Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/tvZ4kRiGdG1UPtn_ye1HuTlyGVo.roa
File: tvZ4kRiGdG1UPtn_ye1HuTlyGVo.roa (raw, json)
Hash identifier: yWQuQGrPWn6a5LSCa+GTJsOa7VU9maS/0c3i3fALhtk=
Subject key identifier: B6:F6:78:91:18:86:74:6D:54:3E:D9:FF:C9:ED:47:B9:39:72:19:5A
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 0238
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/tvZ4kRiGdG1UPtn_ye1HuTlyGVo.roa
Signing time: Thu 24 Apr 2025 08:49:07 +0000
ROA not before: Thu 24 Apr 2025 08:49:07 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24413
IP address blocks: 202.46.42.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 568 (0x238)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Apr 24 08:49:07 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B6F678911886746D543ED9FFC9ED47B93972195A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:78:6c:64:54:54:79:6c:54:a0:6e:14:b9:f9:
ec:dd:1e:fb:b6:ed:27:13:7c:e2:ee:75:67:31:f0:
97:05:c7:72:2f:a6:b2:2a:d2:70:c4:82:3b:3e:3a:
9c:0e:36:f0:4c:7f:bf:7b:04:5c:53:70:b6:af:28:
26:d8:94:19:b4:3e:3b:4e:48:a7:1a:72:01:2a:e0:
4c:5e:c9:95:10:d9:a6:27:d5:45:42:f9:2e:3c:ac:
54:d2:40:9b:38:d5:fe:34:3b:35:94:b5:7d:87:fb:
ae:08:81:05:74:5e:5f:10:cb:77:48:6b:c2:2c:03:
7e:31:89:5a:26:1a:36:9c:16:96:d5:db:5f:f7:7a:
00:f0:ae:5d:54:94:1c:8c:a9:20:a6:c4:24:e4:ca:
a4:55:d6:64:37:e1:78:d1:49:ef:c2:d6:ef:59:56:
0a:46:d1:79:ae:78:94:f9:04:b8:86:0b:4e:c8:5b:
ee:a2:2f:80:c2:81:86:1c:d2:fb:0f:2b:ee:81:0d:
e7:ef:a6:25:49:8f:30:f5:ce:9b:7a:94:54:46:10:
0a:11:50:5e:b0:db:7d:25:4d:3d:69:6c:31:a3:66:
d9:4c:33:70:3c:88:6b:f2:62:cb:f8:49:37:6c:0e:
9f:14:e3:63:68:5f:43:eb:ff:b4:fb:f0:46:3f:80:
a5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F6:78:91:18:86:74:6D:54:3E:D9:FF:C9:ED:47:B9:39:72:19:5A
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/tvZ4kRiGdG1UPtn_ye1HuTlyGVo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.46.42.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:b6:5a:1a:53:25:51:9a:92:64:60:bc:d9:9e:89:2b:01:ed:
4d:e8:20:db:2d:5f:f9:ee:0b:39:af:b7:29:ad:39:0b:b1:a3:
60:71:ca:1f:29:e7:cf:81:9b:9d:3e:e9:ee:cc:45:51:44:92:
af:44:d7:eb:f8:02:04:a6:cb:96:56:6d:c5:47:8e:a7:38:24:
2b:fb:ce:ae:39:15:c5:ec:45:e2:f1:58:7c:fe:78:10:c3:4e:
c2:7b:fe:8b:11:7f:f0:1e:b2:fe:80:95:60:45:d9:7e:6f:26:
f2:e0:50:46:54:7e:6f:2b:e5:1b:34:ff:4f:86:72:69:e3:f3:
84:18:7d:a0:30:49:96:c3:5d:5f:0b:e9:b5:ad:ee:c9:e7:b8:
58:09:8b:21:06:1d:44:71:29:d8:b2:ed:d6:6e:e6:2b:56:b0:
f0:81:cc:dc:44:ca:32:ed:26:51:d5:c7:7f:d1:e7:01:67:42:
88:73:70:01:1a:33:d9:54:a6:f9:f7:52:12:af:10:1a:c2:9d:
82:ae:d1:db:96:0e:39:eb:ad:8f:3a:70:58:3e:49:27:df:d6:
7d:f0:65:09:8d:a8:82:43:22:72:4f:1e:d5:6d:f4:05:ec:7d:
45:56:4c:cb:a7:e7:02:96:f4:05:d6:49:63:df:42:bb:1d:3a:
94:cc:b7:20
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAjgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw
ODQ5MDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI2RjY3ODkxMTg4Njc0
NkQ1NDNFRDlGRkM5RUQ0N0I5Mzk3MjE5NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOeGxkVFR5bFSgbhS5+ezdHvu27ScTfOLudWcx8JcFx3IvprIq
0nDEgjs+OpwONvBMf797BFxTcLavKCbYlBm0PjtOSKcacgEq4ExeyZUQ2aYn1UVC
+S48rFTSQJs41f40OzWUtX2H+64IgQV0Xl8Qy3dIa8IsA34xiVomGjacFpbV21/3
egDwrl1UlByMqSCmxCTkyqRV1mQ34XjRSe/C1u9ZVgpG0XmueJT5BLiGC07IW+6i
L4DCgYYc0vsPK+6BDefvpiVJjzD1zpt6lFRGEAoRUF6w230lTT1pbDGjZtlMM3A8
iGvyYsv4STdsDp8U42NoX0Pr/7T78EY/gKXJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtvZ4kRiGdG1UPtn/ye1HuTlyGVowHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL3R2WjRrUmlHZEcxVVB0
bl95ZTFIdVRseUdWby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADKLiowDQYJKoZIhvcNAQELBQADggEBALO2WhpTJVGakmRgvNmeiSsB7U3oINst
X/nuCzmvtymtOQuxo2Bxyh8p58+Bm50+6e7MRVFEkq9E1+v4AgSmy5ZWbcVHjqc4
JCv7zq45FcXsReLxWHz+eBDDTsJ7/osRf/Aesv6AlWBF2X5vJvLgUEZUfm8r5Rs0
/0+Gcmnj84QYfaAwSZbDXV8L6bWt7snnuFgJiyEGHURxKdiy7dZu5itWsPCBzNxE
yjLtJlHVx3/R5wFnQohzcAEaM9lUpvn3UhKvEBrCnYKu0duWDjnrrY86cFg+SSff
1n3wZQmNqIJDInJPHtVt9AXsfUVWTMun5wKW9AXWSWPfQrsdOpTMtyA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:42:29 2025 by rpki-client