7w=
Subject key identifier: 23:FC:94:7D:D7:AE:7C:1A:DA:B0:60:E3:EA:D9:72:38:53:16:98:C8
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 21A2
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_yUfdeufBrasGDj6tlyOFMWmMg.roa
Signing time: Sat 06 Sep 2025 08:04:29 +0000
ROA not before: Sat 06 Sep 2025 08:04:29 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 58466
IP address blocks: 118.145.32.0/19 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8610 (0x21a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Sep 6 08:04:29 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=23FC947DD7AE7C1ADAB060E3EAD97238531698C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:29:5e:b1:6d:16:56:ef:65:bf:48:cc:8f:33:
c6:17:a0:ce:df:f5:9d:92:a8:04:35:c3:64:59:5e:
49:0f:b4:cd:1d:8f:1a:cf:bb:34:46:e9:f5:84:04:
68:f9:7e:6c:1e:a5:ad:4a:c6:06:8c:c3:3b:ed:54:
47:b5:3c:32:f3:40:5c:af:1c:20:55:2b:0c:8d:7a:
98:19:fb:09:ad:1c:90:9c:80:33:8a:bd:dd:2b:b2:
62:7f:d3:06:87:66:1d:79:47:1c:08:99:c2:88:aa:
89:0b:c6:fc:62:3b:4c:d6:dd:19:91:b9:d3:8b:06:
a2:76:87:bd:b9:1a:fa:08:84:a7:50:2f:9c:83:d8:
c2:07:12:2e:6d:c8:39:59:38:39:49:15:d7:20:72:
79:96:99:76:0b:da:bf:e7:e7:b1:0b:aa:c1:ed:fe:
fa:e8:73:7f:bc:35:bf:6c:7c:48:57:08:47:7f:d8:
cd:7c:41:c7:a6:27:64:5a:85:aa:12:09:7c:8e:cb:
7f:2b:62:54:93:65:76:cc:96:fd:98:0e:2f:bc:90:
34:cc:08:b3:16:f3:ea:5c:85:70:bc:ac:e6:bc:fa:
5f:17:6e:ac:6b:98:06:6a:41:83:15:37:38:a4:4b:
43:7b:08:0c:b4:29:8d:ed:66:76:63:de:d7:a0:d7:
5c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:FC:94:7D:D7:AE:7C:1A:DA:B0:60:E3:EA:D9:72:38:53:16:98:C8
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_yUfdeufBrasGDj6tlyOFMWmMg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.145.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:c3:42:3b:df:de:ee:b2:e2:37:1c:d6:73:6a:7c:58:c1:5e:
46:09:08:23:4f:ae:83:c7:32:8e:02:57:62:f0:13:03:6f:4c:
ba:bb:b0:8d:35:90:27:41:fc:33:35:63:58:92:c1:c1:4f:af:
4c:79:c9:53:fc:c9:f8:c7:f6:66:e5:c5:09:bb:ec:13:95:cb:
47:f0:1a:d0:d6:01:eb:7e:0b:7d:08:e3:76:f5:3d:57:7b:74:
69:28:79:fd:b5:ce:07:20:2a:ad:de:bc:6d:64:82:61:62:b2:
1c:3e:49:a7:d6:9c:b3:e9:6f:95:a1:5e:ec:e6:71:0f:2a:37:
a2:ea:2d:61:53:14:7d:73:b5:11:cf:7b:7c:0e:21:54:f5:b5:
ef:ce:67:c8:cc:d9:f6:dc:ae:38:6a:cd:df:ee:3c:e4:99:33:
f3:d1:27:cb:89:7d:ab:f0:41:a8:dd:ab:a6:99:ef:05:94:f4:
39:1d:fb:15:98:cd:6e:fb:30:50:f7:99:fb:1a:9d:99:6e:68:
ee:66:25:67:8f:14:34:0e:69:fc:6e:d2:e4:5a:ba:04:8c:ae:
4a:9e:8d:e5:a5:f0:4e:e6:01:21:ca:7c:35:f9:e9:3f:a5:56:
db:88:05:1c:f8:c6:aa:85:dc:61:93:80:08:07:69:fc:fe:6e:
3f:2b:79:dd
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICIaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MDYw
ODA0MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIzRkM5NDdERDdBRTdD
MUFEQUIwNjBFM0VBRDk3MjM4NTMxNjk4QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfKV6xbRZW72W/SMyPM8YXoM7f9Z2SqAQ1w2RZXkkPtM0djxrP
uzRG6fWEBGj5fmwepa1KxgaMwzvtVEe1PDLzQFyvHCBVKwyNepgZ+wmtHJCcgDOK
vd0rsmJ/0waHZh15RxwImcKIqokLxvxiO0zW3RmRudOLBqJ2h725GvoIhKdQL5yD
2MIHEi5tyDlZODlJFdcgcnmWmXYL2r/n57ELqsHt/vroc3+8Nb9sfEhXCEd/2M18
QcemJ2RahaoSCXyOy38rYlSTZXbMlv2YDi+8kDTMCLMW8+pchXC8rOa8+l8Xbqxr
mAZqQYMVNzikS0N7CAy0KY3tZnZj3teg11wfAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUI/yUfdeufBrasGDj6tlyOFMWmMgwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSV95VWZkZXVmQnJh
c0dEajZ0bHlPRk1XbU1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBXaRIDANBgkqhkiG9w0BAQsFAAOCAQEAjsNCO9/e7rLiNxzWc2p8WMFeRgkI
I0+ug8cyjgJXYvATA29MuruwjTWQJ0H8MzVjWJLBwU+vTHnJU/zJ+Mf2ZuXFCbvs
E5XLR/Aa0NYB634LfQjjdvU9V3t0aSh5/bXOByAqrd68bWSCYWKyHD5Jp9acs+lv
laFe7OZxDyo3ouotYVMUfXO1Ec97fA4hVPW1785nyMzZ9tyuOGrN3+485Jkz89En
y4l9q/BBqN2rppnvBZT0OR37FZjNbvswUPeZ+xqdmW5o7mYlZ48UNA5p/G7S5Fq6
BIyuSp6N5aXwTuYBIcp8NfnpP6VW24gFHPjGqoXcYZOACAdp/P5uPyt53Q==
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:27:56 2025 by rpki-client