Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/5u6LVc2L3M2EH-uwao2Z5kiRO_M.roa
File: 5u6LVc2L3M2EH-uwao2Z5kiRO_M.roa (raw, json)
Hash identifier: XPLRi5wQ8/DnzvDuLNU6cIHRBmw3KK5rcESqcB4HZY4=
Subject key identifier: E6:EE:8B:55:CD:8B:DC:CD:84:1F:EB:B0:6A:8D:99:E6:48:91:3B:F3
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 0788
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5u6LVc2L3M2EH-uwao2Z5kiRO_M.roa
Signing time: Thu 10 Jul 2025 01:30:59 +0000
ROA not before: Thu 10 Jul 2025 01:30:59 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146762
IP address blocks: 103.2.156.0/23 maxlen: 23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1928 (0x788)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jul 10 01:30:59 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E6EE8B55CD8BDCCD841FEBB06A8D99E648913BF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:46:ae:52:62:bf:25:4e:6f:cc:2a:a5:85:d0:
89:99:95:37:7c:95:9d:39:ad:c2:e3:84:a5:a5:51:
09:e9:cc:c5:b4:15:90:11:71:11:d8:5b:fe:e4:f2:
11:8d:9c:f0:26:1a:80:e2:6e:69:ef:ec:51:1c:86:
0f:53:69:2b:52:ca:4d:03:80:53:48:51:d7:89:73:
11:a5:1b:fe:93:7e:2e:68:b0:79:3a:a7:ae:e0:c1:
07:e0:84:21:b4:80:e6:9b:0d:70:79:c7:d1:e4:56:
00:85:0f:40:d9:a5:a2:26:8f:dd:93:33:61:07:73:
71:de:c9:8c:5d:ce:20:83:2a:e7:01:52:c8:f7:34:
0c:30:8e:29:b1:cf:2c:91:2a:e3:6d:25:be:da:55:
01:9c:c7:d0:2a:8a:b2:77:00:1c:5a:e2:11:13:3a:
31:c5:c1:4b:3e:b8:aa:b2:30:5e:8d:2c:9e:8b:bd:
73:d9:f9:32:5c:bf:43:89:ea:25:47:36:0b:17:da:
8a:ec:fa:0d:41:3b:fe:fd:9d:79:9d:0c:8a:97:39:
34:6f:1f:98:c9:13:9b:20:16:a2:36:45:a3:60:25:
a6:22:fd:85:39:ea:58:4e:ca:11:fd:7b:2d:2f:8f:
36:50:03:5d:c7:b4:db:9e:07:03:99:77:9b:f1:60:
d7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EE:8B:55:CD:8B:DC:CD:84:1F:EB:B0:6A:8D:99:E6:48:91:3B:F3
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5u6LVc2L3M2EH-uwao2Z5kiRO_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.156.0/23
Signature Algorithm: sha256WithRSAEncryption
87:b1:c4:5f:b8:99:b5:c4:11:06:95:76:3e:56:0f:1a:cc:ff:
9f:6f:81:8c:53:1b:70:86:50:94:59:52:62:72:76:b4:df:cc:
69:f0:fb:30:fd:ef:bd:5a:63:6d:2f:eb:32:05:77:a0:2a:e1:
0f:01:d3:b0:8d:a3:4d:4b:34:92:fd:cb:4d:d3:ac:2e:d5:be:
39:db:e2:2b:e1:12:e7:17:22:1e:04:f7:84:ee:7e:1d:57:4a:
2d:71:c0:a6:56:fd:58:7e:bb:4f:ac:ec:41:b3:a9:bd:fb:06:
e1:7d:5d:11:2d:e4:85:cc:64:9f:fd:3f:1d:3a:93:bc:27:48:
db:2b:a5:73:af:3c:b9:d3:d4:cd:87:25:37:e7:b2:ac:9e:93:
ae:81:fa:e1:e7:f3:89:3e:0d:bb:f3:a6:67:77:c4:0c:ab:0c:
cd:c9:dc:66:ec:f3:bb:13:30:e4:ea:9f:a7:4c:1f:22:46:3c:
26:4a:18:4b:f2:7f:1e:24:1e:ad:8c:6a:3a:cb:e4:df:04:5b:
9f:f3:ee:13:7e:78:4a:10:9d:53:d0:04:a2:b5:b5:7c:ce:be:
d8:ac:16:c3:bd:1c:d4:b0:0a:36:61:9b:6e:d4:36:34:d9:32:
45:99:5d:83:a4:16:3d:93:f1:24:95:97:c0:d3:4b:6b:86:a6:
5d:32:bb:41
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB4gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD
NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MTAw
MTMwNTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU2RUU4QjU1Q0Q4QkRD
Q0Q4NDFGRUJCMDZBOEQ5OUU2NDg5MTNCRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqRq5SYr8lTm/MKqWF0ImZlTd8lZ05rcLjhKWlUQnpzMW0FZAR
cRHYW/7k8hGNnPAmGoDibmnv7FEchg9TaStSyk0DgFNIUdeJcxGlG/6Tfi5osHk6
p67gwQfghCG0gOabDXB5x9HkVgCFD0DZpaImj92TM2EHc3HeyYxdziCDKucBUsj3
NAwwjimxzyyRKuNtJb7aVQGcx9AqirJ3ABxa4hETOjHFwUs+uKqyMF6NLJ6LvXPZ
+TJcv0OJ6iVHNgsX2ors+g1BO/79nXmdDIqXOTRvH5jJE5sgFqI2RaNgJaYi/YU5
6lhOyhH9ey0vjzZQA13HtNueBwOZd5vxYNcHAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU5u6LVc2L3M2EH+uwao2Z5kiRO/MwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp
FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvNXU2TFZjMkwzTTJF
SC11d2FvMlo1a2lST19NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWcCnDANBgkqhkiG9w0BAQsFAAOCAQEAh7HEX7iZtcQRBpV2PlYPGsz/n2+B
jFMbcIZQlFlSYnJ2tN/MafD7MP3vvVpjbS/rMgV3oCrhDwHTsI2jTUs0kv3LTdOs
LtW+OdviK+ES5xciHgT3hO5+HVdKLXHAplb9WH67T6zsQbOpvfsG4X1dES3khcxk
n/0/HTqTvCdI2yulc688udPUzYclN+eyrJ6TroH64efziT4Nu/OmZ3fEDKsMzcnc
ZuzzuxMw5Oqfp0wfIkY8JkoYS/J/HiQerYxqOsvk3wRbn/PuE354ShCdU9AEorW1
fM6+2KwWw70c1LAKNmGbbtQ2NNkyRZldg6QWPZPxJJWXwNNLa4amXTK7QQ==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:48 2025 by rpki-client