Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/euUB5wHTE15FeTIyxFlP-AbD-0Q.roa
File: euUB5wHTE15FeTIyxFlP-AbD-0Q.roa (raw, json)
Hash identifier: kiFE5o9tyJ/BqQmJj0b1GPGCnR6C2IUbXdVoKvf8KYM=
Subject key identifier: 7A:E5:01:E7:01:D3:13:5E:45:79:32:32:C4:59:4F:F8:06:C3:FB:44
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 21A8
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/euUB5wHTE15FeTIyxFlP-AbD-0Q.roa
Signing time: Fri 29 Aug 2025 09:05:33 +0000
ROA not before: Fri 29 Aug 2025 09:05:33 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 4808
IP address blocks: 117.50.160.0/19 maxlen: 19
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8616 (0x21a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Aug 29 09:05:33 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=7AE501E701D3135E45793232C4594FF806C3FB44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f3:74:81:ed:47:50:c3:74:aa:e0:9f:c6:5c:
e9:c8:9d:1f:f4:8f:2f:3a:76:99:7a:3e:09:f7:7c:
6a:ec:bf:96:70:e6:6b:48:b4:e8:1e:98:e0:20:88:
b3:df:9f:b2:7b:d8:bf:3a:56:73:bc:6f:29:c9:a7:
16:e2:7a:e5:0d:e6:47:c4:5b:46:e1:3a:b5:0e:46:
f9:a9:b3:c7:11:f9:b1:5c:c8:00:1a:5a:3f:09:cd:
41:e0:4e:b2:cf:e7:29:f1:0d:0a:2a:e9:ee:c6:f7:
59:ef:17:b3:42:58:fd:2d:16:48:e6:e7:45:1d:0c:
8c:91:67:44:e0:08:91:80:7c:63:fa:e8:c9:c9:c4:
91:74:66:ec:de:9c:4a:98:fb:56:59:eb:9b:26:76:
5d:9b:49:a5:a1:8b:77:bc:6e:1d:35:a8:0d:a9:1e:
8f:8d:4f:15:e7:0e:1b:15:83:a8:88:38:fe:b9:6f:
ba:ea:26:b1:a5:6b:9e:5b:94:5e:27:94:ee:be:1a:
f4:d2:6d:a8:c1:aa:9b:e0:d8:88:e2:c9:38:a9:fa:
2a:1c:97:c0:08:66:47:e6:c9:8d:04:b6:fb:1e:38:
31:75:23:af:d0:37:dc:1f:6a:18:0c:de:07:0d:05:
15:69:96:1c:38:18:cb:af:21:41:93:de:c3:5b:d2:
78:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E5:01:E7:01:D3:13:5E:45:79:32:32:C4:59:4F:F8:06:C3:FB:44
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/euUB5wHTE15FeTIyxFlP-AbD-0Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
117.50.160.0/19
Signature Algorithm: sha256WithRSAEncryption
45:dd:9c:78:43:49:be:d8:99:2c:d4:b6:6f:9b:57:9e:bd:61:
22:c1:80:63:df:8c:3c:0d:07:ba:94:1d:ce:13:2f:a2:ba:c3:
69:26:8f:5e:02:62:88:5f:f7:08:65:54:7d:34:84:26:c0:40:
39:42:13:43:6c:ef:c5:18:0c:cc:cd:8d:a9:47:18:00:40:86:
1f:b8:ba:25:bc:11:a8:57:23:d7:6c:07:74:2f:7d:ed:06:b6:
ff:90:44:32:ce:c7:10:1b:c6:0b:55:48:e4:a8:90:00:1e:97:
8c:70:09:2d:38:24:d4:58:84:04:63:b9:9e:c5:1e:2f:cd:cc:
07:f3:cf:5c:53:3a:e5:d4:5f:9f:95:07:19:00:dc:b9:65:e6:
75:7b:9b:ed:8f:5f:b0:65:85:b8:f2:2c:4f:b8:5d:c7:a0:d0:
55:4d:34:35:3a:f9:54:1e:8d:d4:bd:17:cb:b6:1f:00:7c:28:
84:90:bf:fa:ad:23:2e:cc:1d:8a:43:6d:22:59:e0:be:de:15:
60:3a:cb:72:27:27:05:36:f2:20:f8:2a:b6:2e:a0:95:a9:3e:
47:32:68:aa:ed:07:ea:dd:59:02:eb:da:c9:e1:24:b8:ce:33:
01:83:9f:44:17:7e:b9:e8:44:84:5b:29:a4:30:36:34:05:75:
73:01:ae:cf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw
OTA1MzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdBRTUwMUU3MDFEMzEz
NUU0NTc5MzIzMkM0NTk0RkY4MDZDM0ZCNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+83SB7UdQw3Sq4J/GXOnInR/0jy86dpl6Pgn3fGrsv5Zw5mtI
tOgemOAgiLPfn7J72L86VnO8bynJpxbieuUN5kfEW0bhOrUORvmps8cR+bFcyAAa
Wj8JzUHgTrLP5ynxDQoq6e7G91nvF7NCWP0tFkjm50UdDIyRZ0TgCJGAfGP66MnJ
xJF0ZuzenEqY+1ZZ65smdl2bSaWhi3e8bh01qA2pHo+NTxXnDhsVg6iIOP65b7rq
JrGla55blF4nlO6+GvTSbajBqpvg2IjiyTip+iocl8AIZkfmyY0EtvseODF1I6/Q
N9wfahgM3gcNBRVplhw4GMuvIUGT3sNb0nh5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUeuUB5wHTE15FeTIyxFlP+AbD+0QwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2V1VUI1d0hURTE1RmVU
SXl4RmxQLUFiRC0wUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAV1MqAwDQYJKoZIhvcNAQELBQADggEBAEXdnHhDSb7YmSzUtm+bV569YSLBgGPf
jDwNB7qUHc4TL6K6w2kmj14CYohf9whlVH00hCbAQDlCE0Ns78UYDMzNjalHGABA
hh+4uiW8EahXI9dsB3Qvfe0Gtv+QRDLOxxAbxgtVSOSokAAel4xwCS04JNRYhARj
uZ7FHi/NzAfzz1xTOuXUX5+VBxkA3Lll5nV7m+2PX7BlhbjyLE+4Xceg0FVNNDU6
+VQejdS9F8u2HwB8KISQv/qtIy7MHYpDbSJZ4L7eFWA6y3InJwU28iD4KrYuoJWp
PkcyaKrtB+rdWQLr2snhJLjOMwGDn0QXfrnoRIRbKaQwNjQFdXMBrs8=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:25:48 2025 by rpki-client