Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/g8jklEEYy48EKEVhyzw5FYWIGZM.roa
File: g8jklEEYy48EKEVhyzw5FYWIGZM.roa (raw, json)
Hash identifier: SksqWZ6ip8AYQjfpEQXY3TZALt2YT/r4zlh/vnDk/no=
Subject key identifier: 83:C8:E4:94:41:18:CB:8F:04:28:45:61:CB:3C:39:15:85:88:19:93
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: C0
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/g8jklEEYy48EKEVhyzw5FYWIGZM.roa
Signing time: Fri 06 Jun 2025 02:29:17 +0000
ROA not before: Fri 06 Jun 2025 02:29:17 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56040
IP address blocks: 240a:40c2:c010::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192 (0xc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: Jun 6 02:29:17 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=83C8E4944118CB8F04284561CB3C391585881993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5e:f1:77:66:a7:39:c1:f3:19:7d:2c:2a:ca:
40:79:22:3d:08:3f:43:47:7c:fc:d6:15:74:aa:c5:
2b:eb:55:f0:c7:4f:fa:52:f2:a7:94:a0:53:e7:7e:
6c:30:c8:b7:93:54:81:3c:cc:97:13:c1:0f:fc:de:
bd:7f:78:b4:0a:97:1d:72:ba:e7:b1:3b:f7:64:3f:
3f:17:9c:7a:7b:e1:ad:23:5e:54:dc:94:be:1f:10:
98:4a:35:e0:97:4a:26:9a:fb:53:c4:f2:f9:c9:be:
66:09:c9:4e:24:00:46:92:16:90:f1:97:94:a5:ad:
c7:a5:1b:55:b4:45:db:e7:2a:70:66:f1:5e:66:86:
6d:da:56:b5:79:10:2f:ea:72:75:54:e0:04:e6:c3:
44:28:a0:b5:41:a2:69:65:ae:9a:08:2a:24:d5:e1:
c2:e7:78:af:56:d1:5a:43:2c:43:3d:90:56:0b:30:
37:9b:1f:9a:54:97:88:2d:7e:3a:3d:d9:c8:f2:95:
77:f3:95:62:94:ab:ad:bb:5d:d2:38:21:ed:0a:2c:
50:c8:8c:48:b8:37:bd:18:04:c8:6f:89:54:75:2f:
fb:74:39:d2:59:22:e4:aa:9a:72:1d:95:a2:5f:1b:
5b:42:88:46:f1:0e:7c:3f:f3:96:53:7b:d6:74:20:
32:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C8:E4:94:41:18:CB:8F:04:28:45:61:CB:3C:39:15:85:88:19:93
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/g8jklEEYy48EKEVhyzw5FYWIGZM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:40c2:c010::/44
Signature Algorithm: sha256WithRSAEncryption
39:40:bc:3c:b4:18:5a:67:22:25:74:3a:04:e1:40:e9:a0:9f:
4c:98:2c:bd:d0:62:07:9d:d0:7d:60:19:62:c6:55:42:3a:68:
76:58:af:86:9f:6a:cf:e4:be:a2:97:85:a4:42:33:cf:89:77:
b6:b6:28:f5:75:98:a9:e7:42:ad:b2:2a:7a:19:3d:f7:08:63:
36:6e:33:e0:47:5a:e3:bb:b3:05:c9:d0:ab:b2:5f:b4:91:82:
5b:07:02:da:a9:52:0a:2e:cc:82:7a:88:02:aa:b2:37:fe:6d:
59:74:f7:21:9c:18:73:52:3d:d8:31:a5:e5:cf:db:08:66:3c:
b8:b2:5c:b4:be:61:19:57:6d:a9:e2:bd:54:83:e6:a6:e6:c5:
f7:75:90:9b:6b:af:8e:1a:e3:3d:59:cd:17:16:60:76:e4:3d:
26:3a:d4:ff:9c:7d:32:d8:3a:c8:d7:2f:f4:d1:af:52:65:df:
44:25:a2:97:eb:03:83:f6:74:0e:16:3e:02:0d:cd:07:08:49:
bd:58:0e:8f:b9:14:2a:2b:60:e2:d3:32:4a:f6:5c:a7:38:1b:
8f:b0:0c:66:86:ac:30:be:e4:b8:b6:16:26:a6:d6:0e:52:a7:
08:71:a2:46:fc:3c:0c:7f:8f:57:d2:c1:a7:41:02:58:f3:ec:
24:bd:28:9a
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF
RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw
MjI5MTdaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDgzQzhFNDk0NDExOENC
OEYwNDI4NDU2MUNCM0MzOTE1ODU4ODE5OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9XvF3Zqc5wfMZfSwqykB5Ij0IP0NHfPzWFXSqxSvrVfDHT/pS
8qeUoFPnfmwwyLeTVIE8zJcTwQ/83r1/eLQKlx1yuuexO/dkPz8XnHp74a0jXlTc
lL4fEJhKNeCXSiaa+1PE8vnJvmYJyU4kAEaSFpDxl5SlrcelG1W0RdvnKnBm8V5m
hm3aVrV5EC/qcnVU4ATmw0QooLVBomllrpoIKiTV4cLneK9W0VpDLEM9kFYLMDeb
H5pUl4gtfjo92cjylXfzlWKUq627XdI4Ie0KLFDIjEi4N70YBMhviVR1L/t0OdJZ
IuSqmnIdlaJfG1tCiEbxDnw/85ZTe9Z0IDKTAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUg8jklEEYy48EKEVhyzw5FYWIGZMwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7
j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvZzhqa2xFRVl5NDhF
S0VWaHl6dzVGWVdJR1pNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQKQMLAEDANBgkqhkiG9w0BAQsFAAOCAQEAOUC8PLQYWmciJXQ6BOFA6aCf
TJgsvdBiB53QfWAZYsZVQjpodlivhp9qz+S+opeFpEIzz4l3trYo9XWYqedCrbIq
ehk99whjNm4z4Eda47uzBcnQq7JftJGCWwcC2qlSCi7MgnqIAqqyN/5tWXT3IZwY
c1I92DGl5c/bCGY8uLJctL5hGVdtqeK9VIPmpubF93WQm2uvjhrjPVnNFxZgduQ9
JjrU/5x9Mtg6yNcv9NGvUmXfRCWil+sDg/Z0DhY+Ag3NBwhJvVgOj7kUKitg4tMy
SvZcpzgbj7AMZoasML7kuLYWJqbWDlKnCHGiRvw8DH+PV9LBp0ECWPPsJL0omg==
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:43:41 2025 by rpki-client