Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/weUbzAPgaxCVZbddE08oUXcO6MU.roa
File: weUbzAPgaxCVZbddE08oUXcO6MU.roa (raw, json)
Hash identifier: rDm9DcVhawHlcOrRLQ2HCRhcLQwO53JheJgwkzwuErw=
Subject key identifier: C1:E5:1B:CC:03:E0:6B:10:95:65:B7:5D:13:4F:28:51:77:0E:E8:C5
Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Certificate serial: 06DB
Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/weUbzAPgaxCVZbddE08oUXcO6MU.roa
Signing time: Tue 01 Apr 2025 09:30:05 +0000
ROA not before: Tue 01 Apr 2025 09:30:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 58834
IP address blocks: 2407:9f00::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1755 (0x6db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Validity
Not Before: Apr 1 09:30:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C1E51BCC03E06B109565B75D134F2851770EE8C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:42:a1:41:d3:04:27:77:b9:79:07:5d:a9:3d:
f3:c7:18:70:06:14:28:cd:42:94:3a:5f:b6:88:93:
25:1d:b3:72:18:30:e7:1e:1c:0a:45:31:a1:4e:46:
68:f9:b3:1a:30:50:f8:47:22:80:a5:ab:07:96:f7:
25:3d:54:15:3b:12:9e:0f:3e:93:ff:c9:5b:fd:4d:
c6:90:70:a3:03:c8:56:7a:6f:bc:11:0a:b7:1f:5c:
f6:98:fb:0c:fd:79:e5:97:6f:6c:7d:d6:16:c1:0e:
d2:94:87:59:10:c8:12:26:13:60:61:6e:02:ba:b2:
ad:b4:ea:54:ed:f2:bb:29:97:ad:3e:a4:37:fd:a7:
62:d5:a8:25:64:4a:bb:dc:a6:24:54:a0:9d:58:7a:
75:50:06:d4:ff:4e:31:34:01:cf:5d:2d:6e:a3:8a:
80:6d:38:be:a5:32:be:3f:0f:ed:6c:16:38:18:16:
05:0d:f2:3c:cd:4c:f4:3e:46:34:4a:be:36:1f:27:
15:02:4e:ac:cd:cf:ee:2d:23:2c:aa:9b:47:fa:40:
91:c0:e5:cb:e0:33:6c:dd:62:90:e0:77:a7:15:64:
55:b6:b6:53:5e:e5:ef:9c:1b:ed:da:da:eb:63:0b:
e5:d6:1b:2f:59:44:5e:ac:de:e3:b3:0f:f1:ee:58:
7f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E5:1B:CC:03:E0:6B:10:95:65:B7:5D:13:4F:28:51:77:0E:E8:C5
X509v3 Authority Key Identifier:
keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/weUbzAPgaxCVZbddE08oUXcO6MU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
97:ad:4f:6f:df:1f:a2:e2:95:5d:44:16:22:67:94:f4:40:12:
bd:a6:12:0c:c4:8a:99:94:ea:23:60:f0:4d:cd:27:d9:97:d0:
59:99:00:99:50:d4:83:33:ad:9b:82:a9:8a:f9:0f:d4:33:9b:
53:bf:24:63:f8:22:18:d8:c3:ae:2f:65:08:69:13:85:3e:b3:
85:be:f8:45:2a:8c:5a:f4:65:9b:c0:c8:28:0f:a6:93:01:65:
67:b0:9e:b0:f5:c9:52:7e:d4:7a:64:ef:f4:1f:15:8b:9f:ab:
cc:c7:32:8b:76:39:5e:bd:df:97:3b:7c:4a:a6:6d:87:60:95:
d1:5d:3d:a0:c3:3d:13:fd:15:f0:be:33:1d:27:d3:75:aa:6c:
f9:ac:26:ff:b3:43:72:c1:32:ae:3b:7d:39:cf:19:36:fb:7c:
29:c2:85:95:3f:8f:a8:67:36:88:0e:44:f7:ee:34:87:87:5e:
13:51:54:26:5f:e5:5f:5e:fb:61:d8:88:3f:38:0d:cb:00:ef:
c6:4d:26:e6:ff:8d:c9:e3:f1:bf:56:24:cb:a6:0e:dd:35:6b:
df:bd:3a:19:1a:7b:cc:0a:bb:9b:09:01:d3:62:b3:be:ff:86:
76:0d:46:51:08:ff:a1:13:1b:29:f4:e2:d2:88:fd:17:43:10:
63:d0:f4:a1
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICBtswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC
RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTA0MDEw
OTMwMDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEMxRTUxQkNDMDNFMDZC
MTA5NTY1Qjc1RDEzNEYyODUxNzcwRUU4QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeQqFB0wQnd7l5B12pPfPHGHAGFCjNQpQ6X7aIkyUds3IYMOce
HApFMaFORmj5sxowUPhHIoClqweW9yU9VBU7Ep4PPpP/yVv9TcaQcKMDyFZ6b7wR
CrcfXPaY+wz9eeWXb2x91hbBDtKUh1kQyBImE2BhbgK6sq206lTt8rspl60+pDf9
p2LVqCVkSrvcpiRUoJ1YenVQBtT/TjE0Ac9dLW6jioBtOL6lMr4/D+1sFjgYFgUN
8jzNTPQ+RjRKvjYfJxUCTqzNz+4tIyyqm0f6QJHA5cvgM2zdYpDgd6cVZFW2tlNe
5e+cG+3a2utjC+XWGy9ZRF6s3uOzD/HuWH+VAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUweUbzAPgaxCVZbddE08oUXcO6MUwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx
+fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz
LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL3dlVWJ6QVBnYXhDVlpi
ZGRFMDhvVVhjTzZNVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkB58AMA0GCSqGSIb3DQEBCwUAA4IBAQCXrU9v3x+i4pVdRBYiZ5T0QBK9phIM
xIqZlOojYPBNzSfZl9BZmQCZUNSDM62bgqmK+Q/UM5tTvyRj+CIY2MOuL2UIaROF
PrOFvvhFKoxa9GWbwMgoD6aTAWVnsJ6w9clSftR6ZO/0HxWLn6vMxzKLdjlevd+X
O3xKpm2HYJXRXT2gwz0T/RXwvjMdJ9N1qmz5rCb/s0NywTKuO305zxk2+3wpwoWV
P4+oZzaIDkT37jSHh14TUVQmX+VfXvth2Ig/OA3LAO/GTSbm/43J4/G/ViTLpg7d
NWvfvToZGnvMCrubCQHTYrO+/4Z2DUZRCP+hExsp9OLSiP0XQxBj0PSh
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:09:05 2025 by rpki-client