Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3078/XcDhX-g_ymccbjzil3jDpLMMYhA.roa
File: XcDhX-g_ymccbjzil3jDpLMMYhA.roa (raw, json)
Hash identifier: Mt1oz2AlMxW6QnWmV1+7L1KKuLz5mwaDu6KAufSobKA=
Subject key identifier: 5D:C0:E1:5F:E8:3F:CA:67:1C:6E:3C:E2:97:78:C3:A4:B3:0C:62:10
Certificate issuer: /CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785
Certificate serial: 38
Authority key identifier: F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/XcDhX-g_ymccbjzil3jDpLMMYhA.roa
Signing time: Sat 17 May 2025 03:40:39 +0000
ROA not before: Sat 17 May 2025 03:40:39 +0000
ROA not after: Sun 10 May 2026 04:51:55 +0000
asID: 151270
IP address blocks: 110.40.45.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56 (0x38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785
Validity
Not Before: May 17 03:40:39 2025 GMT
Not After : May 10 04:51:55 2026 GMT
Subject: CN=5DC0E15FE83FCA671C6E3CE29778C3A4B30C6210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f6:6c:52:32:de:18:66:c2:23:11:e1:bc:da:
5e:0b:35:1a:c6:0e:5b:17:71:67:83:67:20:67:c9:
57:64:cf:61:07:41:c4:00:ab:37:be:c7:95:2b:83:
92:15:f9:ed:90:6b:e8:55:5c:e1:9f:64:f5:71:28:
57:56:f2:ce:81:73:0a:38:58:47:3c:89:b0:0c:73:
f8:3e:20:51:b5:bb:a0:99:bf:a4:0c:26:34:e9:00:
a4:86:6b:71:91:75:f7:da:b2:19:ac:69:cb:83:0e:
a4:88:54:5e:1c:6b:e1:62:d8:96:fb:df:02:1a:8b:
bb:1e:84:fd:ae:bf:1e:a9:b8:da:6c:a6:59:b5:8c:
10:c9:6f:0f:93:4f:f3:2f:79:e9:e9:5f:c0:d0:d6:
ab:91:b6:5a:db:b5:67:ae:e5:c8:2a:d1:e6:20:83:
8f:29:41:63:e2:14:b0:55:66:ef:7e:8c:f4:b9:80:
bc:fc:4d:4f:9a:b9:b7:3a:1c:d8:2a:e3:48:83:2d:
64:ef:46:9d:95:93:d7:97:d4:4f:6f:e7:44:8b:ef:
c5:06:9f:d2:38:44:3a:96:e4:70:ba:7a:2a:a9:f4:
59:bf:71:19:95:65:5e:c3:8a:04:54:c1:25:7b:98:
9d:69:52:1b:fb:78:6d:9a:1b:92:b9:9e:93:77:72:
d2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C0:E1:5F:E8:3F:CA:67:1C:6E:3C:E2:97:78:C3:A4:B3:0C:62:10
X509v3 Authority Key Identifier:
keyid:F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/XcDhX-g_ymccbjzil3jDpLMMYhA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.40.45.0/24
Signature Algorithm: sha256WithRSAEncryption
76:b7:40:26:de:59:f5:95:f8:80:3e:40:ae:f3:78:2c:56:25:
3b:21:25:2b:de:66:27:72:84:89:9a:ac:ab:24:d9:d1:c8:a9:
47:67:f4:08:fd:9b:d6:df:ee:b3:48:35:b8:69:41:d7:34:72:
fa:e1:ad:fc:67:e0:b6:51:b9:b3:db:30:aa:12:7d:c2:0c:d4:
89:ff:6f:d9:a9:98:89:40:e7:e6:e3:fe:80:97:96:6e:f7:c2:
2b:31:d8:f5:bb:0e:6c:c7:be:38:00:00:2e:a1:b0:2d:8b:0d:
cd:c2:3b:b6:01:8b:cf:31:0c:ef:88:69:ef:15:34:a9:0c:8b:
15:f1:e4:f7:f1:67:4f:49:0d:cd:26:2d:e9:21:99:77:de:2d:
e1:71:90:c5:07:88:a9:62:a7:f8:03:64:7d:86:58:d4:60:0c:
42:10:de:53:99:c0:82:f2:7d:dd:6d:12:39:1d:de:8b:1f:64:
54:0d:5e:12:9c:ea:8b:ed:36:96:48:0c:80:eb:93:cd:ba:e9:
15:4e:70:17:d3:5d:5b:ed:47:2b:18:07:2f:10:ed:46:8d:40:
6f:d2:df:09:3e:70:2b:d0:bf:3a:a7:5d:e8:d7:24:76:f0:07:
c1:67:16:65:21:a5:f2:74:2a:30:94:0a:8a:c6:27:47:12:08:
71:8f:ff:58
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNzAy
OTM1RjAyRkMxQjgxMjk3RDFGRkI0Qzc4Q0UwQkExRDQzNzg1MB4XDTI1MDUxNzAz
NDAzOVoXDTI2MDUxMDA0NTE1NVowMzExMC8GA1UEAxMoNURDMEUxNUZFODNGQ0E2
NzFDNkUzQ0UyOTc3OEMzQTRCMzBDNjIxMDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOL2bFIy3hhmwiMR4bzaXgs1GsYOWxdxZ4NnIGfJV2TPYQdBxACr
N77HlSuDkhX57ZBr6FVc4Z9k9XEoV1byzoFzCjhYRzyJsAxz+D4gUbW7oJm/pAwm
NOkApIZrcZF199qyGaxpy4MOpIhUXhxr4WLYlvvfAhqLux6E/a6/Hqm42mymWbWM
EMlvD5NP8y956elfwNDWq5G2Wtu1Z67lyCrR5iCDjylBY+IUsFVm736M9LmAvPxN
T5q5tzoc2CrjSIMtZO9GnZWT15fUT2/nRIvvxQaf0jhEOpbkcLp6Kqn0Wb9xGZVl
XsOKBFTBJXuYnWlSG/t4bZobkrmek3dy0uUCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBRdwOFf6D/KZxxuPOKXeMOkswxiEDAfBgNVHSMEGDAWgBT3ApNfAvwbgSl9H/tM
eM4LodQ3hTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDc4
Lzl3S1RYd0w4RzRFcGZSXzdUSGpPQzZIVU40VS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOXdLVFh3TDhHNEVwZlJfN1RIak9DNkhVTjRVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3OC9YY0RoWC1nX3ltY2Ni
anppbDNqRHBMTU1ZaEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAbigtMA0GCSqGSIb3DQEBCwUAA4IBAQB2t0Am3ln1lfiAPkCu83gsViU7ISUr
3mYncoSJmqyrJNnRyKlHZ/QI/ZvW3+6zSDW4aUHXNHL64a38Z+C2Ubmz2zCqEn3C
DNSJ/2/ZqZiJQOfm4/6Al5Zu98IrMdj1uw5sx744AAAuobAtiw3Nwju2AYvPMQzv
iGnvFTSpDIsV8eT38WdPSQ3NJi3pIZl33i3hcZDFB4ipYqf4A2R9hljUYAxCEN5T
mcCC8n3dbRI5Hd6LH2RUDV4SnOqL7TaWSAyA65PNuukVTnAX011b7UcrGAcvEO1G
jUBv0t8JPnAr0L86p13o1yR28AfBZxZlIaXydCowlAqKxidHEghxj/9Y
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:41:04 2025 by rpki-client