Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/142/Nkp1JfJz04j-aKzOz-RlP_zs_io.roa
File: Nkp1JfJz04j-aKzOz-RlP_zs_io.roa (raw, json)
Hash identifier: txdhQLKzkcj51mOwnoL2n5rzsH5tt6QbTqrMy8i8Ruc=
Subject key identifier: 36:4A:75:25:F2:73:D3:88:FE:68:AC:CE:CF:E4:65:3F:FC:EC:FE:2A
Certificate issuer: /CN=D1BD290DA9F968E704BF240911880593E7F5AEC6
Certificate serial: 0D
Authority key identifier: D1:BD:29:0D:A9:F9:68:E7:04:BF:24:09:11:88:05:93:E7:F5:AE:C6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0b0pDan5aOcEvyQJEYgFk-f1rsY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/Nkp1JfJz04j-aKzOz-RlP_zs_io.roa
Signing time: Fri 24 Oct 2025 01:07:01 +0000
ROA not before: Fri 24 Oct 2025 01:07:01 +0000
ROA not after: Fri 23 Oct 2026 09:04:31 +0000
asID: 17962
IP address blocks: 219.232.160.0/19 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D1BD290DA9F968E704BF240911880593E7F5AEC6
Validity
Not Before: Oct 24 01:07:01 2025 GMT
Not After : Oct 23 09:04:31 2026 GMT
Subject: CN=364A7525F273D388FE68ACCECFE4653FFCECFE2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:32:45:cc:07:38:0d:bd:d6:38:4a:e6:de:
47:3e:21:78:6d:5f:9a:3b:ae:b0:1c:3c:eb:11:13:
95:15:c7:d3:36:47:e5:cc:9d:32:e2:c4:16:b1:d3:
88:39:aa:ef:b8:22:24:49:6b:64:50:a0:16:c4:65:
64:f0:4e:86:7c:09:ae:d6:cb:38:da:1c:99:73:0b:
17:c7:d3:66:b3:03:1c:3d:10:57:05:a4:d6:5a:ac:
0d:2b:44:11:72:21:f5:1b:1d:bb:a1:28:9b:e5:27:
1b:98:ee:b4:50:61:81:97:ec:51:50:26:1b:d3:68:
d0:34:e6:5a:8d:ea:da:15:96:a5:e6:17:8b:e1:34:
0a:39:c9:10:87:58:0c:69:d8:34:86:9c:e0:18:7e:
b3:79:00:72:88:27:7c:6f:f9:6e:94:ed:6a:6f:f7:
86:6d:e4:86:64:6a:5c:e0:84:ab:7e:31:72:6c:4a:
af:52:79:ba:31:85:c2:5d:f3:70:38:74:3f:26:f2:
b0:d3:59:80:3d:9f:69:a7:11:70:bb:3f:a3:0f:f0:
83:af:60:0e:36:02:54:4e:ba:fc:4f:50:66:a1:01:
67:4e:b1:40:3d:8f:f9:3e:f6:0f:6f:1b:3b:c9:1a:
30:ef:71:b6:7e:61:05:98:3c:79:ee:91:ba:c4:ae:
94:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4A:75:25:F2:73:D3:88:FE:68:AC:CE:CF:E4:65:3F:FC:EC:FE:2A
X509v3 Authority Key Identifier:
keyid:D1:BD:29:0D:A9:F9:68:E7:04:BF:24:09:11:88:05:93:E7:F5:AE:C6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/0b0pDan5aOcEvyQJEYgFk-f1rsY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0b0pDan5aOcEvyQJEYgFk-f1rsY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/Nkp1JfJz04j-aKzOz-RlP_zs_io.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.232.160.0/19
Signature Algorithm: sha256WithRSAEncryption
35:6d:b0:d6:55:6c:2d:ef:00:45:35:38:04:2c:e2:94:b5:04:
ce:10:c3:f6:ce:f2:f4:97:ba:41:52:16:c8:98:ea:89:ca:6e:
23:e7:3f:c0:da:40:bb:73:b7:36:1e:8d:f3:8f:b9:20:64:b7:
44:2f:cc:60:6a:09:bf:b2:dc:d7:f6:cd:66:57:0b:51:af:ec:
df:5a:9c:8f:b5:1f:f5:c6:1a:af:5f:87:81:0c:63:04:b6:9d:
a2:7a:14:a1:c1:29:23:71:e1:1e:96:bb:1d:e6:0a:17:a0:f3:
e8:9c:d1:4b:9a:29:76:7e:21:a4:41:96:6b:3c:d4:f3:41:da:
13:d2:26:d2:d0:31:59:69:5f:71:f7:9c:35:d9:2a:23:b6:90:
51:c3:f4:a2:8d:fd:6b:8d:65:9e:6a:a5:6b:2f:01:d0:18:7e:
76:31:2b:16:92:45:d6:eb:6e:35:42:6a:4d:6a:3c:3e:d9:10:
1f:1d:2c:0f:39:fb:8f:6b:0e:4f:ef:03:16:58:db:ce:60:2d:
c1:dd:48:99:89:c3:29:57:d9:31:b4:be:21:c8:6e:72:4f:8b:
dc:ce:d3:cf:09:05:1b:32:8f:8c:3e:cc:c6:96:b3:e7:7a:85:
87:bf:5d:ab:8c:0f:1d:2c:6d:c5:b0:c2:f6:80:ac:de:0d:3f:
c1:b4:ec:83
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEMUJE
MjkwREE5Rjk2OEU3MDRCRjI0MDkxMTg4MDU5M0U3RjVBRUM2MB4XDTI1MTAyNDAx
MDcwMVoXDTI2MTAyMzA5MDQzMVowMzExMC8GA1UEAxMoMzY0QTc1MjVGMjczRDM4
OEZFNjhBQ0NFQ0ZFNDY1M0ZGQ0VDRkUyQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALlOMkXMBzgNvdY4SubeRz4heG1fmjuusBw86xETlRXH0zZH5cyd
MuLEFrHTiDmq77giJElrZFCgFsRlZPBOhnwJrtbLONocmXMLF8fTZrMDHD0QVwWk
1lqsDStEEXIh9Rsdu6Eom+UnG5jutFBhgZfsUVAmG9No0DTmWo3q2hWWpeYXi+E0
CjnJEIdYDGnYNIac4Bh+s3kAcognfG/5bpTtam/3hm3khmRqXOCEq34xcmxKr1J5
ujGFwl3zcDh0PybysNNZgD2faacRcLs/ow/wg69gDjYCVE66/E9QZqEBZ06xQD2P
+T72D28bO8kaMO9xtn5hBZg8ee6RusSulLkCAwEAAaOCAfEwggHtMB0GA1UdDgQW
BBQ2SnUl8nPTiP5orM7P5GU//Oz+KjAfBgNVHSMEGDAWgBTRvSkNqflo5wS/JAkR
iAWT5/WuxjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNDIv
MGIwcERhbjVhT2NFdnlRSkVZZ0ZrLWYxcnNZLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8wYjBwRGFuNWFPY0V2eVFKRVlnRmstZjFyc1kuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNDIvTmtwMUpmSnowNGotYUt6
T3otUmxQX3pzX2lvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BdvooDANBgkqhkiG9w0BAQsFAAOCAQEANW2w1lVsLe8ARTU4BCzilLUEzhDD9s7y
9Je6QVIWyJjqicpuI+c/wNpAu3O3Nh6N84+5IGS3RC/MYGoJv7Lc1/bNZlcLUa/s
31qcj7Uf9cYar1+HgQxjBLadonoUocEpI3HhHpa7HeYKF6Dz6JzRS5opdn4hpEGW
azzU80HaE9Im0tAxWWlfcfecNdkqI7aQUcP0oo39a41lnmqlay8B0Bh+djErFpJF
1utuNUJqTWo8PtkQHx0sDzn7j2sOT+8DFljbzmAtwd1ImYnDKVfZMbS+Ichuck+L
3M7TzwkFGzKPjD7Mxpaz53qFh79dq4wPHSxtxbDC9oCs3g0/wbTsgw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:25:49 2025 by rpki-client