Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/ITXfDa3poE5Qh6oIvOkndlw6tgE.roa
File: ITXfDa3poE5Qh6oIvOkndlw6tgE.roa (raw, json)
Hash identifier: FAMWUlEMxEtkL/j0NeDTv6WtS+NZ/+SKlD1+0rdnzB0=
Subject key identifier: 21:35:DF:0D:AD:E9:A0:4E:50:87:AA:08:BC:E9:27:76:5C:3A:B6:01
Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA
Certificate serial: 0825
Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/ITXfDa3poE5Qh6oIvOkndlw6tgE.roa
Signing time: Fri 23 May 2025 07:36:33 +0000
ROA not before: Fri 23 May 2025 07:36:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 9808
IP address blocks: 223.161.236.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2085 (0x825)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA
Validity
Not Before: May 23 07:36:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=2135DF0DADE9A04E5087AA08BCE927765C3AB601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:07:ed:50:55:4d:3d:61:86:5d:47:b8:42:d7:
92:32:1f:ee:8e:d8:90:2a:c9:83:06:69:f9:9d:65:
3c:34:fb:ff:cc:7f:5f:94:f3:e2:54:00:e6:b1:0b:
2c:46:e4:1d:d5:7f:b0:15:fd:e3:08:1b:0c:92:ef:
31:ec:bf:8b:04:7f:92:fe:c8:cd:df:25:cd:38:48:
bd:86:16:ff:61:89:00:4d:16:d5:df:0a:13:2a:50:
e9:5f:ef:1a:fe:53:01:23:23:c5:c8:3a:30:b3:61:
9a:1b:78:50:63:55:46:fd:3b:5b:cd:cc:74:a9:31:
d9:37:53:8d:5d:48:b7:39:08:44:f4:26:da:d3:61:
48:c1:55:73:b6:11:4b:e6:87:e0:03:3a:f3:07:47:
2c:7f:0f:d6:d0:fa:81:59:69:4d:46:02:28:6c:36:
76:67:b4:ae:a2:f5:e7:79:f8:4c:67:62:ec:4e:7f:
89:8b:59:ba:1f:96:c4:26:76:ed:77:b6:41:47:f0:
00:af:3f:3c:37:c6:1b:70:86:9d:15:43:40:ac:d9:
16:eb:2e:78:f1:66:38:ce:64:a7:6a:07:1e:49:82:
bd:64:6d:be:18:4f:0a:b4:59:64:f9:fa:e5:bd:28:
3d:8a:bb:06:e1:c4:f1:6a:69:c5:38:95:ef:b3:5a:
8e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:35:DF:0D:AD:E9:A0:4E:50:87:AA:08:BC:E9:27:76:5C:3A:B6:01
X509v3 Authority Key Identifier:
keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/ITXfDa3poE5Qh6oIvOkndlw6tgE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.161.236.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:93:48:14:37:49:a2:5d:01:99:32:dc:37:d6:de:81:b4:fe:
b2:26:1a:74:3d:61:82:f1:fc:53:30:73:ff:45:f4:95:b5:d8:
f4:47:62:8b:22:2d:bf:bc:f5:1a:c6:4b:8e:c3:38:c1:90:46:
c4:f8:64:5b:76:e0:c8:02:29:b7:e0:b7:f9:b9:8e:1c:8e:db:
6d:06:a3:dc:93:ca:3d:77:4b:74:5e:d1:53:18:a5:18:bd:49:
57:8f:f8:b3:35:1b:45:38:67:9f:62:13:51:21:4f:c7:a5:9e:
56:10:8c:a4:49:5b:66:b9:47:37:2e:aa:17:85:af:04:21:e8:
f9:e8:7c:b1:36:ac:80:81:24:f3:10:6f:bc:67:a5:81:6b:48:
a6:6a:a7:a5:5a:6f:a5:58:f5:9a:36:a1:3b:43:49:af:bc:4d:
69:c5:7c:ac:94:f5:34:92:0f:38:8c:43:4e:77:3e:69:a4:61:
30:97:57:a2:ff:e7:1a:c3:4d:55:9e:37:83:a4:8e:f6:5c:2a:
f8:9f:88:4d:f7:27:e9:03:3d:6f:5c:9d:b3:68:e8:9b:7e:7a:
53:11:25:9c:25:85:8b:35:1f:b1:90:cf:ea:cd:5b:04:db:fb:
3b:61:2e:f3:6b:3d:55:9a:af:43:94:00:d6:81:29:16:76:47:
3e:61:68:a7
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICCCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw
MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw
NzM2MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIxMzVERjBEQURFOUEw
NEU1MDg3QUEwOEJDRTkyNzc2NUMzQUI2MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcB+1QVU09YYZdR7hC15IyH+6O2JAqyYMGafmdZTw0+//Mf1+U
8+JUAOaxCyxG5B3Vf7AV/eMIGwyS7zHsv4sEf5L+yM3fJc04SL2GFv9hiQBNFtXf
ChMqUOlf7xr+UwEjI8XIOjCzYZobeFBjVUb9O1vNzHSpMdk3U41dSLc5CET0JtrT
YUjBVXO2EUvmh+ADOvMHRyx/D9bQ+oFZaU1GAihsNnZntK6i9ed5+ExnYuxOf4mL
WboflsQmdu13tkFH8ACvPzw3xhtwhp0VQ0Cs2RbrLnjxZjjOZKdqBx5Jgr1kbb4Y
Twq0WWT5+uW9KD2KuwbhxPFqacU4le+zWo5VAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUITXfDa3poE5Qh6oIvOkndlw6tgEwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U
IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv
TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9JVFhmRGEzcG9FNVFoNm9J
dk9rbmRsdzZ0Z0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
36HsMA0GCSqGSIb3DQEBCwUAA4IBAQArk0gUN0miXQGZMtw31t6BtP6yJhp0PWGC
8fxTMHP/RfSVtdj0R2KLIi2/vPUaxkuOwzjBkEbE+GRbduDIAim34Lf5uY4cjttt
BqPck8o9d0t0XtFTGKUYvUlXj/izNRtFOGefYhNRIU/HpZ5WEIykSVtmuUc3LqoX
ha8EIej56HyxNqyAgSTzEG+8Z6WBa0imaqelWm+lWPWaNqE7Q0mvvE1pxXyslPU0
kg84jENOdz5ppGEwl1ei/+caw01VnjeDpI72XCr4n4hN9yfpAz1vXJ2zaOibfnpT
ESWcJYWLNR+xkM/qzVsE2/s7YS7zaz1Vmq9DlADWgSkWdkc+YWin
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:16:06 2025 by rpki-client