Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3326/JKY302RrnS4GbcRESgtfcZrxR24.roa
File: JKY302RrnS4GbcRESgtfcZrxR24.roa (raw, json)
Hash identifier: 7LQt5OQigcUtAmt+UeQjr/IfjHtRcZFjhgjPGRieVPI=
Subject key identifier: 24:A6:37:D3:64:6B:9D:2E:06:6D:C4:44:4A:0B:5F:71:9A:F1:47:6E
Certificate issuer: /CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C
Certificate serial: 057A
Authority key identifier: 6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/JKY302RrnS4GbcRESgtfcZrxR24.roa
Signing time: Fri 01 Aug 2025 06:34:45 +0000
ROA not before: Fri 01 Aug 2025 06:34:45 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 134768
IP address blocks: 103.236.82.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1402 (0x57a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C
Validity
Not Before: Aug 1 06:34:45 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=24A637D3646B9D2E066DC4444A0B5F719AF1476E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:24:4e:d0:8a:c2:77:47:2f:c9:84:43:76:fc:
9d:1e:f0:e3:c5:b8:95:81:2d:03:71:0b:b3:c2:00:
c3:a4:57:04:c1:8a:78:78:d8:8a:38:f3:6c:97:14:
05:1b:da:71:2a:35:50:ac:99:4a:80:d6:d7:77:2f:
4b:9e:cd:ac:3a:d2:7d:30:c0:7b:5c:fd:95:23:3a:
a0:4d:ce:41:4f:6f:ea:10:2b:d8:a3:8f:61:14:cf:
3c:e3:42:a1:69:ee:ee:ec:da:e9:8d:9d:e7:1d:8b:
31:3b:0c:a8:24:10:1e:4d:56:b7:0b:ea:cc:7f:f4:
db:71:7c:53:dd:09:99:7e:be:89:89:f5:2d:e7:f2:
1b:a2:6f:72:b6:a4:19:7d:12:cf:e8:50:91:4d:35:
a5:ca:71:93:90:d4:5a:01:ea:df:d8:59:14:ea:96:
14:04:33:a6:48:72:b3:d0:e0:6b:d4:15:62:24:95:
43:5f:c9:17:6b:17:fa:9f:e4:39:23:98:22:33:c9:
ff:ac:2b:5b:e6:c3:07:6a:ab:3d:c0:30:1e:cd:24:
01:d2:f7:70:4b:2b:23:07:3d:fb:6d:8e:10:87:dd:
0d:7d:76:4a:39:79:45:6d:35:8b:cd:31:86:1f:72:
e6:0e:7b:d4:39:b2:18:f2:fe:fc:21:fe:36:93:a4:
59:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A6:37:D3:64:6B:9D:2E:06:6D:C4:44:4A:0B:5F:71:9A:F1:47:6E
X509v3 Authority Key Identifier:
keyid:6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/JKY302RrnS4GbcRESgtfcZrxR24.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.236.82.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ae:b2:89:3c:01:1d:03:14:20:8c:ed:d2:27:ad:54:04:1e:
e8:dd:9e:ed:0d:90:c0:70:a4:a1:30:b7:4d:35:72:08:c6:eb:
85:79:1a:a2:3a:9e:8b:d3:b1:25:4a:e9:ce:ef:37:10:6d:bb:
1b:7c:fc:84:cf:1c:b8:bb:36:50:6b:b4:c0:9c:4a:32:6c:54:
79:e3:e4:05:a2:5a:bd:97:86:1b:b2:42:da:85:1c:3d:5b:79:
87:11:b6:00:39:cd:ed:6a:39:04:4d:d4:f2:f3:96:24:34:ce:
c0:de:7c:c0:72:80:d5:1b:d4:8b:fb:74:66:d8:f5:7c:67:fc:
87:e0:ef:c3:6a:44:86:c8:39:21:bb:41:bd:75:6d:fa:28:0a:
2c:9c:26:4e:17:a3:4f:08:c4:1e:ea:66:58:33:ac:46:76:ef:
2b:78:b9:46:66:d3:10:b2:1e:5d:62:dc:77:1a:cd:09:3d:de:
2c:29:01:5e:3e:20:e5:5f:47:34:90:4b:e8:e0:8f:02:bc:26:
1e:71:46:e2:a8:16:90:92:ef:dc:a0:bb:46:5f:a6:1f:81:45:
ba:74:02:83:41:3e:2a:d9:ef:af:51:b1:15:bf:7f:cb:5b:1d:
aa:0b:9f:7c:22:29:b2:71:61:ea:a5:79:1a:e5:29:f4:18:b3:
91:e8:d4:3d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEx
MUVFNDc0MjVEMTRFQkFGMkZDRDI0RDIwNjJCMEE1MkJBMDQyQzAeFw0yNTA4MDEw
NjM0NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI0QTYzN0QzNjQ2QjlE
MkUwNjZEQzQ0NDRBMEI1RjcxOUFGMTQ3NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8JE7QisJ3Ry/JhEN2/J0e8OPFuJWBLQNxC7PCAMOkVwTBinh4
2Io482yXFAUb2nEqNVCsmUqA1td3L0uezaw60n0wwHtc/ZUjOqBNzkFPb+oQK9ij
j2EUzzzjQqFp7u7s2umNnecdizE7DKgkEB5NVrcL6sx/9NtxfFPdCZl+vomJ9S3n
8huib3K2pBl9Es/oUJFNNaXKcZOQ1FoB6t/YWRTqlhQEM6ZIcrPQ4GvUFWIklUNf
yRdrF/qf5DkjmCIzyf+sK1vmwwdqqz3AMB7NJAHS93BLKyMHPfttjhCH3Q19dko5
eUVtNYvNMYYfcuYOe9Q5shjy/vwh/jaTpFm3AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUJKY302RrnS4GbcRESgtfcZrxR24wHwYDVR0jBBgwFoAUahHuR0JdFOuvL80k
0gYrClK6BCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
Ni9haEh1UjBKZEZPdXZMODBrMGdZckNsSzZCQ3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2FoSHVSMEpkRk91dkw4MGswZ1lyQ2xLNkJDdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjYvSktZMzAyUnJuUzRH
YmNSRVNndGZjWnJ4UjI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGfsUjANBgkqhkiG9w0BAQsFAAOCAQEAJK6yiTwBHQMUIIzt0ietVAQe6N2e
7Q2QwHCkoTC3TTVyCMbrhXkaojqei9OxJUrpzu83EG27G3z8hM8cuLs2UGu0wJxK
MmxUeePkBaJavZeGG7JC2oUcPVt5hxG2ADnN7Wo5BE3U8vOWJDTOwN58wHKA1RvU
i/t0Ztj1fGf8h+Dvw2pEhsg5IbtBvXVt+igKLJwmThejTwjEHupmWDOsRnbvK3i5
RmbTELIeXWLcdxrNCT3eLCkBXj4g5V9HNJBL6OCPArwmHnFG4qgWkJLv3KC7Rl+m
H4FFunQCg0E+Ktnvr1GxFb9/y1sdqguffCIpsnFh6qV5GuUp9BizkejUPQ==
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:32:40 2025 by rpki-client