Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/AVIlg0BuWA7j9aC22tZyWcrC14k.roa
File: AVIlg0BuWA7j9aC22tZyWcrC14k.roa (raw, json)
Hash identifier: jBPBwUpu7xUZmccashR9ROKx3tRZzk5Kw1KxZHzLcis=
Subject key identifier: 01:52:25:83:40:6E:58:0E:E3:F5:A0:B6:DA:D6:72:59:CA:C2:D7:89
Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Certificate serial: 2166
Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/AVIlg0BuWA7j9aC22tZyWcrC14k.roa
Signing time: Sat 13 Sep 2025 03:03:03 +0000
ROA not before: Sat 13 Sep 2025 03:03:03 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 4134
IP address blocks: 43.254.128.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8550 (0x2166)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Validity
Not Before: Sep 13 03:03:03 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=01522583406E580EE3F5A0B6DAD67259CAC2D789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8a:6b:28:15:25:80:9d:21:b5:83:42:86:a7:
9e:4a:f0:d0:10:c5:e4:db:a2:b2:fb:2d:e1:60:bc:
70:35:c3:49:32:25:0c:e1:d5:c0:0c:61:00:60:f5:
5c:79:42:71:20:16:c2:9e:b7:2f:58:0f:2f:96:ee:
ca:7b:cc:34:a0:4f:70:20:09:cb:38:2a:0a:77:2a:
12:ac:44:0f:44:0f:9a:ac:73:d9:ba:c8:ed:5c:95:
57:9d:c5:85:d8:0e:65:ed:50:3e:9c:44:a1:c5:ea:
8a:8e:db:21:42:46:4b:8e:fa:b6:84:0d:73:d2:ec:
44:a8:25:1d:0e:8d:8d:94:0a:38:64:09:c6:93:4e:
5c:fa:9f:3b:a0:bd:e7:af:b0:84:79:08:e4:85:15:
a6:74:2b:83:37:de:01:e5:88:1f:0e:d2:1c:ec:76:
39:75:2e:58:b5:8e:30:69:4d:8f:a8:01:ce:0b:81:
2d:88:c0:87:8f:f7:a2:fb:57:00:93:c7:8f:e4:36:
a1:f7:05:45:a6:4a:c0:38:21:57:f1:a3:ab:94:7b:
9b:d8:10:e7:77:43:a1:20:82:80:90:3b:fb:be:d3:
1f:03:7e:3b:81:4e:7b:cb:83:58:d3:89:b0:35:22:
29:2f:0f:91:30:58:f8:ba:5d:d7:fb:15:33:1a:70:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:52:25:83:40:6E:58:0E:E3:F5:A0:B6:DA:D6:72:59:CA:C2:D7:89
X509v3 Authority Key Identifier:
keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/AVIlg0BuWA7j9aC22tZyWcrC14k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.128.0/22
Signature Algorithm: sha256WithRSAEncryption
86:a3:a2:a1:2e:26:0b:61:2e:e4:c3:a8:15:da:4d:65:62:23:
19:f0:4d:63:fb:51:ea:0b:bc:cf:d9:d9:66:61:e2:69:2b:e6:
e8:1b:13:ec:fb:d0:df:33:cb:e6:e8:60:dd:a1:50:32:cf:bf:
01:aa:6d:18:d5:5b:7e:f7:ad:0f:50:c2:dd:da:90:5c:b2:ba:
4e:0b:ef:ab:bd:b9:86:9e:b0:47:0f:78:ee:5d:c9:f0:ab:79:
65:aa:5f:60:08:42:8f:11:ea:70:9c:fa:48:29:65:96:11:b3:
4d:af:74:39:fe:cd:c2:77:7e:31:a1:94:a0:ca:c9:ed:bb:99:
06:a7:c5:b4:43:32:01:b1:3c:44:d6:95:5e:31:a4:06:fe:ac:
50:6a:01:f0:d3:47:33:45:84:92:fe:69:9c:d2:c0:11:f0:5b:
92:1c:68:f6:eb:b6:37:37:4d:06:6d:5e:fb:cb:df:d5:da:bf:
41:61:d5:0c:e0:67:57:d4:4f:a3:67:db:d0:34:83:2d:41:06:
d0:9e:39:78:4d:31:57:4a:cd:8b:9f:91:20:f3:2d:44:58:5e:
04:0d:5e:35:03:1c:38:43:73:cb:ce:df:28:4b:6b:52:42:74:
1d:78:3f:9c:c4:c3:71:2a:b3:8a:24:b5:a5:f0:96:3f:02:b7:
70:2c:e0:56
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNTA5MTMw
MzAzMDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDAxNTIyNTgzNDA2RTU4
MEVFM0Y1QTBCNkRBRDY3MjU5Q0FDMkQ3ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoimsoFSWAnSG1g0KGp55K8NAQxeTborL7LeFgvHA1w0kyJQzh
1cAMYQBg9Vx5QnEgFsKety9YDy+W7sp7zDSgT3AgCcs4Kgp3KhKsRA9ED5qsc9m6
yO1clVedxYXYDmXtUD6cRKHF6oqO2yFCRkuO+raEDXPS7ESoJR0OjY2UCjhkCcaT
Tlz6nzugveevsIR5COSFFaZ0K4M33gHliB8O0hzsdjl1Lli1jjBpTY+oAc4LgS2I
wIeP96L7VwCTx4/kNqH3BUWmSsA4IVfxo6uUe5vYEOd3Q6EggoCQO/u+0x8DfjuB
TnvLg1jTibA1IikvD5EwWPi6Xdf7FTMacHaXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAVIlg0BuWA7j9aC22tZyWcrC14kwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt
eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz
L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0FWSWxnMEJ1V0E3ajlh
QzIydFp5V2NyQzE0ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr/oAwDQYJKoZIhvcNAQELBQADggEBAIajoqEuJgthLuTDqBXaTWViIxnwTWP7
UeoLvM/Z2WZh4mkr5ugbE+z70N8zy+boYN2hUDLPvwGqbRjVW373rQ9Qwt3akFyy
uk4L76u9uYaesEcPeO5dyfCreWWqX2AIQo8R6nCc+kgpZZYRs02vdDn+zcJ3fjGh
lKDKye27mQanxbRDMgGxPETWlV4xpAb+rFBqAfDTRzNFhJL+aZzSwBHwW5IcaPbr
tjc3TQZtXvvL39Xav0Fh1QzgZ1fUT6Nn29A0gy1BBtCeOXhNMVdKzYufkSDzLURY
XgQNXjUDHDhDc8vO3yhLa1JCdB14P5zEw3Eqs4oktaXwlj8Ct3As4FY=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:18:19 2025 by rpki-client