Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/fzGGKAAfHyqtYtW64JLqUp9n_b4.roa
File: fzGGKAAfHyqtYtW64JLqUp9n_b4.roa (raw, json)
Hash identifier: se+OESlX8I0t+5SLDVJuEIL25hPdvScG79kkWgLg9zU=
Subject key identifier: 7F:31:86:28:00:1F:1F:2A:AD:62:D5:BA:E0:92:EA:52:9F:67:FD:BE
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 01C0
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/fzGGKAAfHyqtYtW64JLqUp9n_b4.roa
Signing time: Wed 02 Apr 2025 01:30:38 +0000
ROA not before: Wed 02 Apr 2025 01:30:38 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 142132
IP address blocks: 114.28.238.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448 (0x1c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Apr 2 01:30:38 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=7F318628001F1F2AAD62D5BAE092EA529F67FDBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:93:8e:4e:9d:cf:09:a1:b7:6c:24:9d:67:7e:
71:35:06:49:e1:77:da:ac:2e:00:b2:09:a2:9a:10:
4b:56:64:46:20:53:3e:be:4c:31:66:ef:08:2e:bf:
96:ff:f7:71:3d:b9:d3:60:56:1d:f4:79:70:0e:92:
b5:67:e7:a7:08:f1:9e:26:e1:1e:f6:c4:cd:46:34:
ac:6a:35:de:6e:71:cf:3f:4a:ff:8e:6b:e3:74:d5:
a2:75:ef:2c:cb:1d:88:67:33:4f:8f:13:d9:88:2e:
79:ec:09:f1:c6:de:e0:f1:da:29:ce:8b:9b:50:bb:
f6:9c:5c:da:14:8d:73:6f:ab:21:9e:44:43:36:28:
02:9b:f3:02:f3:3c:aa:4d:90:ac:bb:a1:99:3a:d8:
47:18:26:dd:54:8e:a1:8b:37:f1:2b:61:46:ae:7a:
bf:30:9d:bf:39:e7:70:96:5a:d3:f8:cf:aa:26:90:
2b:c7:61:e6:43:f8:cb:a2:0f:04:e6:47:22:57:b9:
60:57:9d:43:66:e6:0b:5a:31:46:93:09:78:dd:e1:
cf:77:99:1e:b4:b9:09:04:7e:98:f3:0b:f1:59:27:
38:30:a5:13:82:5e:d4:10:19:15:63:8b:9b:71:95:
56:64:17:9d:fb:24:3b:7d:4a:f2:6a:00:4c:db:78:
77:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:31:86:28:00:1F:1F:2A:AD:62:D5:BA:E0:92:EA:52:9F:67:FD:BE
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/fzGGKAAfHyqtYtW64JLqUp9n_b4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.238.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f6:35:9e:58:4b:ed:aa:f2:d8:96:f5:92:8a:09:43:de:25:
0f:fd:26:37:e6:69:b7:6b:54:6a:89:fa:1e:7c:06:8b:2f:bc:
15:16:8b:3e:86:e9:7d:e7:8f:cb:cc:16:9e:30:67:43:ed:11:
26:77:c0:12:37:9e:ef:a0:c8:36:f5:b1:1b:96:47:dc:f0:53:
cc:ae:e0:60:f6:f6:c7:ca:46:fd:7b:2a:4c:3d:61:cf:a3:3b:
9f:e9:39:32:23:54:8b:88:7c:b1:fb:c8:2a:fa:93:1d:a2:a2:
5f:a4:69:8f:8e:43:a7:77:f1:1c:7e:91:f2:0b:a7:19:8f:3a:
14:ab:4a:c0:7d:d5:70:ff:53:27:ac:7c:8e:ec:3b:0a:0f:31:
63:b7:7a:4c:17:6d:ae:16:a2:86:51:bb:f1:a1:6d:cf:41:2b:
36:f9:39:a7:91:16:28:39:7a:56:f6:fc:18:f3:5a:22:bb:26:
69:9c:c9:98:28:33:ac:ab:af:50:34:26:f6:a9:d2:40:15:25:
1d:04:a7:64:8e:5a:99:f3:13:bd:f2:2d:53:5c:a2:22:98:04:
1d:ca:a1:0f:8a:f8:d2:9b:a7:6d:93:77:87:ec:a1:a0:41:a2:
20:f6:ba:8b:b3:42:a4:27:15:10:e7:13:4c:03:f2:ea:28:af:
7f:44:e0:a1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MDIw
MTMwMzhaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDdGMzE4NjI4MDAxRjFG
MkFBRDYyRDVCQUUwOTJFQTUyOUY2N0ZEQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIk45Onc8JobdsJJ1nfnE1Bknhd9qsLgCyCaKaEEtWZEYgUz6+
TDFm7wguv5b/93E9udNgVh30eXAOkrVn56cI8Z4m4R72xM1GNKxqNd5ucc8/Sv+O
a+N01aJ17yzLHYhnM0+PE9mILnnsCfHG3uDx2inOi5tQu/acXNoUjXNvqyGeREM2
KAKb8wLzPKpNkKy7oZk62EcYJt1UjqGLN/ErYUauer8wnb8553CWWtP4z6omkCvH
YeZD+MuiDwTmRyJXuWBXnUNm5gtaMUaTCXjd4c93mR60uQkEfpjzC/FZJzgwpROC
XtQQGRVji5txlVZkF537JDt9SvJqAEzbeHczAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUfzGGKAAfHyqtYtW64JLqUp9n/b4wHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL2Z6R0dLQUFmSHlxdFl0
VzY0SkxxVXA5bl9iNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAByHO4wDQYJKoZIhvcNAQELBQADggEBAEX2NZ5YS+2q8tiW9ZKKCUPeJQ/9Jjfm
abdrVGqJ+h58BosvvBUWiz6G6X3nj8vMFp4wZ0PtESZ3wBI3nu+gyDb1sRuWR9zw
U8yu4GD29sfKRv17Kkw9Yc+jO5/pOTIjVIuIfLH7yCr6kx2iol+kaY+OQ6d38Rx+
kfILpxmPOhSrSsB91XD/UyesfI7sOwoPMWO3ekwXba4WooZRu/Ghbc9BKzb5OaeR
Fig5elb2/BjzWiK7JmmcyZgoM6yrr1A0Jvap0kAVJR0Ep2SOWpnzE73yLVNcoiKY
BB3KoQ+K+NKbp22Td4fsoaBBoiD2uouzQqQnFRDnE0wD8uoor39E4KE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:37:25 2025 by rpki-client