Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/OUun0HMhXPaiD6y5ogfS4CTO24Y.roa
File: OUun0HMhXPaiD6y5ogfS4CTO24Y.roa (raw, json)
Hash identifier: /3l+elsIjp/W0z9sDFfJPpt7c/lDDP2vqrz8QQkd2Hk=
Subject key identifier: 39:4B:A7:D0:73:21:5C:F6:A2:0F:AC:B9:A2:07:D2:E0:24:CE:DB:86
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 01A0
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/OUun0HMhXPaiD6y5ogfS4CTO24Y.roa
Signing time: Mon 31 Mar 2025 15:31:12 +0000
ROA not before: Mon 31 Mar 2025 15:31:12 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 142132
IP address blocks: 114.28.201.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416 (0x1a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Mar 31 15:31:12 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=394BA7D073215CF6A20FACB9A207D2E024CEDB86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7a:be:17:10:90:85:0a:fe:e0:06:a3:ee:0e:
a3:1d:cc:6c:ff:2f:78:89:3e:ec:98:a7:f3:4e:ef:
ad:de:8c:02:c0:f2:e5:0c:33:74:e2:d0:ce:c4:37:
d1:0d:ca:6f:36:07:bc:b3:43:20:1f:24:60:0a:0d:
63:6c:d8:39:2d:c2:50:8c:97:33:fe:d2:b7:d5:f4:
0b:13:70:91:c9:4a:df:e7:5b:90:50:50:4f:bc:00:
83:4c:cf:38:51:38:e4:1d:6f:93:8b:75:4d:6d:ea:
fe:ab:bb:9e:17:c9:0a:4b:ac:7d:10:e0:ef:9d:c5:
ec:0a:f9:f0:0c:a0:06:1e:19:1f:aa:4b:c8:a3:7e:
5a:5d:0d:83:2d:dd:a1:f6:3a:e9:d0:12:b5:42:e0:
b0:12:18:38:6e:8a:95:4f:3a:7f:ea:6e:00:dc:94:
ca:f9:dc:b3:c8:28:44:27:91:eb:82:03:fe:10:af:
2b:75:7b:e6:39:bd:06:8b:ae:e6:50:7b:cc:0a:b7:
65:12:a7:51:a3:a1:85:fe:f9:2f:3a:58:8c:46:6b:
45:2a:f4:2d:08:ca:f0:4a:50:c0:3e:12:48:46:34:
48:df:48:99:30:8e:80:e1:09:4a:b6:44:e0:4f:18:
3c:e8:4d:ee:a9:5a:50:98:c6:1c:6c:a1:b3:b3:12:
5c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4B:A7:D0:73:21:5C:F6:A2:0F:AC:B9:A2:07:D2:E0:24:CE:DB:86
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/OUun0HMhXPaiD6y5ogfS4CTO24Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.201.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:45:49:77:e5:f4:e4:a8:be:80:ab:db:ef:a5:8e:9c:9c:8e:
85:b5:d5:cb:df:7d:cb:8e:0d:ec:ec:95:c4:9d:e2:dd:fc:e8:
a4:98:10:58:ac:c1:a4:08:74:1a:78:a0:5b:01:c3:bc:a8:60:
16:89:af:f9:18:74:f4:da:70:1e:b5:d7:3c:07:ec:eb:9e:a0:
43:74:00:28:79:51:be:0e:2e:4d:4b:95:4e:dd:99:a9:f7:15:
0a:89:36:17:37:82:fe:41:e3:44:1f:8e:c6:f4:8f:d5:5a:ca:
49:31:57:3b:03:a1:9c:6b:f2:13:6d:76:7b:02:55:61:5b:c8:
de:ca:29:e9:5e:df:9f:e2:57:f4:d0:91:c4:51:8a:14:70:de:
72:2a:a0:7e:6b:b2:1e:de:a1:c4:bd:eb:89:4a:e2:80:ca:a3:
73:10:3d:5b:22:b9:54:2f:bd:f8:a8:8b:65:59:0d:a4:d7:c3:
7b:58:aa:6c:98:75:5c:9a:a7:1c:7d:b7:16:df:fd:c5:14:3d:
c2:c8:9b:0c:3f:41:2d:0a:5b:28:3e:61:79:9c:d6:8b:c9:bf:
c0:07:fd:b3:20:17:89:80:c0:5f:df:40:bc:d9:8f:39:6d:00:
7e:eb:e2:ba:00:92:8b:2b:d0:51:4d:25:87:a0:b3:b5:84:66:
d4:d5:5d:58
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMzEx
NTMxMTJaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDM5NEJBN0QwNzMyMTVD
RjZBMjBGQUNCOUEyMDdEMkUwMjRDRURCODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcer4XEJCFCv7gBqPuDqMdzGz/L3iJPuyYp/NO763ejALA8uUM
M3Ti0M7EN9ENym82B7yzQyAfJGAKDWNs2DktwlCMlzP+0rfV9AsTcJHJSt/nW5BQ
UE+8AINMzzhROOQdb5OLdU1t6v6ru54XyQpLrH0Q4O+dxewK+fAMoAYeGR+qS8ij
flpdDYMt3aH2OunQErVC4LASGDhuipVPOn/qbgDclMr53LPIKEQnkeuCA/4Qryt1
e+Y5vQaLruZQe8wKt2USp1GjoYX++S86WIxGa0Uq9C0IyvBKUMA+EkhGNEjfSJkw
joDhCUq2ROBPGDzoTe6pWlCYxhxsobOzElynAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOUun0HMhXPaiD6y5ogfS4CTO24YwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL09VdW4wSE1oWFBhaUQ2
eTVvZ2ZTNENUTzI0WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAByHMkwDQYJKoZIhvcNAQELBQADggEBAB9FSXfl9OSovoCr2++ljpycjoW11cvf
fcuODezslcSd4t386KSYEFiswaQIdBp4oFsBw7yoYBaJr/kYdPTacB611zwH7Oue
oEN0ACh5Ub4OLk1LlU7dman3FQqJNhc3gv5B40Qfjsb0j9VaykkxVzsDoZxr8hNt
dnsCVWFbyN7KKele35/iV/TQkcRRihRw3nIqoH5rsh7eocS964lK4oDKo3MQPVsi
uVQvvfioi2VZDaTXw3tYqmyYdVyapxx9txbf/cUUPcLImww/QS0KWyg+YXmc1ovJ
v8AH/bMgF4mAwF/fQLzZjzltAH7r4roAkosr0FFNJYegs7WEZtTVXVg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:39:45 2025 by rpki-client