Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/iNKgJh10VKyPgqeuEpZXUo5M22M.roa
File: iNKgJh10VKyPgqeuEpZXUo5M22M.roa (raw, json)
Hash identifier: ahGrQyC4pgZKgoXcJn8s+38PUfiu1kGN8OAdLTvIFzk=
Subject key identifier: 88:D2:A0:26:1D:74:54:AC:8F:82:A7:AE:12:96:57:52:8E:4C:DB:63
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 076D
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/iNKgJh10VKyPgqeuEpZXUo5M22M.roa
Signing time: Tue 08 Jul 2025 08:45:10 +0000
ROA not before: Tue 08 Jul 2025 08:45:10 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146762
IP address blocks: 114.111.187.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1901 (0x76d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jul 8 08:45:10 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=88D2A0261D7454AC8F82A7AE129657528E4CDB63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:83:10:4f:36:87:ec:f2:a7:e0:25:b9:a0:e0:
97:88:c0:08:a7:0f:0e:e1:05:9f:cb:7a:ae:8a:20:
e2:8d:db:2c:09:35:33:ce:8f:56:9b:92:fd:80:9c:
cd:f5:44:1e:b9:4d:2a:25:f8:89:a8:0d:25:8b:22:
86:ca:75:a1:3b:4e:24:23:e8:d0:2b:ab:67:a2:87:
44:65:7c:43:35:3d:10:bb:bd:1e:46:b3:c2:85:d7:
4b:b0:c3:50:64:90:c8:ea:60:af:8c:13:4a:08:0c:
9c:69:e8:c5:65:63:eb:62:08:6c:aa:25:d2:d9:58:
46:a1:37:91:a2:d3:f9:f0:41:6f:7a:63:27:5e:aa:
bb:5d:6f:26:9c:1b:ca:2b:33:e6:85:21:ea:f2:db:
45:58:ce:a9:43:66:c3:d3:8a:bb:e4:42:d2:68:c9:
1f:37:17:de:cc:b0:bb:c7:e4:2c:6c:1b:ab:aa:ee:
9d:00:73:69:36:19:ff:b5:21:f1:03:93:51:d8:be:
20:39:63:28:29:60:1e:77:33:9d:ae:9b:3d:17:50:
7d:ea:df:d6:20:c1:70:74:c8:da:59:67:7a:c4:06:
83:a2:9b:58:2b:18:f9:3b:7f:ee:d1:e5:92:23:41:
0a:52:16:1d:ee:47:f3:03:92:72:3f:ff:38:95:61:
fc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D2:A0:26:1D:74:54:AC:8F:82:A7:AE:12:96:57:52:8E:4C:DB:63
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/iNKgJh10VKyPgqeuEpZXUo5M22M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.111.187.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:70:2b:55:10:02:85:d0:0d:6a:f7:f4:3c:56:0b:8c:7f:48:
08:b2:eb:da:3c:f1:c4:ce:80:b5:a9:8e:e7:54:8d:7f:ef:9b:
b0:fa:61:93:47:f0:48:ed:8f:d4:42:59:05:eb:18:23:2a:fa:
8a:ed:ff:f3:71:0d:ae:94:c1:d5:31:bd:e5:b3:b2:bd:f6:17:
6c:40:4c:9e:95:c5:8b:d4:bd:ee:6a:9c:0f:4b:c2:34:a0:4d:
27:d3:b1:6e:9f:4b:a5:71:b2:a4:88:a2:80:91:83:01:9d:08:
e6:bc:2c:36:a2:49:7d:e5:09:4a:39:a4:37:2a:6b:54:3c:51:
87:7d:93:57:df:e5:02:4f:9f:97:17:95:3e:85:df:51:a0:f9:
e2:66:5e:49:51:64:fd:68:6c:c1:56:de:4f:39:0d:63:bc:3a:
36:20:c0:f6:bf:5d:02:1d:50:a5:d1:d9:f0:88:4d:0e:6a:00:
a6:07:d9:ca:4b:25:92:97:89:29:c3:a9:45:fb:0f:28:cf:72:
dc:3c:3d:43:08:d1:93:ff:54:8d:9f:d8:bd:fe:8e:e6:57:45:
79:a1:45:70:d6:6d:da:ba:76:54:51:10:48:60:28:b2:32:06:
a8:07:d2:c6:40:9f:86:e2:37:41:5e:04:5e:02:ae:db:e9:9f:
1b:47:f0:1c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD
NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDgw
ODQ1MTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg4RDJBMDI2MUQ3NDU0
QUM4RjgyQTdBRTEyOTY1NzUyOEU0Q0RCNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTgxBPNofs8qfgJbmg4JeIwAinDw7hBZ/Leq6KIOKN2ywJNTPO
j1abkv2AnM31RB65TSol+ImoDSWLIobKdaE7TiQj6NArq2eih0RlfEM1PRC7vR5G
s8KF10uww1BkkMjqYK+ME0oIDJxp6MVlY+tiCGyqJdLZWEahN5Gi0/nwQW96Yyde
qrtdbyacG8orM+aFIery20VYzqlDZsPTirvkQtJoyR83F97MsLvH5CxsG6uq7p0A
c2k2Gf+1IfEDk1HYviA5YygpYB53M52umz0XUH3q39YgwXB0yNpZZ3rEBoOim1gr
GPk7f+7R5ZIjQQpSFh3uR/MDknI//ziVYfzbAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUiNKgJh10VKyPgqeuEpZXUo5M22MwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp
FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvaU5LZ0poMTBWS3lQ
Z3FldUVwWlhVbzVNMjJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHJvuzANBgkqhkiG9w0BAQsFAAOCAQEAenArVRAChdANavf0PFYLjH9ICLLr
2jzxxM6AtamO51SNf++bsPphk0fwSO2P1EJZBesYIyr6iu3/83ENrpTB1TG95bOy
vfYXbEBMnpXFi9S97mqcD0vCNKBNJ9Oxbp9LpXGypIiigJGDAZ0I5rwsNqJJfeUJ
SjmkNyprVDxRh32TV9/lAk+flxeVPoXfUaD54mZeSVFk/WhswVbeTzkNY7w6NiDA
9r9dAh1QpdHZ8IhNDmoApgfZykslkpeJKcOpRfsPKM9y3Dw9QwjRk/9UjZ/Yvf6O
5ldFeaFFcNZt2rp2VFEQSGAosjIGqAfSxkCfhuI3QV4EXgKu2+mfG0fwHA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:30 2025 by rpki-client