Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/lnJsO4m82JWSzQt1aBbW0d2KvvI.roa
File: lnJsO4m82JWSzQt1aBbW0d2KvvI.roa (raw, json)
Hash identifier: Vh9eD0EumWzg8RhCASK7CYVg8ObUogmFkWVRYzHcdGQ=
Subject key identifier: 96:72:6C:3B:89:BC:D8:95:92:CD:0B:75:68:16:D6:D1:DD:8A:BE:F2
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0939
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lnJsO4m82JWSzQt1aBbW0d2KvvI.roa
Signing time: Fri 17 Jan 2025 01:23:41 +0000
ROA not before: Fri 17 Jan 2025 01:23:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4766
IP address blocks: 58.66.128.0/18 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2361 (0x939)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=96726C3B89BCD89592CD0B756816D6D1DD8ABEF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:0a:f4:49:fa:1f:25:5b:ac:29:01:13:6d:
d7:f4:ac:73:6a:4a:89:98:4b:0b:d7:06:7e:b9:b9:
f6:0f:1a:71:38:3b:85:a4:6e:c3:32:3e:2c:6d:1a:
5f:21:77:da:18:55:ff:39:ba:17:05:2d:d9:30:12:
88:67:0f:c1:fa:be:31:b8:87:ad:45:f5:9c:c5:e8:
b6:c5:41:8e:11:ae:1e:2c:10:14:f7:4c:44:e2:f3:
b2:aa:1e:c9:44:d6:56:f9:ba:d8:b1:a2:25:12:4e:
7b:e8:b3:e9:00:47:59:7c:ce:3d:22:6b:af:b7:5b:
d8:ea:ab:b2:96:5c:6d:2d:5b:a1:35:b3:a6:bf:b8:
fa:8e:01:c0:79:43:56:17:79:77:aa:88:70:5b:f1:
9b:56:27:88:1b:c7:f2:3b:5a:ad:a3:69:26:43:c8:
a5:55:c6:d5:b1:e0:a3:a2:6b:b0:ec:fb:a7:42:eb:
5e:fb:ec:67:62:17:62:c7:2c:7f:ac:b0:cc:e2:c1:
e3:6d:83:a8:db:50:0d:b9:83:d0:f3:25:a1:b6:ff:
1c:78:32:48:0b:70:bf:a8:80:7c:09:95:42:1c:f2:
3e:7e:32:2e:16:f5:39:46:d3:cd:12:c8:b8:f9:22:
56:5e:48:8e:5d:ba:7b:12:ea:80:46:8e:13:b5:27:
31:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:72:6C:3B:89:BC:D8:95:92:CD:0B:75:68:16:D6:D1:DD:8A:BE:F2
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lnJsO4m82JWSzQt1aBbW0d2KvvI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.128.0/18
Signature Algorithm: sha256WithRSAEncryption
ad:a3:b2:87:66:7c:99:3d:27:ff:6a:8f:2f:25:ee:59:d4:da:
db:ae:51:fc:28:9e:13:6b:02:79:b0:7e:bd:3d:f8:9f:ad:53:
90:d1:65:f7:79:d5:4a:ee:69:06:c6:7f:46:b7:7b:21:f3:25:
cd:1f:3e:a4:2d:46:3d:cb:f4:e2:43:d9:76:ae:12:d2:66:66:
f9:ef:d5:4f:d6:dd:70:f1:8c:2a:5a:ea:f8:e0:4d:e7:cf:f7:
c9:04:aa:ba:c8:20:b5:89:d4:0d:88:3f:52:04:d1:20:8a:3a:
50:09:84:18:6b:16:5a:ce:e2:f0:8b:ed:2a:35:24:0f:54:60:
40:3b:43:b1:ca:b9:da:fa:27:2d:5c:04:d9:8d:d9:01:9e:4b:
5a:a8:44:74:74:8e:61:2a:5f:95:2f:01:d5:2f:39:05:7e:82:
b2:35:db:26:d5:3c:8b:90:e3:44:55:ff:51:fa:1c:97:2b:37:
9a:3f:48:02:b1:e7:42:4e:41:a5:f0:4f:7e:8a:02:4f:95:1b:
bd:4b:19:d8:f0:eb:d1:45:6e:a5:fb:90:3c:ae:ef:ce:cb:74:
ae:c9:49:1c:58:3c:6d:b1:e7:70:6c:13:4d:8a:a7:d2:d1:c2:
e6:83:55:51:06:ff:67:6a:81:3b:70:a9:8b:7e:9e:d7:94:a1:
c3:ec:26:34
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCTkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk2NzI2QzNCODlCQ0Q4
OTU5MkNEMEI3NTY4MTZENkQxREQ4QUJFRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrewr0SfofJVusKQETbdf0rHNqSomYSwvXBn65ufYPGnE4O4Wk
bsMyPixtGl8hd9oYVf85uhcFLdkwEohnD8H6vjG4h61F9ZzF6LbFQY4Rrh4sEBT3
TETi87KqHslE1lb5utixoiUSTnvos+kAR1l8zj0ia6+3W9jqq7KWXG0tW6E1s6a/
uPqOAcB5Q1YXeXeqiHBb8ZtWJ4gbx/I7Wq2jaSZDyKVVxtWx4KOia7Ds+6dC6177
7GdiF2LHLH+ssMziweNtg6jbUA25g9DzJaG2/xx4MkgLcL+ogHwJlUIc8j5+Mi4W
9TlG080SyLj5IlZeSI5dunsS6oBGjhO1JzGrAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUlnJsO4m82JWSzQt1aBbW0d2KvvIwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvbG5Kc080bTgySldTelF0MWFC
YlcwZDJLdnZJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjpC
gDANBgkqhkiG9w0BAQsFAAOCAQEAraOyh2Z8mT0n/2qPLyXuWdTa265R/CieE2sC
ebB+vT34n61TkNFl93nVSu5pBsZ/Rrd7IfMlzR8+pC1GPcv04kPZdq4S0mZm+e/V
T9bdcPGMKlrq+OBN58/3yQSqusggtYnUDYg/UgTRIIo6UAmEGGsWWs7i8IvtKjUk
D1RgQDtDscq52vonLVwE2Y3ZAZ5LWqhEdHSOYSpflS8B1S85BX6CsjXbJtU8i5Dj
RFX/Ufoclys3mj9IArHnQk5BpfBPfooCT5UbvUsZ2PDr0UVupfuQPK7vzst0rslJ
HFg8bbHncGwTTYqn0tHC5oNVUQb/Z2qBO3Cpi36e15Shw+wmNA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:55:15 2025 by rpki-client