Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/h6IigAHQTvufsTVGRtf3LVHt5rc.roa
File: h6IigAHQTvufsTVGRtf3LVHt5rc.roa (raw, json)
Hash identifier: mnjF2uSX2BUy0FUGkbab260johYF3bE+fxzCc9zlpeY=
Subject key identifier: 87:A2:22:80:01:D0:4E:FB:9F:B1:35:46:46:D7:F7:2D:51:ED:E6:B7
Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Certificate serial: 1DA6
Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/h6IigAHQTvufsTVGRtf3LVHt5rc.roa
Signing time: Thu 24 Apr 2025 09:10:07 +0000
ROA not before: Thu 24 Apr 2025 09:10:07 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 45110
IP address blocks: 111.118.200.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7590 (0x1da6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Validity
Not Before: Apr 24 09:10:07 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=87A2228001D04EFB9FB1354646D7F72D51EDE6B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:17:8a:af:86:64:7a:78:52:7a:27:7d:63:35:
81:b2:2c:64:65:be:ae:94:4b:71:2a:66:2c:5d:ef:
84:3f:f7:f1:ac:b4:91:23:02:1b:21:ab:2e:44:45:
a2:80:88:0d:5a:f0:d1:ba:cb:e8:b5:f4:cf:2a:b8:
38:9a:17:fd:42:c4:de:2b:21:0d:73:0f:16:64:49:
73:ca:c8:95:85:c7:f0:b0:75:a1:78:62:fa:2b:4a:
b9:f3:37:ad:4c:14:d0:88:15:d4:95:9c:0b:83:26:
04:6c:61:ef:33:d9:c1:f2:c9:34:2e:1e:bb:8c:da:
f5:e4:15:6e:ed:f1:07:38:e9:61:54:ab:a4:aa:c6:
c7:08:00:81:7b:60:5c:33:42:81:f8:63:2e:c6:2b:
8e:1d:92:6b:26:d0:41:40:5e:bf:f4:68:5d:7d:91:
1f:7b:b5:4e:16:5d:c3:71:ae:8b:36:1e:22:fc:94:
88:dc:d7:18:5c:16:a5:30:4d:a3:0b:e4:6c:af:96:
4c:e1:3d:73:f2:ed:c8:0d:a3:e7:2b:f9:e9:69:d8:
5e:00:ca:1c:4e:bf:2e:79:2f:8c:da:0e:90:82:72:
0e:64:d3:a0:c0:8b:50:96:17:0a:1a:21:f0:c7:3f:
9e:f2:cd:7d:b7:61:4a:7d:ba:8f:a6:bc:fe:03:54:
fb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A2:22:80:01:D0:4E:FB:9F:B1:35:46:46:D7:F7:2D:51:ED:E6:B7
X509v3 Authority Key Identifier:
keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/h6IigAHQTvufsTVGRtf3LVHt5rc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.118.200.0/24
Signature Algorithm: sha256WithRSAEncryption
49:1f:3a:f7:56:24:1e:3e:05:f3:b1:82:b3:a1:7a:ee:ff:37:
e4:1f:c3:79:95:db:3c:37:6f:62:93:4c:38:d2:ab:76:ae:4c:
7b:51:3c:31:7a:2e:ed:a8:96:63:35:c9:d0:ab:af:e2:db:d0:
e5:91:5c:18:09:e6:87:0b:43:97:7d:ed:97:76:72:57:d4:b2:
8c:ed:5e:c7:e1:3c:18:e4:06:31:bb:4c:10:8b:dd:51:fe:29:
c8:22:d7:37:5a:58:b2:2f:17:e8:b4:e4:96:e2:76:f3:59:95:
98:74:71:8b:fd:07:79:64:40:95:43:9e:8a:65:54:df:e2:11:
81:96:d6:64:f2:6f:2e:56:ab:c4:d2:f4:d9:d9:21:5c:46:d5:
14:6b:ed:7a:a2:11:6e:6a:1d:82:b4:ce:35:09:8c:c7:c0:0a:
c5:39:34:8b:4f:99:93:e2:e7:ed:f9:03:2c:50:6e:91:88:22:
2b:08:f3:58:d2:ad:8e:7a:ac:cc:c4:ad:24:92:f5:55:66:65:
2e:37:ef:1e:f8:3e:02:6b:4f:dd:67:f0:df:51:8e:e6:7a:09:
ab:47:77:90:b7:ad:18:ad:d3:e1:3f:44:11:1c:be:2b:11:0e:
71:13:99:91:e3:80:74:69:08:c4:56:8e:83:ce:c9:82:ed:fd:
d9:28:22:c7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHaYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1
MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA0MjQw
OTEwMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg3QTIyMjgwMDFEMDRF
RkI5RkIxMzU0NjQ2RDdGNzJENTFFREU2QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvF4qvhmR6eFJ6J31jNYGyLGRlvq6US3EqZixd74Q/9/GstJEj
Ahshqy5ERaKAiA1a8NG6y+i19M8quDiaF/1CxN4rIQ1zDxZkSXPKyJWFx/CwdaF4
YvorSrnzN61MFNCIFdSVnAuDJgRsYe8z2cHyyTQuHruM2vXkFW7t8Qc46WFUq6Sq
xscIAIF7YFwzQoH4Yy7GK44dkmsm0EFAXr/0aF19kR97tU4WXcNxros2HiL8lIjc
1xhcFqUwTaML5GyvlkzhPXPy7cgNo+cr+elp2F4AyhxOvy55L4zaDpCCcg5k06DA
i1CWFwoaIfDHP57yzX23YUp9uo+mvP4DVPuTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUh6IigAHQTvufsTVGRtf3LVHt5rcwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt
4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx
L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL2g2SWlnQUhRVHZ1ZnNU
VkdSdGYzTFZIdDVyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABvdsgwDQYJKoZIhvcNAQELBQADggEBAEkfOvdWJB4+BfOxgrOheu7/N+Qfw3mV
2zw3b2KTTDjSq3auTHtRPDF6Lu2olmM1ydCrr+Lb0OWRXBgJ5ocLQ5d97Zd2clfU
soztXsfhPBjkBjG7TBCL3VH+Kcgi1zdaWLIvF+i05JbidvNZlZh0cYv9B3lkQJVD
noplVN/iEYGW1mTyby5Wq8TS9NnZIVxG1RRr7XqiEW5qHYK0zjUJjMfACsU5NItP
mZPi5+35AyxQbpGIIisI81jSrY56rMzErSSS9VVmZS437x74PgJrT91n8N9RjuZ6
CatHd5C3rRit0+E/RBEcvisRDnETmZHjgHRpCMRWjoPOyYLt/dkoIsc=
-----END CERTIFICATE-----
Generated at Sun Jun 22 14:43:58 2025 by rpki-client