Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/MpEEAbjqgsDpxSU_JKGOFVxS6BE.roa
File: MpEEAbjqgsDpxSU_JKGOFVxS6BE.roa (raw, json)
Hash identifier: PjFuotNFoqKAgH2j5liIMl7AEnz5USP5lS26VvHIprY=
Subject key identifier: 32:91:04:01:B8:EA:82:C0:E9:C5:25:3F:24:A1:8E:15:5C:52:E8:11
Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Certificate serial: 135F
Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/MpEEAbjqgsDpxSU_JKGOFVxS6BE.roa
Signing time: Mon 21 Apr 2025 07:31:47 +0000
ROA not before: Mon 21 Apr 2025 07:31:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146806
IP address blocks: 45.250.154.0/23 maxlen: 23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4959 (0x135f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Validity
Not Before: Apr 21 07:31:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=32910401B8EA82C0E9C5253F24A18E155C52E811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:19:02:1f:45:b2:8e:6a:18:db:12:a4:ef:66:
ff:5c:8d:5b:28:0a:14:22:89:a9:4e:0c:6a:cb:8f:
03:3a:5a:21:4d:1c:fa:aa:2b:35:c0:58:95:d1:3a:
20:95:16:39:65:7c:6f:69:e1:06:a1:21:a1:26:4e:
50:3f:5b:59:45:10:bb:61:b1:52:d1:26:6f:ed:1b:
1d:ef:e4:71:b2:80:9c:7a:01:81:51:73:80:91:16:
4d:4b:b9:0a:fd:3e:4e:f8:50:bc:66:14:46:e4:e0:
c4:45:0b:55:6f:41:81:1f:d0:1e:77:22:8e:5c:f2:
79:b7:68:fc:b5:c8:21:96:34:34:11:24:a9:4f:df:
a0:6b:24:74:c6:bd:c1:ef:1b:58:3f:21:67:97:47:
13:41:fd:1b:d0:e6:6b:1a:07:6d:20:92:bc:32:55:
35:a9:8a:b1:ae:0d:3e:10:69:97:55:cd:b0:aa:c9:
c7:9b:d2:1c:dc:ca:82:b7:92:eb:c6:bd:db:6f:48:
fb:09:88:66:02:5a:0c:09:41:4c:4e:e2:b1:22:83:
e4:ed:7c:65:8c:a8:62:fc:bb:c7:cd:3e:7e:74:e3:
c8:0e:0b:7d:36:77:97:88:c1:42:e4:9d:f8:42:08:
9a:14:02:9d:8e:c4:3c:05:1d:29:cf:e2:b4:ec:2d:
db:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:91:04:01:B8:EA:82:C0:E9:C5:25:3F:24:A1:8E:15:5C:52:E8:11
X509v3 Authority Key Identifier:
keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/MpEEAbjqgsDpxSU_JKGOFVxS6BE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.154.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:7f:da:e7:e1:c8:f7:3c:59:51:e0:ad:23:4e:76:b1:d2:ba:
05:77:be:8a:80:6f:aa:bd:f9:90:a8:ea:0e:8e:b8:a2:5c:b4:
84:1d:76:25:21:4f:65:a3:11:21:d3:21:51:1a:d6:d1:06:12:
f4:c1:78:3e:59:7f:11:b4:fe:4a:3e:a3:c1:2c:6c:0b:b7:bb:
be:03:4f:dc:d7:54:14:a7:81:0d:ec:cb:4b:86:6e:49:43:38:
ca:25:53:e5:71:90:8b:3a:5d:fd:8b:9c:8c:7c:87:82:34:17:
1d:c5:a6:55:e4:d5:f8:8b:93:35:a9:2d:9d:79:95:80:55:75:
13:48:78:57:08:32:fe:83:fb:34:aa:4e:14:e1:01:9c:a7:f8:
de:e5:3f:91:86:a4:8e:31:ac:db:cf:5d:01:f7:47:41:a3:c6:
f3:f6:45:bf:ba:4e:6c:6d:7a:82:3c:b3:77:92:ad:12:98:43:
2e:be:51:2f:0a:eb:6e:8c:0c:dc:3c:d5:79:74:67:e1:3d:cf:
3c:b6:33:72:71:9e:ce:40:7d:29:54:5d:2f:0a:b9:ae:50:95:
82:46:de:dd:6b:37:a3:d8:a3:a0:44:e9:1d:42:94:33:27:ad:
17:6c:f2:2b:81:63:a3:f2:ef:a4:cf:cd:55:98:7e:d3:47:02:
53:87:b3:6d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw
OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA0MjEw
NzMxNDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMyOTEwNDAxQjhFQTgy
QzBFOUM1MjUzRjI0QTE4RTE1NUM1MkU4MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBGQIfRbKOahjbEqTvZv9cjVsoChQiialODGrLjwM6WiFNHPqq
KzXAWJXROiCVFjllfG9p4QahIaEmTlA/W1lFELthsVLRJm/tGx3v5HGygJx6AYFR
c4CRFk1LuQr9Pk74ULxmFEbk4MRFC1VvQYEf0B53Io5c8nm3aPy1yCGWNDQRJKlP
36BrJHTGvcHvG1g/IWeXRxNB/RvQ5msaB20gkrwyVTWpirGuDT4QaZdVzbCqyceb
0hzcyoK3kuvGvdtvSPsJiGYCWgwJQUxO4rEig+TtfGWMqGL8u8fNPn5048gOC302
d5eIwULknfhCCJoUAp2OxDwFHSnP4rTsLdtzAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUMpEEAbjqgsDpxSU/JKGOFVxS6BEwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R
7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2
OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvTXBFRUFianFnc0Rw
eFNVX0pLR09GVnhTNkJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAS36mjANBgkqhkiG9w0BAQsFAAOCAQEAC3/a5+HI9zxZUeCtI052sdK6BXe+
ioBvqr35kKjqDo64oly0hB12JSFPZaMRIdMhURrW0QYS9MF4Pll/EbT+Sj6jwSxs
C7e7vgNP3NdUFKeBDezLS4ZuSUM4yiVT5XGQizpd/YucjHyHgjQXHcWmVeTV+IuT
NaktnXmVgFV1E0h4Vwgy/oP7NKpOFOEBnKf43uU/kYakjjGs289dAfdHQaPG8/ZF
v7pObG16gjyzd5KtEphDLr5RLwrrbowM3DzVeXRn4T3PPLYzcnGezkB9KVRdLwq5
rlCVgkbe3Ws3o9ijoETpHUKUMyetF2zyK4Fjo/LvpM/NVZh+00cCU4ezbQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:39:29 2025 by rpki-client