Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/5PF1mTsSyU0ccXsS0ODYfO_klHE.roa
File: 5PF1mTsSyU0ccXsS0ODYfO_klHE.roa (raw, json)
Hash identifier: PcaxdF+zG/dWSY7rLFKZAGX73fadBHLBOC2A2c2rtKU=
Subject key identifier: E4:F1:75:99:3B:12:C9:4D:1C:71:7B:12:D0:E0:D8:7C:EF:E4:94:71
Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA
Certificate serial: 0831
Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/5PF1mTsSyU0ccXsS0ODYfO_klHE.roa
Signing time: Fri 23 May 2025 07:41:06 +0000
ROA not before: Fri 23 May 2025 07:41:06 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 9808
IP address blocks: 223.161.254.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2097 (0x831)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA
Validity
Not Before: May 23 07:41:06 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E4F175993B12C94D1C717B12D0E0D87CEFE49471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:14:8d:e1:42:a3:1e:8e:87:49:14:6b:39:
87:71:55:36:24:7b:c8:78:d6:98:c7:3b:2d:c0:22:
00:a3:c0:b3:cd:22:cd:c7:0d:0e:56:bc:22:08:ed:
e8:a1:76:97:5f:88:c9:2d:a5:e7:bb:01:0e:55:07:
a5:76:88:3d:ea:92:fb:c5:bb:0f:59:39:56:3c:92:
05:8f:8e:53:c9:b8:9a:88:3f:08:ea:de:03:95:60:
66:81:1e:48:5b:83:cb:2d:d4:c7:4e:eb:5d:e9:b8:
7e:0b:98:22:f5:cb:6e:70:5b:99:3c:66:41:d5:1c:
c9:df:26:6f:2a:6f:a8:df:8a:0f:c1:b6:5d:67:4a:
59:7c:c9:0d:a9:49:1f:b4:66:24:53:eb:5a:5f:f9:
bf:90:92:6e:78:99:2d:19:e5:ef:47:06:fe:b3:32:
d4:07:07:54:a7:c2:3e:99:d6:94:98:75:86:8b:86:
2c:b6:32:94:64:0a:4e:16:97:1d:93:0c:e3:68:9d:
1b:e3:7a:56:05:9d:f4:da:d8:c3:9c:cc:db:f1:59:
cb:54:bc:29:34:26:ad:15:37:f2:b1:b4:97:e4:ec:
d0:d9:00:07:37:b8:c6:73:6e:d7:30:c5:dd:44:d7:
4d:f1:f1:98:83:99:ca:a0:7b:53:7b:23:fb:33:0d:
59:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F1:75:99:3B:12:C9:4D:1C:71:7B:12:D0:E0:D8:7C:EF:E4:94:71
X509v3 Authority Key Identifier:
keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/5PF1mTsSyU0ccXsS0ODYfO_klHE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.161.254.0/23
Signature Algorithm: sha256WithRSAEncryption
81:f4:27:a4:f9:8e:b6:b2:bc:4b:60:a7:5a:c9:7a:23:b4:01:
62:cc:bc:6b:8e:cf:49:56:12:84:85:7b:a1:07:66:b7:8e:c5:
35:37:05:29:07:10:ea:f0:e0:15:6d:d3:1c:91:ec:ca:ab:d4:
e0:0c:b0:a8:d1:09:9f:7a:cb:e5:fd:0d:e4:db:d3:96:c1:c1:
3d:fa:66:5b:a6:0c:cb:be:ea:45:9e:82:5e:08:4f:4c:cf:da:
ee:c3:88:e1:6c:40:c9:42:16:ae:14:36:82:85:c9:09:36:3b:
c6:f0:73:51:f0:96:25:16:c2:95:f8:e5:f0:24:92:d8:74:95:
c1:1e:a2:4c:2b:08:e0:d5:ca:2c:a0:ad:c4:db:16:34:4c:71:
30:3c:fe:b3:24:2f:21:7e:6c:3a:7f:6f:26:ec:63:eb:e0:da:
66:df:46:81:8b:fc:cd:1f:66:eb:4c:d5:8d:cb:78:ae:ba:ce:
24:dd:cc:8a:8d:19:b3:af:ca:4a:6a:a9:10:08:03:f1:60:37:
c1:ba:89:ca:be:d0:6b:22:2d:7b:14:2b:f6:04:8c:73:8d:be:
56:97:74:5d:56:9d:ad:07:fb:90:96:b1:90:3d:1c:8a:6d:cd:
ed:3b:87:ab:95:78:61:b5:1d:88:7b:3e:3d:35:67:16:6b:23:
d9:40:97:cb
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICCDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw
MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw
NzQxMDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU0RjE3NTk5M0IxMkM5
NEQxQzcxN0IxMkQwRTBEODdDRUZFNDk0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTCBSN4UKjHo6HSRRrOYdxVTYke8h41pjHOy3AIgCjwLPNIs3H
DQ5WvCII7eihdpdfiMktpee7AQ5VB6V2iD3qkvvFuw9ZOVY8kgWPjlPJuJqIPwjq
3gOVYGaBHkhbg8st1MdO613puH4LmCL1y25wW5k8ZkHVHMnfJm8qb6jfig/Btl1n
Sll8yQ2pSR+0ZiRT61pf+b+Qkm54mS0Z5e9HBv6zMtQHB1Snwj6Z1pSYdYaLhiy2
MpRkCk4Wlx2TDONonRvjelYFnfTa2MOczNvxWctUvCk0Jq0VN/KxtJfk7NDZAAc3
uMZzbtcwxd1E103x8ZiDmcqge1N7I/szDVl7AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQU5PF1mTsSyU0ccXsS0ODYfO/klHEwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U
IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv
TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy81UEYxbVRzU3lVMGNjWHNT
ME9EWWZPX2tsSEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
36H+MA0GCSqGSIb3DQEBCwUAA4IBAQCB9Cek+Y62srxLYKdayXojtAFizLxrjs9J
VhKEhXuhB2a3jsU1NwUpBxDq8OAVbdMckezKq9TgDLCo0Qmfesvl/Q3k29OWwcE9
+mZbpgzLvupFnoJeCE9Mz9ruw4jhbEDJQhauFDaChckJNjvG8HNR8JYlFsKV+OXw
JJLYdJXBHqJMKwjg1cosoK3E2xY0THEwPP6zJC8hfmw6f28m7GPr4Npm30aBi/zN
H2brTNWNy3iuus4k3cyKjRmzr8pKaqkQCAPxYDfBuonKvtBrIi17FCv2BIxzjb5W
l3RdVp2tB/uQlrGQPRyKbc3tO4erlXhhtR2Iez49NWcWayPZQJfL
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:14:27 2025 by rpki-client