Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/5sXds976gdDjTvTJvvzlaPF4tns.roa
File: 5sXds976gdDjTvTJvvzlaPF4tns.roa (raw, json)
Hash identifier: hsde4QjZmRocuLBhVgqhnenAWzLsv4ghS42xJghfkFQ=
Subject key identifier: E6:C5:DD:B3:DE:FA:81:D0:E3:4E:F4:C9:BE:FC:E5:68:F1:78:B6:7B
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 0775
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5sXds976gdDjTvTJvvzlaPF4tns.roa
Signing time: Tue 08 Jul 2025 08:45:12 +0000
ROA not before: Tue 08 Jul 2025 08:45:12 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146762
IP address blocks: 114.111.177.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1909 (0x775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jul 8 08:45:12 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E6C5DDB3DEFA81D0E34EF4C9BEFCE568F178B67B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a7:46:4e:96:e1:6a:3b:78:fd:6b:03:bb:b7:
07:5f:8e:32:12:6b:83:10:7a:15:5c:c6:d6:42:07:
50:9c:78:e5:c0:2b:c0:56:da:07:26:e4:02:68:5b:
55:ec:51:9a:a7:59:9c:87:49:1d:4f:7c:19:34:66:
01:2f:73:3d:83:a2:85:08:d5:d1:d8:84:81:ee:50:
bd:ef:b2:6a:90:71:4d:5a:ad:cc:2f:cc:77:21:39:
e8:4a:40:38:e0:3d:f0:84:65:15:9b:f2:63:d6:87:
65:e4:66:59:47:94:52:e5:55:d4:e3:61:d1:0d:4b:
b9:ea:4a:c3:9a:9f:4b:1e:23:09:1d:01:f7:76:6f:
a6:bf:73:f6:9f:cd:cc:39:92:13:8c:3f:39:8b:60:
13:41:cb:99:8a:be:ee:01:f8:89:af:c1:f8:f6:5e:
f3:27:1c:48:a5:bb:de:ec:1a:a0:30:c3:1c:31:ae:
ca:95:f7:ba:85:74:6e:d8:ba:c6:65:6d:d9:4e:e1:
d2:3e:4b:de:de:85:00:51:ba:10:13:bf:b8:9b:46:
43:2f:cc:d8:be:1c:0e:43:a8:eb:71:6e:fd:82:79:
2a:af:ab:5f:39:e1:2d:ec:ce:fd:20:cc:c4:4a:2d:
eb:1e:4b:59:f6:2d:cb:5d:73:54:fc:e2:58:ac:aa:
fa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C5:DD:B3:DE:FA:81:D0:E3:4E:F4:C9:BE:FC:E5:68:F1:78:B6:7B
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5sXds976gdDjTvTJvvzlaPF4tns.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.111.177.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:fb:0d:d5:5a:89:25:0b:22:5a:b9:f5:d9:a2:49:ef:e4:7b:
01:27:e5:43:2f:27:3a:d2:d0:46:55:0a:81:96:ca:5a:97:90:
d2:6f:e8:68:0d:53:82:3e:80:81:e4:6d:ef:bb:71:0b:5e:fe:
da:31:81:4e:17:bf:57:20:76:6a:90:c5:ad:25:3d:9d:5c:c6:
55:e9:4a:42:f5:4e:99:7b:b9:1a:5f:87:43:64:82:03:d7:22:
d9:5b:d1:89:b4:b2:06:d7:2c:5f:2f:d9:8e:16:d4:14:01:9b:
f0:14:78:3a:58:58:67:95:86:81:ad:70:9f:34:9e:a6:ac:62:
a7:9a:41:fe:4d:76:14:24:5b:5b:65:1f:db:4e:ec:4e:fa:7b:
c9:be:57:56:da:97:b5:dd:7e:f1:21:a8:b5:d4:8c:35:f9:fb:
4e:a4:3e:5c:08:20:1f:fa:5b:6f:c9:5b:a2:fb:d9:a0:b5:2d:
16:7b:c4:25:69:e8:4b:bb:5d:d4:0e:5a:a2:fb:63:0e:5a:d3:
e8:4c:dd:94:2b:bb:ae:51:9d:25:b6:d8:1d:d9:e8:aa:fc:d5:
34:47:02:33:c3:b4:45:65:c3:22:5b:89:e5:01:ed:bd:bb:ba:
1d:a8:0b:36:cc:9c:73:7f:18:43:e2:55:b9:0e:f4:d1:79:55:
c4:fe:6f:06
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB3UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD
NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDgw
ODQ1MTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU2QzVEREIzREVGQTgx
RDBFMzRFRjRDOUJFRkNFNTY4RjE3OEI2N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCup0ZOluFqO3j9awO7twdfjjISa4MQehVcxtZCB1CceOXAK8BW
2gcm5AJoW1XsUZqnWZyHSR1PfBk0ZgEvcz2DooUI1dHYhIHuUL3vsmqQcU1arcwv
zHchOehKQDjgPfCEZRWb8mPWh2XkZllHlFLlVdTjYdENS7nqSsOan0seIwkdAfd2
b6a/c/afzcw5khOMPzmLYBNBy5mKvu4B+Imvwfj2XvMnHEilu97sGqAwwxwxrsqV
97qFdG7YusZlbdlO4dI+S97ehQBRuhATv7ibRkMvzNi+HA5DqOtxbv2CeSqvq185
4S3szv0gzMRKLeseS1n2Lctdc1T84lisqvonAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU5sXds976gdDjTvTJvvzlaPF4tnswHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp
FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvNXNYZHM5NzZnZERq
VHZUSnZ2emxhUEY0dG5zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHJvsTANBgkqhkiG9w0BAQsFAAOCAQEACvsN1VqJJQsiWrn12aJJ7+R7ASfl
Qy8nOtLQRlUKgZbKWpeQ0m/oaA1Tgj6AgeRt77txC17+2jGBThe/VyB2apDFrSU9
nVzGVelKQvVOmXu5Gl+HQ2SCA9ci2VvRibSyBtcsXy/ZjhbUFAGb8BR4OlhYZ5WG
ga1wnzSepqxip5pB/k12FCRbW2Uf207sTvp7yb5XVtqXtd1+8SGotdSMNfn7TqQ+
XAggH/pbb8lbovvZoLUtFnvEJWnoS7td1A5aovtjDlrT6EzdlCu7rlGdJbbYHdno
qvzVNEcCM8O0RWXDIluJ5QHtvbu6HagLNsycc38YQ+JVuQ700XlVxP5vBg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:21 2025 by rpki-client