
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/IkZF2VORQzlbUojsrTphCdszKqc.roa
File: IkZF2VORQzlbUojsrTphCdszKqc.roa (raw, json)
Hash identifier: 0kC36+mVolBQQCuRyquKEScwAsSkdyyZX4x06kOmSiI=
Subject key identifier: 22:46:45:D9:53:91:43:39:5B:52:88:EC:AD:3A:61:09:DB:33:2A:A7
Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Certificate serial: 1E90
Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/IkZF2VORQzlbUojsrTphCdszKqc.roa
Signing time: Thu 05 Jun 2025 09:02:28 +0000
ROA not before: Thu 05 Jun 2025 09:02:28 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4808
IP address blocks: 202.65.96.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7824 (0x1e90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Validity
Not Before: Jun 5 09:02:28 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=224645D9539143395B5288ECAD3A6109DB332AA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:10:a8:4b:bc:5c:f1:08:a2:40:b2:00:f9:d1:
71:0f:2e:54:2a:e0:71:87:1e:73:ce:9a:ce:54:bc:
51:41:69:24:4f:5e:7a:bc:ab:a3:c0:65:3f:e1:df:
15:af:e8:4c:95:81:02:7b:f4:ee:59:42:3f:4a:e1:
99:64:8a:9a:72:53:e9:b4:94:07:86:eb:ce:61:d9:
12:70:3f:8d:5f:2e:75:2b:37:8a:33:69:50:f1:d0:
ba:e5:d4:4e:1e:bf:9a:e7:74:5b:e5:2b:eb:4c:9f:
a0:f7:5e:5d:23:02:e8:a9:83:f7:5e:b7:a1:a6:b0:
6f:b4:49:19:19:76:94:0d:e9:8e:8f:42:0c:1c:4d:
fb:08:56:2a:55:d2:d7:21:11:37:a0:d9:b0:39:11:
a7:52:eb:cd:98:62:cc:d8:7e:bd:33:4d:c9:71:d4:
2b:be:ce:68:12:08:6b:4e:e7:26:69:74:38:5e:8c:
f6:93:be:0b:1d:10:b1:1d:ac:56:d8:fd:5e:b9:0c:
b4:c5:72:ed:28:9a:e0:d8:01:7d:61:78:35:6c:b1:
04:b3:4a:0d:75:99:79:44:fc:d6:33:f0:ba:a3:ae:
16:93:b0:57:e3:71:c4:16:b0:55:0b:de:70:17:e8:
11:05:d1:7e:85:c8:1b:f8:00:42:64:16:d0:8e:96:
53:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:46:45:D9:53:91:43:39:5B:52:88:EC:AD:3A:61:09:DB:33:2A:A7
X509v3 Authority Key Identifier:
keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/IkZF2VORQzlbUojsrTphCdszKqc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.65.96.0/24
Signature Algorithm: sha256WithRSAEncryption
58:90:8c:ce:23:ea:88:93:be:a2:47:1a:ae:37:cd:cd:15:0c:
ee:31:3a:92:be:52:19:d7:f5:37:6a:5d:04:49:68:84:2e:83:
09:78:e8:09:7c:47:de:05:6c:e3:42:d0:09:2e:45:a0:f0:84:
93:36:fe:4e:4e:d0:00:64:b4:fc:1e:fc:81:78:1d:fb:ae:97:
f4:83:cf:4f:9f:1b:bd:0e:1e:8c:3e:98:cc:90:39:c3:8a:0b:
73:80:a7:0d:c9:cd:26:c4:b0:ff:ba:44:94:3e:f2:ca:20:7f:
21:79:6a:82:91:c5:c4:89:58:29:42:4c:ec:1f:8f:7f:93:e2:
84:a4:99:3e:33:f0:25:0d:53:23:39:0a:c9:f1:04:f7:05:ca:
4a:e4:41:6c:8a:cb:86:6e:31:bc:a7:5a:de:c3:c1:31:40:8e:
ab:e1:dd:eb:57:62:5d:8a:9c:60:e8:ac:ab:b6:8b:d3:a6:75:
81:7c:f4:a1:39:e5:a8:5d:9f:5b:25:75:68:7f:3b:b1:66:f1:
58:be:8d:3e:ce:91:38:1c:11:93:09:5d:9e:80:f4:b0:81:2b:
65:2e:b3:81:10:70:c7:33:ad:f0:28:83:36:ab:3d:0d:94:cd:
e7:c1:9c:ad:14:55:e4:fd:06:0e:ba:bd:00:1f:a9:d7:2b:1c:
c5:fe:89:ed
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1
MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA2MDUw
OTAyMjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIyNDY0NUQ5NTM5MTQz
Mzk1QjUyODhFQ0FEM0E2MTA5REIzMzJBQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJEKhLvFzxCKJAsgD50XEPLlQq4HGHHnPOms5UvFFBaSRPXnq8
q6PAZT/h3xWv6EyVgQJ79O5ZQj9K4ZlkippyU+m0lAeG685h2RJwP41fLnUrN4oz
aVDx0Lrl1E4ev5rndFvlK+tMn6D3Xl0jAuipg/det6GmsG+0SRkZdpQN6Y6PQgwc
TfsIVipV0tchETeg2bA5EadS682YYszYfr0zTclx1Cu+zmgSCGtO5yZpdDhejPaT
vgsdELEdrFbY/V65DLTFcu0omuDYAX1heDVssQSzSg11mXlE/NYz8LqjrhaTsFfj
ccQWsFUL3nAX6BEF0X6FyBv4AEJkFtCOllO9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIkZF2VORQzlbUojsrTphCdszKqcwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt
4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx
L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL0lrWkYyVk9SUXpsYlVv
anNyVHBoQ2RzektxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADKQWAwDQYJKoZIhvcNAQELBQADggEBAFiQjM4j6oiTvqJHGq43zc0VDO4xOpK+
UhnX9TdqXQRJaIQugwl46Al8R94FbONC0AkuRaDwhJM2/k5O0ABktPwe/IF4Hfuu
l/SDz0+fG70OHow+mMyQOcOKC3OApw3JzSbEsP+6RJQ+8sogfyF5aoKRxcSJWClC
TOwfj3+T4oSkmT4z8CUNUyM5CsnxBPcFykrkQWyKy4ZuMbynWt7DwTFAjqvh3etX
Yl2KnGDorKu2i9OmdYF89KE55ahdn1sldWh/O7Fm8Vi+jT7OkTgcEZMJXZ6A9LCB
K2Uus4EQcMczrfAogzarPQ2UzefBnK0UVeT9Bg66vQAfqdcrHMX+ie0=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:32:51 2025 by rpki-client