Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/J6dy6i1TAdDHpxeUkU1fiko_R34.roa
File: J6dy6i1TAdDHpxeUkU1fiko_R34.roa (raw, json)
Hash identifier: TUGQ++7lJikYgPq9mQJYqurbmjDhsA+dcD/W3ntx+AA=
Subject key identifier: 27:A7:72:EA:2D:53:01:D0:C7:A7:17:94:91:4D:5F:8A:4A:3F:47:7E
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 0196
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/J6dy6i1TAdDHpxeUkU1fiko_R34.roa
Signing time: Mon 31 Mar 2025 05:49:19 +0000
ROA not before: Mon 31 Mar 2025 05:49:19 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 24413
IP address blocks: 114.28.195.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406 (0x196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Mar 31 05:49:19 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=27A772EA2D5301D0C7A71794914D5F8A4A3F477E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:bc:30:7e:d8:9f:fd:04:2f:b9:40:85:70:d9:
e7:ff:70:b8:7e:b7:3d:e3:1a:91:34:a1:9c:54:f4:
f1:81:ea:04:dd:ba:26:65:37:58:33:d1:d6:c3:f7:
57:33:b8:01:d2:ba:85:66:e3:d6:95:65:c6:75:2b:
c9:39:b2:a5:69:4d:6b:fd:32:ab:f0:8a:f1:db:8f:
ca:b2:68:c5:52:db:29:b0:7a:69:78:93:17:1e:da:
09:31:25:bc:f2:6e:9f:20:c2:87:14:58:1d:82:3b:
7b:ca:ec:fe:02:25:bd:67:e4:c6:b5:dc:84:88:5e:
7d:93:11:39:73:eb:bc:ce:c0:2a:e7:9d:92:8f:66:
b6:fe:5c:a8:03:48:25:91:94:ef:b4:19:ac:34:2c:
1d:7b:02:76:aa:77:e3:ea:48:2c:84:f2:21:f2:f0:
f7:75:3f:6f:4d:0e:68:a4:83:10:ac:2e:26:3a:76:
93:4e:25:cf:19:2c:57:49:af:07:cb:91:ed:51:18:
f5:f1:3a:99:e3:0b:69:80:36:7a:cd:c0:08:3a:a5:
1a:b2:66:16:7d:73:3f:ea:0b:62:d4:77:27:1d:da:
a4:b5:f1:df:27:68:5e:81:51:25:8d:af:25:0e:cd:
fa:1f:88:53:f0:60:9c:9d:63:1b:2d:11:87:19:cf:
c0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A7:72:EA:2D:53:01:D0:C7:A7:17:94:91:4D:5F:8A:4A:3F:47:7E
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/J6dy6i1TAdDHpxeUkU1fiko_R34.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.195.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a2:8b:12:ca:29:fc:b6:29:f8:14:92:31:44:09:9b:b0:e5:
d9:d8:7c:8f:42:e7:5c:f9:63:61:ee:5b:c8:c7:80:61:4b:58:
44:22:6d:63:7c:d8:86:ee:39:62:0d:a1:a2:e8:16:05:21:a3:
db:55:f6:60:a2:75:fd:09:10:74:ed:be:20:2b:61:b7:31:15:
f9:3f:99:ab:81:46:79:2b:8b:db:50:7e:88:97:fb:e5:13:cf:
2f:8a:91:c8:51:dd:b6:a4:39:40:c1:23:39:fa:55:94:18:40:
70:92:95:36:05:64:fa:b0:e6:73:57:36:64:9d:7d:50:cb:fb:
6f:3f:32:82:81:85:2a:b2:62:26:8b:19:c6:f2:4c:a2:ad:30:
09:88:93:ae:0c:b1:f6:83:a8:48:8d:e6:4c:ea:dc:0e:3d:04:
1c:3d:5e:c4:90:ff:f3:18:be:a6:7c:72:ae:5c:26:1f:96:0e:
ad:b8:ed:e5:75:72:bc:35:99:8c:3f:10:9d:1c:05:d6:d4:4c:
c5:b3:0f:fc:a4:81:0c:ba:06:1f:64:43:51:fb:5e:ea:bc:6e:
cd:06:79:3d:93:87:8a:80:68:d5:9f:2e:c3:17:db:42:4f:aa:
bd:de:09:36:46:03:88:44:21:f0:9f:a7:2f:1e:cc:58:71:cc:
36:e2:86:97
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMzEw
NTQ5MTlaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDI3QTc3MkVBMkQ1MzAx
RDBDN0E3MTc5NDkxNEQ1RjhBNEEzRjQ3N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1vDB+2J/9BC+5QIVw2ef/cLh+tz3jGpE0oZxU9PGB6gTduiZl
N1gz0dbD91czuAHSuoVm49aVZcZ1K8k5sqVpTWv9MqvwivHbj8qyaMVS2ymweml4
kxce2gkxJbzybp8gwocUWB2CO3vK7P4CJb1n5Ma13ISIXn2TETlz67zOwCrnnZKP
Zrb+XKgDSCWRlO+0Gaw0LB17Anaqd+PqSCyE8iHy8Pd1P29NDmikgxCsLiY6dpNO
Jc8ZLFdJrwfLke1RGPXxOpnjC2mANnrNwAg6pRqyZhZ9cz/qC2LUdycd2qS18d8n
aF6BUSWNryUOzfofiFPwYJydYxstEYcZz8DTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJ6dy6i1TAdDHpxeUkU1fiko/R34wHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL0o2ZHk2aTFUQWRESHB4
ZVVrVTFmaWtvX1IzNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAByHMMwDQYJKoZIhvcNAQELBQADggEBAIyiixLKKfy2KfgUkjFECZuw5dnYfI9C
51z5Y2HuW8jHgGFLWEQibWN82IbuOWINoaLoFgUho9tV9mCidf0JEHTtviArYbcx
Ffk/mauBRnkri9tQfoiX++UTzy+KkchR3bakOUDBIzn6VZQYQHCSlTYFZPqw5nNX
NmSdfVDL+28/MoKBhSqyYiaLGcbyTKKtMAmIk64MsfaDqEiN5kzq3A49BBw9XsSQ
//MYvqZ8cq5cJh+WDq247eV1crw1mYw/EJ0cBdbUTMWzD/ykgQy6Bh9kQ1H7Xuq8
bs0GeT2Th4qAaNWfLsMX20JPqr3eCTZGA4hEIfCfpy8ezFhxzDbihpc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:37:17 2025 by rpki-client