Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/hRhoO-39chtxs16Yx6jA12myuV4.roa
File: hRhoO-39chtxs16Yx6jA12myuV4.roa (raw, json)
Hash identifier: lbmvoC+sCx0UWTj8p0iqVe/VY2Et3fnyZTHeEdpEHuE=
Subject key identifier: 85:18:68:3B:ED:FD:72:1B:71:B3:5E:98:C7:A8:C0:D7:69:B2:B9:5E
Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Certificate serial: 0846
Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/hRhoO-39chtxs16Yx6jA12myuV4.roa
Signing time: Tue 27 May 2025 00:35:15 +0000
ROA not before: Tue 27 May 2025 00:35:15 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 211392
IP address blocks: 157.66.43.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2118 (0x846)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Validity
Not Before: May 27 00:35:15 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8518683BEDFD721B71B35E98C7A8C0D769B2B95E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:83:bb:47:02:c0:20:3c:0e:3e:ed:d2:60:2c:
55:5d:39:fc:d8:e5:34:04:de:14:5b:54:24:f3:28:
2b:fe:a5:43:03:e2:c8:bd:d5:c2:04:ff:63:52:d3:
6c:ea:53:9e:8e:4c:e8:30:ee:e7:a9:36:38:ee:32:
4e:06:c6:ff:43:a0:5d:2e:ed:d8:1f:19:66:ae:08:
b0:78:3e:e9:3b:c5:06:d9:9e:71:5c:bc:9d:0b:76:
68:25:4a:53:97:aa:49:60:80:7b:f1:c5:39:6a:31:
c6:3b:77:21:8f:67:6d:a8:6f:26:32:43:bd:39:cc:
cf:48:fa:a7:93:f7:5b:87:e8:59:69:e3:66:ba:9b:
06:6a:e6:3a:f6:66:e1:fd:22:cc:d2:99:b9:07:95:
95:23:75:73:99:c6:04:4f:fb:65:16:e7:5b:92:66:
e4:af:6e:aa:ea:b6:3e:1e:30:f5:05:ee:c6:74:20:
2c:5a:29:8b:dc:9b:e1:d5:0b:c5:1d:d9:8a:6d:28:
65:06:7e:aa:08:86:50:e9:7f:5f:87:5a:a9:c0:7f:
37:01:7a:aa:90:30:30:2b:aa:cf:18:bc:b0:a2:46:
24:47:0b:ef:62:21:72:73:ae:53:70:f1:a6:d5:3b:
04:86:7e:96:87:50:1c:8e:0f:84:96:e3:23:1a:78:
70:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:18:68:3B:ED:FD:72:1B:71:B3:5E:98:C7:A8:C0:D7:69:B2:B9:5E
X509v3 Authority Key Identifier:
keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/hRhoO-39chtxs16Yx6jA12myuV4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.43.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:45:85:f5:97:45:ce:7c:5a:36:53:d3:9c:66:67:a0:23:7e:
8e:0a:34:b6:0f:7d:bb:b7:41:f1:7f:ea:f6:be:ad:70:9e:81:
dc:cc:6b:39:12:fd:ab:ba:6f:89:97:6a:11:74:78:0e:3e:64:
b8:b4:a1:df:f9:e2:55:3b:a2:80:1b:89:11:43:10:05:ea:c8:
54:14:1e:e3:8f:46:7f:d7:d3:de:cb:47:e3:98:2f:37:bf:1d:
fb:6a:57:cb:d6:a8:9a:4b:bd:7b:f0:6a:1a:d5:fd:99:85:22:
75:db:5d:02:02:63:3f:cd:d8:b0:56:71:a3:e3:ea:e0:9c:9f:
fa:57:63:9d:cf:68:f8:97:9e:fc:99:25:ce:f1:c8:8d:10:20:
cc:b1:67:c4:cd:0b:f4:ed:16:b2:89:9a:23:56:82:14:bd:6a:
59:3c:cd:a0:bc:ef:97:ae:82:88:ab:14:0b:7a:66:3e:7c:cc:
4d:a7:83:2f:ff:d1:a9:29:2d:7e:f0:e7:34:07:e1:92:ad:94:
4e:3a:c0:44:7d:1e:5b:df:d6:7a:c9:c8:1b:01:54:96:fc:d4:
bf:6a:72:5a:84:51:73:4b:c3:c2:6c:a0:6b:87:31:5c:d4:55:
b1:be:b6:7e:c0:09:9f:0f:f7:dd:4d:1c:ad:9f:b6:f7:fd:3f:
6e:a0:d9:e0
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCEYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz
NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNTA1Mjcw
MDM1MTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg1MTg2ODNCRURGRDcy
MUI3MUIzNUU5OEM3QThDMEQ3NjlCMkI5NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9g7tHAsAgPA4+7dJgLFVdOfzY5TQE3hRbVCTzKCv+pUMD4si9
1cIE/2NS02zqU56OTOgw7uepNjjuMk4Gxv9DoF0u7dgfGWauCLB4Puk7xQbZnnFc
vJ0LdmglSlOXqklggHvxxTlqMcY7dyGPZ22obyYyQ705zM9I+qeT91uH6Flp42a6
mwZq5jr2ZuH9IszSmbkHlZUjdXOZxgRP+2UW51uSZuSvbqrqtj4eMPUF7sZ0ICxa
KYvcm+HVC8Ud2YptKGUGfqoIhlDpf1+HWqnAfzcBeqqQMDArqs8YvLCiRiRHC+9i
IXJzrlNw8abVOwSGfpaHUByOD4SW4yMaeHAVAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUhRhoO+39chtxs16Yx6jA12myuV4wHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30
/NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvaFJob08tMzljaHR4
czE2WXg2akExMm15dVY0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKzANBgkqhkiG9w0BAQsFAAOCAQEAakWF9ZdFznxaNlPTnGZnoCN+jgo0
tg99u7dB8X/q9r6tcJ6B3MxrORL9q7pviZdqEXR4Dj5kuLSh3/niVTuigBuJEUMQ
BerIVBQe449Gf9fT3stH45gvN78d+2pXy9aomku9e/BqGtX9mYUiddtdAgJjP83Y
sFZxo+Pq4Jyf+ldjnc9o+Jee/JklzvHIjRAgzLFnxM0L9O0WsomaI1aCFL1qWTzN
oLzvl66CiKsUC3pmPnzMTaeDL//RqSktfvDnNAfhkq2UTjrARH0eW9/WesnIGwFU
lvzUv2pyWoRRc0vDwmyga4cxXNRVsb62fsAJnw/33U0crZ+29/0/bqDZ4A==
-----END CERTIFICATE-----
Generated at Wed Jun 4 03:38:31 2025 by rpki-client