Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/KczSviXnBvy-P-UbHyM1Uju1qXM.roa
File: KczSviXnBvy-P-UbHyM1Uju1qXM.roa (raw, json)
Hash identifier: K5WHld8+N4EylO/2qEOvksH0fcR7ueMwsQOaIHDErXQ=
Subject key identifier: 29:CC:D2:BE:25:E7:06:FC:BE:3F:E5:1B:1F:23:35:52:3B:B5:A9:73
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 0777
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/KczSviXnBvy-P-UbHyM1Uju1qXM.roa
Signing time: Tue 08 Jul 2025 08:45:13 +0000
ROA not before: Tue 08 Jul 2025 08:45:13 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146762
IP address blocks: 114.111.181.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1911 (0x777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jul 8 08:45:13 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=29CCD2BE25E706FCBE3FE51B1F2335523BB5A973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a0:b2:fb:43:b8:cf:77:2b:9e:95:80:68:0b:
82:d6:13:5a:3d:c0:ea:a8:0a:85:3c:82:46:82:40:
38:8a:9a:a9:4b:b3:aa:06:dc:73:47:18:87:3e:43:
aa:d9:bb:cf:c3:43:2c:62:1a:ed:e3:d0:2c:18:c3:
ac:25:d5:0b:91:1d:9d:75:fe:66:7d:9c:6f:30:8c:
b2:ad:bd:54:ad:e0:e6:61:ae:98:82:3c:82:a9:97:
7b:c5:4d:30:88:c9:4d:59:5d:32:6e:66:37:22:c4:
c3:28:6f:da:50:a0:70:4e:6d:05:74:85:89:e5:e5:
0c:7a:e6:d2:18:d0:55:ac:e7:9e:17:90:cf:55:85:
a6:e9:96:61:8a:f9:48:79:1e:e5:75:65:d4:4b:5f:
ad:7b:ae:ec:6d:75:3a:91:af:b4:7f:d2:6f:c3:e8:
ad:0b:10:bb:b0:79:cd:02:5a:c3:a2:39:b8:ef:b7:
f8:64:52:76:ca:2c:40:37:36:e6:1d:17:88:bb:7a:
e4:cb:e3:d0:56:5a:d5:56:88:89:fb:79:61:13:6d:
09:17:f6:65:c9:b2:8b:ee:5e:97:6a:79:a8:90:54:
d7:1b:63:50:b2:c3:59:c4:64:20:fe:6e:bc:7b:d2:
c9:12:46:00:30:07:3b:de:e1:52:f1:72:c3:51:cf:
bd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CC:D2:BE:25:E7:06:FC:BE:3F:E5:1B:1F:23:35:52:3B:B5:A9:73
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/KczSviXnBvy-P-UbHyM1Uju1qXM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.111.181.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:3c:1d:ef:ef:59:31:56:e4:c9:f7:0f:21:ac:29:de:18:73:
c4:11:8e:7f:f2:7c:07:0f:6e:97:65:39:f5:27:f8:a3:48:0b:
c0:aa:03:40:1a:aa:5f:af:6c:27:92:ef:a7:a0:84:89:4d:43:
f2:ad:0c:b2:2b:79:41:2a:58:e4:33:36:85:67:cb:f3:27:f4:
64:f6:1e:fd:d4:38:c5:9e:d8:19:9b:f9:e5:92:20:f9:dc:71:
65:78:35:c5:76:b1:34:dd:b0:7c:27:6b:e6:2e:4d:42:39:c6:
ad:6c:d7:1c:63:7e:3e:26:c3:9f:07:8d:dc:d1:0b:5a:24:a9:
7f:c0:a3:b4:e1:0c:48:47:91:f5:bc:ac:02:91:aa:9f:f0:42:
09:9c:0c:5d:b6:f0:d9:fd:a6:f4:aa:37:3d:8f:ee:ab:78:97:
9e:87:30:e9:2c:be:54:96:d6:e6:99:2d:1d:81:e8:aa:9f:fa:
c8:cf:86:e3:48:5d:74:9a:bf:91:bc:86:ff:bf:94:7d:7d:57:
ff:08:17:35:0b:d3:26:af:2e:d1:d2:79:4a:c8:56:9b:b9:58:
b0:8b:b1:ec:fc:46:87:39:98:28:08:39:0f:5f:39:71:f5:49:
d0:b9:cc:39:ae:47:b7:31:65:46:46:8d:3d:71:37:29:5b:2b:
d1:12:87:ec
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB3cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD
NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDgw
ODQ1MTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI5Q0NEMkJFMjVFNzA2
RkNCRTNGRTUxQjFGMjMzNTUyM0JCNUE5NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChoLL7Q7jPdyuelYBoC4LWE1o9wOqoCoU8gkaCQDiKmqlLs6oG
3HNHGIc+Q6rZu8/DQyxiGu3j0CwYw6wl1QuRHZ11/mZ9nG8wjLKtvVSt4OZhrpiC
PIKpl3vFTTCIyU1ZXTJuZjcixMMob9pQoHBObQV0hYnl5Qx65tIY0FWs554XkM9V
habplmGK+Uh5HuV1ZdRLX617ruxtdTqRr7R/0m/D6K0LELuwec0CWsOiObjvt/hk
UnbKLEA3NuYdF4i7euTL49BWWtVWiIn7eWETbQkX9mXJsovuXpdqeaiQVNcbY1Cy
w1nEZCD+brx70skSRgAwBzve4VLxcsNRz72TAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUKczSviXnBvy+P+UbHyM1Uju1qXMwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp
FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvS2N6U3ZpWG5Cdnkt
UC1VYkh5TTFVanUxcVhNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHJvtTANBgkqhkiG9w0BAQsFAAOCAQEAoTwd7+9ZMVbkyfcPIawp3hhzxBGO
f/J8Bw9ul2U59Sf4o0gLwKoDQBqqX69sJ5Lvp6CEiU1D8q0Msit5QSpY5DM2hWfL
8yf0ZPYe/dQ4xZ7YGZv55ZIg+dxxZXg1xXaxNN2wfCdr5i5NQjnGrWzXHGN+PibD
nweN3NELWiSpf8CjtOEMSEeR9bysApGqn/BCCZwMXbbw2f2m9Ko3PY/uq3iXnocw
6Sy+VJbW5pktHYHoqp/6yM+G40hddJq/kbyG/7+UfX1X/wgXNQvTJq8u0dJ5SshW
m7lYsIux7PxGhzmYKAg5D185cfVJ0LnMOa5HtzFlRkaNPXE3KVsr0RKH7A==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:45 2025 by rpki-client