Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/RwjlVL9wCojI3agwjtTb2oqNREk.roa
File: RwjlVL9wCojI3agwjtTb2oqNREk.roa (raw, json)
Hash identifier: gdCZCGvA6m2AKPsMu7skbNe22iB/IgH0naSBsF+QvoM=
Subject key identifier: 47:08:E5:54:BF:70:0A:88:C8:DD:A8:30:8E:D4:DB:DA:8A:8D:44:49
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 023D
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/RwjlVL9wCojI3agwjtTb2oqNREk.roa
Signing time: Thu 24 Apr 2025 08:50:26 +0000
ROA not before: Thu 24 Apr 2025 08:50:26 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 142132
IP address blocks: 202.46.42.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 573 (0x23d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Apr 24 08:50:26 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4708E554BF700A88C8DDA8308ED4DBDA8A8D4449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b8:15:28:7b:89:af:9e:d2:29:b2:be:b5:96:
4f:d2:dc:34:78:cf:c4:93:1b:7a:90:80:ab:dc:55:
c1:4f:1d:08:2b:11:ff:da:a5:04:58:0e:32:f6:87:
26:b8:60:72:97:79:73:86:f7:c2:6d:a6:60:15:00:
56:e4:bd:e6:f3:07:cd:b5:d7:7a:0d:0c:57:e6:aa:
a4:4d:bf:bc:ec:5f:e1:33:51:85:af:79:c0:06:31:
06:0b:53:2a:ed:65:f0:dd:4f:a3:66:4a:b9:c9:25:
c3:e5:52:78:db:02:a1:d2:19:00:5d:e3:d3:57:d7:
85:f2:2d:29:34:96:3c:f2:73:89:e2:79:09:a5:ae:
ee:3b:64:55:89:9b:f4:25:58:30:c3:b6:37:83:f8:
50:bd:d6:b1:ec:11:33:8e:b1:9e:e1:fd:14:6c:36:
52:b2:0f:48:57:4c:f1:bc:a6:f7:98:55:2e:06:35:
6c:a8:e0:b6:0e:d8:a2:52:c0:a5:14:4d:7d:b0:20:
17:a9:95:d7:de:a0:3a:37:34:50:c7:33:20:24:64:
a0:d7:01:fe:8a:12:67:70:72:a2:37:ff:81:8e:7c:
de:a0:dc:f4:fb:5d:8a:1c:ae:7a:d0:75:4f:e1:10:
37:60:69:ef:25:24:3b:f9:4c:f3:ee:8e:63:67:1b:
40:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:08:E5:54:BF:70:0A:88:C8:DD:A8:30:8E:D4:DB:DA:8A:8D:44:49
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/RwjlVL9wCojI3agwjtTb2oqNREk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.46.42.0/24
Signature Algorithm: sha256WithRSAEncryption
40:78:85:66:83:99:6b:62:00:77:7a:6b:6c:7e:fd:24:26:a3:
d8:34:b6:de:68:92:71:b3:f6:35:43:e3:09:bb:78:80:e7:3d:
b3:31:0e:50:75:ad:30:51:98:ac:42:48:1c:85:a2:d0:81:1c:
57:b5:10:ef:96:b5:fb:18:de:07:47:d5:8a:bf:60:3a:b2:b7:
39:57:11:22:0e:70:06:18:01:a2:6f:52:1e:e3:a9:62:f6:3b:
7b:75:19:c9:12:79:77:05:90:64:2e:0e:12:32:af:da:ef:2c:
82:b6:91:4c:32:d8:40:83:4e:2b:b4:fb:67:6b:b4:52:d9:f4:
07:e1:fc:ef:15:e6:b7:c7:f8:e3:fa:45:b0:3d:96:6e:d2:48:
e3:a1:fa:82:eb:18:73:ca:64:74:23:d0:b8:5e:af:b8:c0:25:
fa:58:9e:c2:99:17:f9:f9:6a:ae:3a:55:04:70:85:08:29:36:
a3:d3:bb:a8:81:99:cc:f3:b9:86:8a:90:49:8d:95:6e:b0:49:
0f:34:0b:c3:22:77:5c:fb:22:37:a1:d9:19:d1:d8:37:96:92:
be:d1:ed:0a:3c:8c:81:2a:ff:c5:79:9a:85:57:24:8c:10:27:
6c:2a:79:d7:71:2d:90:8f:80:15:b2:e2:9d:6d:f1:c2:6b:b2:
e7:c6:15:32
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAj0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw
ODUwMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ3MDhFNTU0QkY3MDBB
ODhDOEREQTgzMDhFRDREQkRBOEE4RDQ0NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/uBUoe4mvntIpsr61lk/S3DR4z8STG3qQgKvcVcFPHQgrEf/a
pQRYDjL2hya4YHKXeXOG98JtpmAVAFbkvebzB82113oNDFfmqqRNv7zsX+EzUYWv
ecAGMQYLUyrtZfDdT6NmSrnJJcPlUnjbAqHSGQBd49NX14XyLSk0ljzyc4nieQml
ru47ZFWJm/QlWDDDtjeD+FC91rHsETOOsZ7h/RRsNlKyD0hXTPG8pveYVS4GNWyo
4LYO2KJSwKUUTX2wIBepldfeoDo3NFDHMyAkZKDXAf6KEmdwcqI3/4GOfN6g3PT7
XYocrnrQdU/hEDdgae8lJDv5TPPujmNnG0AFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQURwjlVL9wCojI3agwjtTb2oqNREkwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL1J3amxWTDl3Q29qSTNh
Z3dqdFRiMm9xTlJFay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADKLiowDQYJKoZIhvcNAQELBQADggEBAEB4hWaDmWtiAHd6a2x+/SQmo9g0tt5o
knGz9jVD4wm7eIDnPbMxDlB1rTBRmKxCSByFotCBHFe1EO+WtfsY3gdH1Yq/YDqy
tzlXESIOcAYYAaJvUh7jqWL2O3t1GckSeXcFkGQuDhIyr9rvLIK2kUwy2ECDTiu0
+2drtFLZ9Afh/O8V5rfH+OP6RbA9lm7SSOOh+oLrGHPKZHQj0Lher7jAJfpYnsKZ
F/n5aq46VQRwhQgpNqPTu6iBmczzuYaKkEmNlW6wSQ80C8Mid1z7Ijeh2RnR2DeW
kr7R7Qo8jIEq/8V5moVXJIwQJ2wqeddxLZCPgBWy4p1t8cJrsufGFTI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:42:12 2025 by rpki-client