Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/rJ-4-MAC-kZMxGOexFfSDoj1wj8.roa
File: rJ-4-MAC-kZMxGOexFfSDoj1wj8.roa (raw, json)
Hash identifier: xrl0RjE9xTJ35wOIjaXlgh/SDvDp/JIAcNb//PEDgTQ=
Subject key identifier: AC:9F:B8:F8:C0:02:FA:46:4C:C4:63:9E:C4:57:D2:0E:88:F5:C2:3F
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 18D8
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/rJ-4-MAC-kZMxGOexFfSDoj1wj8.roa
Signing time: Tue 10 Feb 2026 05:00:44 +0000
ROA not before: Tue 10 Feb 2026 05:00:44 +0000
ROA not after: Fri 23 Oct 2026 03:01:03 +0000
asID: 55990
IP address blocks: 116.218.128.0/20 maxlen: 23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6360 (0x18d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Feb 10 05:00:44 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=AC9FB8F8C002FA464CC4639EC457D20E88F5C23F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a6:9a:49:7e:8d:94:c1:f5:90:c5:ca:62:89:
5f:90:2c:1e:ac:bd:50:c2:26:7a:63:47:a0:8a:05:
a8:04:9b:37:14:dc:94:60:40:e7:4e:83:66:b2:95:
8f:b8:f2:7b:de:b1:c9:11:7d:e3:b0:60:cb:0e:5a:
3a:ea:2a:c2:cd:cd:3a:a7:39:9d:d9:24:10:de:3d:
73:07:5c:73:d9:89:a3:b5:8c:40:c8:6a:fd:24:b0:
1e:e2:c8:d7:73:e6:11:43:fa:c3:0b:d3:30:f3:cb:
d2:f0:b5:d2:20:8d:6b:74:4f:e0:83:0f:fb:9b:51:
1b:b8:23:f1:39:86:d1:99:54:56:c2:2b:59:24:ec:
ab:ad:91:bd:dc:61:fd:a8:fe:be:a0:a7:e2:f5:27:
9a:4d:83:fc:08:05:19:21:7c:e0:b9:5b:f0:cb:cc:
a8:ef:13:2a:00:05:15:bb:29:db:f4:56:f1:42:b8:
a2:c1:b1:9f:a8:dc:fc:b5:f9:63:3d:36:4f:fd:55:
5f:0e:4d:fd:a7:83:9c:4a:4b:45:10:f0:9b:f3:29:
7d:dd:b4:e6:4f:27:28:cf:92:d3:e1:24:d3:bc:19:
b8:58:66:38:9b:7e:4b:ee:4c:25:f1:6a:38:12:f1:
a2:62:f6:58:04:1f:5b:a8:87:30:69:50:3a:84:72:
2e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9F:B8:F8:C0:02:FA:46:4C:C4:63:9E:C4:57:D2:0E:88:F5:C2:3F
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/rJ-4-MAC-kZMxGOexFfSDoj1wj8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
116.218.128.0/20
Signature Algorithm: sha256WithRSAEncryption
82:2a:0b:48:5c:d6:a4:07:d2:af:cb:6e:3a:11:ff:ec:da:1e:
22:d1:01:85:dd:c2:b2:7e:38:7a:51:39:5a:9f:d9:ff:c1:e3:
6c:c8:d5:0f:d0:9e:bf:f2:e5:c4:24:c2:6c:f1:77:0c:f3:e9:
5d:bf:46:7e:12:46:48:40:ab:fe:f0:58:05:40:35:08:ad:19:
5c:04:44:a3:cc:a4:d8:00:b3:d7:95:b9:7e:e0:7a:2b:53:95:
ea:f6:7d:35:44:43:85:fa:c4:ba:bb:86:fc:36:85:b9:07:a6:
d0:5d:88:17:ef:b0:21:21:23:4d:f2:7e:57:9c:94:25:36:17:
31:0e:38:75:c8:5e:f8:db:fa:52:d5:c7:2d:df:15:bc:fb:83:
ea:f9:a2:40:82:53:7a:9f:cc:b4:ec:ae:3e:90:1a:0c:58:1b:
78:ad:19:95:d7:3b:02:64:d3:92:c7:c6:6b:6e:21:bf:1c:83:
02:b8:0a:59:49:f9:21:2c:be:2b:32:96:48:f0:b8:4b:56:9d:
65:f4:39:2d:f8:4f:e7:4f:32:06:69:86:dc:c1:68:ba:1b:e9:
20:ee:31:c3:1f:78:83:bd:e7:3e:ff:a1:7e:61:71:5e:08:fd:
8d:67:1b:e4:27:d5:e6:47:5e:a6:5a:9a:a5:d2:d9:bd:4d:0f:
e5:0a:84:5d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNjAyMTAw
NTAwNDRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEFDOUZCOEY4QzAwMkZB
NDY0Q0M0NjM5RUM0NTdEMjBFODhGNUMyM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCspppJfo2UwfWQxcpiiV+QLB6svVDCJnpjR6CKBagEmzcU3JRg
QOdOg2aylY+48nvesckRfeOwYMsOWjrqKsLNzTqnOZ3ZJBDePXMHXHPZiaO1jEDI
av0ksB7iyNdz5hFD+sML0zDzy9LwtdIgjWt0T+CDD/ubURu4I/E5htGZVFbCK1kk
7Kutkb3cYf2o/r6gp+L1J5pNg/wIBRkhfOC5W/DLzKjvEyoABRW7Kdv0VvFCuKLB
sZ+o3Py1+WM9Nk/9VV8OTf2ng5xKS0UQ8JvzKX3dtOZPJyjPktPhJNO8GbhYZjib
fkvuTCXxajgS8aJi9lgEH1uohzBpUDqEci6dAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUrJ+4+MAC+kZMxGOexFfSDoj1wj8wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvckotNC1NQUMta1pN
eEdPZXhGZlNEb2oxd2o4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBHTagDANBgkqhkiG9w0BAQsFAAOCAQEAgioLSFzWpAfSr8tuOhH/7NoeItEB
hd3Csn44elE5Wp/Z/8HjbMjVD9Cev/LlxCTCbPF3DPPpXb9GfhJGSECr/vBYBUA1
CK0ZXAREo8yk2ACz15W5fuB6K1OV6vZ9NURDhfrEuruG/DaFuQem0F2IF++wISEj
TfJ+V5yUJTYXMQ44dche+Nv6UtXHLd8VvPuD6vmiQIJTep/MtOyuPpAaDFgbeK0Z
ldc7AmTTksfGa24hvxyDArgKWUn5ISy+KzKWSPC4S1adZfQ5LfhP508yBmmG3MFo
uhvpIO4xwx94g73nPv+hfmFxXgj9jWcb5CfV5kdeplqapdLZvU0P5QqEXQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:40:21 2026 by rpki-client