Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/n2O5VUv6uUigy4bNaKPxgIiMFdA.roa
File: n2O5VUv6uUigy4bNaKPxgIiMFdA.roa (raw, json)
Hash identifier: C/sBRoBPOoXId/vMH8Fho9SyZyAoQftbPVfaaFfzxGY=
Subject key identifier: 9F:63:B9:55:4B:FA:B9:48:A0:CB:86:CD:68:A3:F1:80:88:8C:15:D0
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 01AA
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/n2O5VUv6uUigy4bNaKPxgIiMFdA.roa
Signing time: Tue 01 Apr 2025 03:54:44 +0000
ROA not before: Tue 01 Apr 2025 03:54:44 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 24413
IP address blocks: 114.28.234.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 426 (0x1aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Apr 1 03:54:44 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=9F63B9554BFAB948A0CB86CD68A3F180888C15D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dc:30:12:61:07:b9:28:38:44:a7:60:f8:f8:
9e:fa:9b:18:8e:af:48:45:b9:b4:b2:e3:85:41:9f:
2a:b4:11:ba:34:96:a0:0f:67:29:88:75:be:56:a9:
fd:e3:bd:a6:70:2b:e6:f2:4b:bf:27:e7:4c:5c:6b:
84:65:57:90:73:cf:85:1a:ef:c2:36:a1:d1:13:28:
07:cc:be:54:69:db:99:1c:3f:12:64:09:eb:85:01:
52:fb:ec:21:0a:78:d3:1a:c8:65:56:cb:17:e1:b9:
39:c2:1e:d4:37:c3:0c:94:6c:20:3d:74:e9:59:53:
e3:c2:d6:92:89:69:98:38:e4:e4:a3:2d:6f:bd:a2:
3b:50:ff:8e:2a:fe:b7:b7:ae:ae:49:31:4a:d5:85:
9c:5c:01:02:e2:12:40:87:b7:fa:e8:b6:1c:4d:d0:
4b:9b:3c:f6:88:09:7b:de:ca:15:03:f9:4a:97:41:
b0:ac:2e:d3:ce:f5:00:d5:6f:cf:c0:cf:c3:d6:48:
50:1f:72:fa:84:8a:f6:dd:bd:00:37:f4:1b:ab:e5:
99:f6:c0:c3:4b:74:1c:56:cc:62:b0:78:2e:f2:63:
11:69:88:e3:20:79:d8:ab:5e:1d:0c:3e:e6:75:e8:
39:df:03:31:96:70:50:53:e1:dc:c0:07:01:1f:98:
99:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:63:B9:55:4B:FA:B9:48:A0:CB:86:CD:68:A3:F1:80:88:8C:15:D0
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/n2O5VUv6uUigy4bNaKPxgIiMFdA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.234.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:ff:f6:ea:a9:da:f7:27:7f:87:f2:b4:ac:db:29:0f:10:45:
70:b3:f7:65:6f:07:37:e7:bb:82:64:fa:c9:cb:b0:75:86:77:
cc:86:38:51:2c:d1:e0:4a:49:00:b4:32:da:4f:9e:5f:38:c4:
9a:bd:cb:68:8c:e3:b4:0c:79:b0:51:a2:ff:a9:94:ab:ff:89:
c4:43:0c:68:4a:f0:3d:aa:59:5e:a3:84:4a:00:00:df:bb:36:
67:c1:c2:5a:8c:3c:ca:7f:82:49:e3:6b:82:c5:ba:c0:a1:81:
9d:9c:11:4a:2d:3c:72:5e:15:15:7b:53:8b:42:ab:6c:26:ee:
9e:90:d8:78:a1:2d:e8:e2:37:5e:a1:59:75:de:69:65:15:9f:
28:f1:90:87:2a:34:cc:22:fb:8c:9a:a1:24:c0:e0:e5:e8:ea:
58:17:9f:77:bb:6e:fb:4d:dd:96:77:23:34:5c:27:21:34:36:
73:2e:bb:91:74:e6:e7:34:c4:0c:ed:e2:ef:b2:31:d6:d1:cc:
ae:22:2e:01:c5:92:d8:7e:1e:ee:73:6c:a9:2f:d6:55:e8:83:
36:f4:11:9a:79:96:11:91:38:e6:f3:57:95:e4:8e:59:da:5b:
62:78:84:1a:96:07:f5:2f:d5:b8:6b:6e:80:6b:a9:55:41:a9:
c7:83:b2:62
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MDEw
MzU0NDRaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDlGNjNCOTU1NEJGQUI5
NDhBMENCODZDRDY4QTNGMTgwODg4QzE1RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE3DASYQe5KDhEp2D4+J76mxiOr0hFubSy44VBnyq0Ebo0lqAP
ZymIdb5Wqf3jvaZwK+byS78n50xca4RlV5Bzz4Ua78I2odETKAfMvlRp25kcPxJk
CeuFAVL77CEKeNMayGVWyxfhuTnCHtQ3wwyUbCA9dOlZU+PC1pKJaZg45OSjLW+9
ojtQ/44q/re3rq5JMUrVhZxcAQLiEkCHt/rothxN0EubPPaICXveyhUD+UqXQbCs
LtPO9QDVb8/Az8PWSFAfcvqEivbdvQA39Bur5Zn2wMNLdBxWzGKweC7yYxFpiOMg
edirXh0MPuZ16DnfAzGWcFBT4dzABwEfmJljAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUn2O5VUv6uUigy4bNaKPxgIiMFdAwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL24yTzVWVXY2dVVpZ3k0
Yk5hS1B4Z0lpTUZkQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAByHOowDQYJKoZIhvcNAQELBQADggEBAFv/9uqp2vcnf4fytKzbKQ8QRXCz92Vv
Bzfnu4Jk+snLsHWGd8yGOFEs0eBKSQC0MtpPnl84xJq9y2iM47QMebBRov+plKv/
icRDDGhK8D2qWV6jhEoAAN+7NmfBwlqMPMp/gknja4LFusChgZ2cEUotPHJeFRV7
U4tCq2wm7p6Q2HihLejiN16hWXXeaWUVnyjxkIcqNMwi+4yaoSTA4OXo6lgXn3e7
bvtN3ZZ3IzRcJyE0NnMuu5F05uc0xAzt4u+yMdbRzK4iLgHFkth+Hu5zbKkv1lXo
gzb0EZp5lhGROObzV5XkjlnaW2J4hBqWB/Uv1bhrboBrqVVBqceDsmI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:37:16 2025 by rpki-client