Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/NEIVfzA8gSdgIttGBAcC05dVuww.roa
File: NEIVfzA8gSdgIttGBAcC05dVuww.roa (raw, json)
Hash identifier: UEISRdPVouCB2TgBpa6JbQT7Rjbx48H/sDHyZI2N+xA=
Subject key identifier: 34:42:15:7F:30:3C:81:27:60:22:DB:46:04:07:02:D3:97:55:BB:0C
Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Certificate serial: 0CD1
Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/NEIVfzA8gSdgIttGBAcC05dVuww.roa
Signing time: Thu 10 Jul 2025 09:34:04 +0000
ROA not before: Thu 10 Jul 2025 09:34:04 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4816
IP address blocks: 2407:8f40:2::/48 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3281 (0xcd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Validity
Not Before: Jul 10 09:34:04 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3442157F303C81276022DB46040702D39755BB0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0e:98:55:c8:e9:08:01:29:de:d1:f7:e6:df:
1c:ba:77:05:96:85:e2:6b:fc:fb:0a:9c:bd:64:5b:
37:2e:9e:bb:27:8b:2c:7d:6f:7e:e5:cc:4a:80:20:
a6:ce:6f:7e:4c:93:79:e5:6c:6a:c1:f0:6f:38:96:
ea:d4:8d:57:61:d8:33:47:fc:d2:08:80:17:b8:18:
93:ee:8e:44:af:5b:97:e4:da:a2:70:94:f9:2d:15:
4d:44:9b:19:4c:87:4f:53:e0:85:2b:16:2b:e9:cc:
a5:2f:71:d1:ae:a1:6e:5d:9e:24:23:10:4e:47:60:
12:c9:8e:71:70:9b:5a:43:61:d3:15:9d:ab:69:fb:
db:45:bc:bb:f5:d7:72:50:7e:b0:7d:28:c8:a9:a8:
3d:16:71:41:2e:44:b9:ce:64:27:e1:b3:c8:28:96:
20:74:e8:31:c5:4d:96:67:21:bd:9c:65:07:83:35:
92:e4:70:1b:7a:22:27:fb:ff:77:cc:5c:b0:1d:b1:
1c:ff:e9:e9:7a:bc:3c:66:67:57:45:d8:94:5a:2f:
13:0e:65:5b:78:4f:61:9c:bf:8a:24:33:1e:73:97:
51:73:be:0a:32:5f:80:d2:55:9a:9e:6c:e9:d2:87:
19:2f:0f:67:63:19:09:0f:47:2c:9a:4c:52:d9:81:
13:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:42:15:7F:30:3C:81:27:60:22:DB:46:04:07:02:D3:97:55:BB:0C
X509v3 Authority Key Identifier:
keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/NEIVfzA8gSdgIttGBAcC05dVuww.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:8f40:2::/48
Signature Algorithm: sha256WithRSAEncryption
0c:a0:42:1a:9a:fa:97:dd:51:2c:41:fc:90:7e:b0:2b:25:e5:
d6:06:14:2e:75:ef:1c:d4:e8:c8:b2:ff:15:01:a1:2e:bc:f7:
c6:03:f8:ea:23:05:cd:46:6b:02:5c:90:e7:14:cf:4c:98:3c:
99:9b:01:f7:dd:51:53:00:ae:6f:1a:a3:b0:bd:72:80:15:90:
4d:66:6e:7e:8b:ee:75:7b:51:23:cc:58:43:f7:c1:28:80:82:
82:24:d0:29:f3:a6:9a:f6:e2:72:3c:b3:39:22:48:7b:ac:94:
7c:df:61:41:93:fe:7c:de:fa:db:16:ff:4b:cf:d8:23:36:5a:
88:0f:0a:b4:d4:21:e5:82:73:d0:15:0f:82:1b:9a:fd:d4:e7:
19:14:c7:a0:21:d8:2a:00:42:51:87:c8:30:34:97:c4:32:82:
65:64:c1:61:f6:67:d8:c1:3b:2b:9c:24:da:d0:3f:7f:c2:04:
13:d8:51:be:e1:1b:02:5e:dd:e4:e1:f7:41:90:6e:e2:75:7f:
f1:59:59:39:7b:49:ee:89:33:92:b4:07:74:0d:ed:93:0e:b7:
13:af:ae:21:cc:c7:b4:00:f1:03:c5:8f:a8:dd:18:2d:b8:2c:
63:ee:3e:4c:da:3f:6b:9c:79:5f:ce:7f:a5:57:fb:cd:e0:3c:
14:e1:34:7d
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICDNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix
NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA3MTAw
OTM0MDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM0NDIxNTdGMzAzQzgx
Mjc2MDIyREI0NjA0MDcwMkQzOTc1NUJCMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8DphVyOkIASne0ffm3xy6dwWWheJr/PsKnL1kWzcunrsniyx9
b37lzEqAIKbOb35Mk3nlbGrB8G84lurUjVdh2DNH/NIIgBe4GJPujkSvW5fk2qJw
lPktFU1EmxlMh09T4IUrFivpzKUvcdGuoW5dniQjEE5HYBLJjnFwm1pDYdMVnatp
+9tFvLv113JQfrB9KMipqD0WcUEuRLnOZCfhs8goliB06DHFTZZnIb2cZQeDNZLk
cBt6Iif7/3fMXLAdsRz/6el6vDxmZ1dF2JRaLxMOZVt4T2Gcv4okMx5zl1Fzvgoy
X4DSVZqebOnShxkvD2djGQkPRyyaTFLZgRP9AgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUNEIVfzA8gSdgIttGBAcC05dVuwwwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b
3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvTkVJVmZ6QThnU2Rn
SXR0R0JBY0MwNWRWdXd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACQHj0AAAjANBgkqhkiG9w0BAQsFAAOCAQEADKBCGpr6l91RLEH8kH6wKyXl
1gYULnXvHNToyLL/FQGhLrz3xgP46iMFzUZrAlyQ5xTPTJg8mZsB991RUwCubxqj
sL1ygBWQTWZufovudXtRI8xYQ/fBKICCgiTQKfOmmvbicjyzOSJIe6yUfN9hQZP+
fN762xb/S8/YIzZaiA8KtNQh5YJz0BUPghua/dTnGRTHoCHYKgBCUYfIMDSXxDKC
ZWTBYfZn2ME7K5wk2tA/f8IEE9hRvuEbAl7d5OH3QZBu4nV/8VlZOXtJ7okzkrQH
dA3tkw63E6+uIczHtADxA8WPqN0YLbgsY+4+TNo/a5x5X85/pVf7zeA8FOE0fQ==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:45:51 2025 by rpki-client