Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/AwDnNdlXhmtGC0ugiFb2pDyPhu8.roa
File: AwDnNdlXhmtGC0ugiFb2pDyPhu8.roa (raw, json)
Hash identifier: O6tb1orxfnA1ChZUEGxluLrgm0rspr2hFs3bSnjZsKQ=
Subject key identifier: 03:00:E7:35:D9:57:86:6B:46:0B:4B:A0:88:56:F6:A4:3C:8F:86:EF
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 22DE
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/AwDnNdlXhmtGC0ugiFb2pDyPhu8.roa
Signing time: Wed 29 Oct 2025 05:58:43 +0000
ROA not before: Wed 29 Oct 2025 05:58:43 +0000
ROA not after: Fri 23 Oct 2026 03:01:03 +0000
asID: 4811
IP address blocks: 2406:d440:210::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8926 (0x22de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Oct 29 05:58:43 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=0300E735D957866B460B4BA08856F6A43C8F86EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:8d:39:78:a6:56:04:65:60:c1:3a:59:94:
16:d8:03:55:46:59:2f:7c:67:89:77:e6:79:1a:a6:
c5:a2:89:51:15:30:89:2d:50:46:9b:b4:e7:6a:05:
48:c0:d0:0f:ec:58:4a:03:59:c4:3d:04:5f:86:98:
08:83:e8:b1:ba:92:8d:31:a1:eb:52:20:13:3a:6b:
c7:13:34:5b:af:c0:f6:07:50:5c:60:f6:e5:6d:4c:
91:ae:0a:c1:58:73:10:68:e6:c8:b5:db:f6:ad:d1:
45:77:f5:ca:1e:81:ba:47:71:95:0c:8e:ee:6a:bc:
00:15:55:90:f7:67:7a:a4:0e:b5:e7:aa:e4:65:1c:
c8:b8:b9:f6:7f:9a:4c:43:fe:54:cb:da:93:52:5c:
55:b0:70:51:3f:f0:0e:ea:9e:04:51:e0:dd:5c:2b:
af:8e:41:55:3c:df:5a:66:d0:5c:fa:55:58:c3:26:
d2:61:45:55:05:60:b5:da:20:91:fe:a7:d2:15:7a:
f0:4d:91:c7:ae:61:42:9b:5a:33:c9:a9:b0:11:ae:
c7:8a:ed:74:2e:76:e9:fc:e8:7d:1b:37:b8:ba:c7:
b0:7c:18:92:c8:61:55:73:9b:60:8a:b7:ec:d0:dc:
90:42:8a:65:ad:78:da:f1:79:77:cc:6d:7e:14:5c:
3a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:00:E7:35:D9:57:86:6B:46:0B:4B:A0:88:56:F6:A4:3C:8F:86:EF
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/AwDnNdlXhmtGC0ugiFb2pDyPhu8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:d440:210::/44
Signature Algorithm: sha256WithRSAEncryption
28:fe:f0:35:4b:1d:d5:ec:10:13:b6:4c:82:6e:46:95:18:f3:
fa:22:b7:7b:b9:fa:db:38:08:ba:f3:6c:0c:b9:0b:6a:20:8b:
c8:39:59:09:9c:0c:7a:70:11:f2:cd:f8:1c:05:e7:a2:93:37:
06:e6:8c:62:3d:c6:3e:36:a1:ee:07:6b:91:cc:50:13:70:be:
cc:63:e1:ad:21:e2:13:1f:bb:64:76:ab:32:b3:53:45:54:d7:
ea:9b:66:82:d2:af:ca:3d:f9:04:46:34:20:29:13:29:8c:b8:
e5:b8:89:e3:57:80:1b:f6:1c:2c:a4:cb:8c:18:e0:40:0e:16:
c4:f3:eb:2c:f4:07:98:d9:f7:ab:3a:f6:b5:7d:ff:8c:00:83:
62:f6:ef:82:92:bb:cb:6d:fa:ef:d1:cf:4c:3a:49:84:fe:2b:
60:b2:83:c1:4c:78:e5:89:3d:00:81:bd:6b:a4:82:bb:37:5f:
7f:bc:d5:86:be:34:76:f3:6c:f2:d6:0b:71:35:bb:e6:2d:a5:
c5:47:15:6e:fe:d5:80:da:e4:8b:eb:9b:15:b8:76:5e:7a:c9:
8a:ed:2d:d9:a8:8a:e2:70:db:70:75:e7:fd:f7:d4:19:e9:0e:
12:63:e8:f9:06:09:24:a5:87:ab:d3:ff:d6:a6:12:c1:95:15:
41:a8:cb:08
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICIt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTEwMjkw
NTU4NDNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDAzMDBFNzM1RDk1Nzg2
NkI0NjBCNEJBMDg4NTZGNkE0M0M4Rjg2RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6vY05eKZWBGVgwTpZlBbYA1VGWS98Z4l35nkapsWiiVEVMIkt
UEabtOdqBUjA0A/sWEoDWcQ9BF+GmAiD6LG6ko0xoetSIBM6a8cTNFuvwPYHUFxg
9uVtTJGuCsFYcxBo5si12/at0UV39coegbpHcZUMju5qvAAVVZD3Z3qkDrXnquRl
HMi4ufZ/mkxD/lTL2pNSXFWwcFE/8A7qngRR4N1cK6+OQVU831pm0Fz6VVjDJtJh
RVUFYLXaIJH+p9IVevBNkceuYUKbWjPJqbARrseK7XQudun86H0bN7i6x7B8GJLI
YVVzm2CKt+zQ3JBCimWteNrxeXfMbX4UXDrTAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUAwDnNdlXhmtGC0ugiFb2pDyPhu8wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvQXdEbk5kbFhobXRH
QzB1Z2lGYjJwRHlQaHU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQG1EACEDANBgkqhkiG9w0BAQsFAAOCAQEAKP7wNUsd1ewQE7ZMgm5GlRjz
+iK3e7n62zgIuvNsDLkLaiCLyDlZCZwMenAR8s34HAXnopM3BuaMYj3GPjah7gdr
kcxQE3C+zGPhrSHiEx+7ZHarMrNTRVTX6ptmgtKvyj35BEY0ICkTKYy45biJ41eA
G/YcLKTLjBjgQA4WxPPrLPQHmNn3qzr2tX3/jACDYvbvgpK7y23679HPTDpJhP4r
YLKDwUx45Yk9AIG9a6SCuzdff7zVhr40dvNs8tYLcTW75i2lxUcVbv7VgNrki+ub
Fbh2XnrJiu0t2aiK4nDbcHXn/ffUGekOEmPo+QYJJKWHq9P/1qYSwZUVQajLCA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:24:04 2025 by rpki-client