Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/OqcVMwOwNt5DdtXBvJK2UQqRtO8.roa
File: OqcVMwOwNt5DdtXBvJK2UQqRtO8.roa (raw, json)
Hash identifier: CGfW6lDQF7G3DWvwwVwfnllcBJkivmGSJkOFi+w/wYE=
Subject key identifier: 3A:A7:15:33:03:B0:36:DE:43:76:D5:C1:BC:92:B6:51:0A:91:B4:EF
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: E1
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/OqcVMwOwNt5DdtXBvJK2UQqRtO8.roa
Signing time: Fri 06 Jun 2025 02:36:24 +0000
ROA not before: Fri 06 Jun 2025 02:36:24 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 9808
IP address blocks: 240a:40c3:2000::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 225 (0xe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 02:36:24 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=3AA7153303B036DE4376D5C1BC92B6510A91B4EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bf:44:f3:55:c8:ed:cc:6c:9a:a6:30:59:43:
d0:2d:b1:2b:2b:61:d4:e1:1d:a6:b2:74:5b:35:3d:
b2:be:be:4a:d4:cf:91:45:df:58:e7:25:05:e0:f9:
e5:d5:77:09:47:a5:0f:48:35:59:3a:0d:2f:39:e4:
ee:f5:c6:50:cf:b5:23:7f:d6:f4:b3:49:e3:bd:e1:
02:bf:20:fb:99:0b:3b:6a:4c:4e:fc:84:5a:ab:60:
79:af:58:0b:a1:c9:b3:b7:c6:4d:2a:ef:72:00:8b:
9c:69:60:6a:40:94:51:12:c9:67:28:dd:cd:50:c9:
6a:a6:76:db:e9:3d:c2:31:3a:49:a4:76:30:5f:b6:
b0:5c:0c:1b:c3:52:86:7b:59:53:7c:aa:a0:38:60:
bb:df:4e:17:c9:9b:eb:a3:f9:c2:94:90:dc:28:a7:
05:8b:fa:ee:e3:61:49:cc:94:2f:d9:ef:39:af:67:
4c:33:c2:77:93:2d:8b:57:bd:c0:f4:42:95:83:49:
11:2f:a6:a5:16:89:20:b4:77:64:3b:41:7a:c3:a8:
fd:a4:0a:9b:31:4c:2d:43:52:f1:af:90:40:60:33:
81:9e:14:b7:6a:c9:ae:37:05:29:ab:0a:db:77:d5:
3c:03:38:cf:3b:03:d4:a7:f7:18:f0:75:85:55:b6:
9d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A7:15:33:03:B0:36:DE:43:76:D5:C1:BC:92:B6:51:0A:91:B4:EF
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/OqcVMwOwNt5DdtXBvJK2UQqRtO8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:40c3:2000::/44
Signature Algorithm: sha256WithRSAEncryption
7a:01:db:20:f3:54:5f:8a:ee:4a:1d:d3:ef:f7:35:54:64:99:
1d:cf:b7:4b:e3:fe:03:5c:74:c6:8b:32:ff:89:8e:fb:18:f5:
4d:91:f9:39:08:b9:67:64:0e:b5:82:c4:6f:40:fb:e0:5c:9d:
24:69:a9:9c:0a:37:93:78:73:3d:b9:f8:69:3b:4b:14:55:96:
6a:37:e4:32:b9:14:9d:5c:48:ca:1a:cf:41:59:b9:8f:5d:53:
79:5a:f1:2b:44:20:fa:3d:90:a4:fb:ed:42:da:07:4a:ca:34:
75:f8:54:05:c3:99:57:23:2a:46:3a:3f:99:5c:02:32:94:ce:
62:d7:70:7a:ee:8b:f1:39:12:8f:0f:9e:ab:4a:2f:01:c6:fe:
9d:0d:2e:89:c3:57:39:a7:38:39:77:f8:4b:46:b8:01:9e:99:
c0:3e:e0:f0:cd:fb:05:34:f0:60:13:14:08:e8:f0:0c:a7:f9:
8d:b5:8d:bc:65:63:bd:8b:f9:3d:ac:f2:fb:f1:9c:20:98:20:
ab:33:8e:e2:48:ea:be:1c:a0:d2:69:2f:7e:e7:1c:e0:ac:a1:
36:a7:ae:f2:c2:b0:bb:b6:17:3a:92:d8:5a:e8:fb:97:08:34:
a7:2f:53:d6:69:23:c8:e1:62:f1:a1:97:ff:a9:d9:d2:a3:74:
59:e8:00:bb
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MjM2MjRaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDNBQTcxNTMzMDNCMDM2
REU0Mzc2RDVDMUJDOTJCNjUxMEE5MUI0RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWv0TzVcjtzGyapjBZQ9AtsSsrYdThHaaydFs1PbK+vkrUz5FF
31jnJQXg+eXVdwlHpQ9INVk6DS855O71xlDPtSN/1vSzSeO94QK/IPuZCztqTE78
hFqrYHmvWAuhybO3xk0q73IAi5xpYGpAlFESyWco3c1QyWqmdtvpPcIxOkmkdjBf
trBcDBvDUoZ7WVN8qqA4YLvfThfJm+uj+cKUkNwopwWL+u7jYUnMlC/Z7zmvZ0wz
wneTLYtXvcD0QpWDSREvpqUWiSC0d2Q7QXrDqP2kCpsxTC1DUvGvkEBgM4GeFLdq
ya43BSmrCtt31TwDOM87A9Sn9xjwdYVVtp2DAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUOqcVMwOwNt5DdtXBvJK2UQqRtO8wHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvT3FjVk13T3dOdDVE
ZHRYQnZKSzJVUXFSdE84LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQKQMMgADANBgkqhkiG9w0BAQsFAAOCAQEAegHbIPNUX4ruSh3T7/c1VGSZ
Hc+3S+P+A1x0xosy/4mO+xj1TZH5OQi5Z2QOtYLEb0D74FydJGmpnAo3k3hzPbn4
aTtLFFWWajfkMrkUnVxIyhrPQVm5j11TeVrxK0Qg+j2QpPvtQtoHSso0dfhUBcOZ
VyMqRjo/mVwCMpTOYtdweu6L8TkSjw+eq0ovAcb+nQ0uicNXOac4OXf4S0a4AZ6Z
wD7g8M37BTTwYBMUCOjwDKf5jbWNvGVjvYv5Pazy+/GcIJggqzOO4kjqvhyg0mkv
fucc4KyhNqeu8sKwu7YXOpLYWuj7lwg0py9T1mkjyOFi8aGX/6nZ0qN0WegAuw==
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:10:40 2025 by rpki-client