Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/756/dhzeY3_OxcHAtiIl3zszftT0K6M.roa
File: dhzeY3_OxcHAtiIl3zszftT0K6M.roa (raw, json)
Hash identifier: Bh1vZMx8G1lOICwP2E+cHe0uEMRdbBxn1G0CwSCXWF0=
Subject key identifier: 76:1C:DE:63:7F:CE:C5:C1:C0:B6:22:25:DF:3B:33:7E:D4:F4:2B:A3
Certificate issuer: /CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404
Certificate serial: 12CA
Authority key identifier: 59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/dhzeY3_OxcHAtiIl3zszftT0K6M.roa
Signing time: Fri 17 Jan 2025 01:23:34 +0000
ROA not before: Fri 17 Jan 2025 01:23:34 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63719
IP address blocks: 45.255.152.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4810 (0x12ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404
Validity
Not Before: Jan 17 01:23:34 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=761CDE637FCEC5C1C0B62225DF3B337ED4F42BA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:14:a9:80:f8:4c:b7:67:0e:37:df:cc:00:00:
0a:a0:5f:80:6a:46:83:d9:db:8b:67:b6:ea:56:ad:
c2:9c:99:1f:5a:76:2a:58:07:e7:a8:85:7b:fd:20:
3b:37:da:51:01:f6:42:87:07:f8:b8:37:bf:1d:20:
7c:9d:92:89:58:c6:e8:60:d8:7f:af:c3:6f:c8:ea:
d1:11:56:b8:b6:88:ab:2e:62:b3:d4:0b:7d:87:3d:
18:06:0b:a8:82:8e:d0:00:24:e2:03:91:24:2b:ca:
d4:15:b2:cf:73:11:8b:e5:a0:55:b7:be:42:45:1b:
2d:aa:24:d8:93:a5:8a:3c:c4:e0:0e:5d:38:7c:b0:
f4:4c:1a:6c:2f:a4:8b:45:27:71:50:fb:c2:95:60:
34:ec:2e:d2:54:2c:79:64:aa:e1:c3:e9:c8:bc:aa:
48:de:8d:80:2b:46:4c:d5:b6:e7:01:56:c2:b9:96:
73:4e:90:28:78:70:31:3c:78:23:99:7f:bd:bb:c7:
a6:07:73:8e:f8:6c:bb:2c:c4:ec:9d:c4:12:28:a6:
13:f9:4a:be:52:5c:18:5a:5f:a3:59:5b:30:36:b1:
ae:68:0e:21:5b:76:93:f5:38:95:d1:00:3a:ed:fa:
5d:33:3a:dc:4a:43:ef:d4:d6:be:31:51:f7:87:5b:
20:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1C:DE:63:7F:CE:C5:C1:C0:B6:22:25:DF:3B:33:7E:D4:F4:2B:A3
X509v3 Authority Key Identifier:
keyid:59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/dhzeY3_OxcHAtiIl3zszftT0K6M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.255.152.0/22
Signature Algorithm: sha256WithRSAEncryption
84:88:96:cf:7c:03:fd:17:84:97:d0:e7:ff:b0:f2:23:bc:e5:
e8:1f:92:6d:b9:66:4a:fa:52:1b:52:fc:56:34:f4:fe:51:08:
39:66:07:63:8e:b0:e8:40:13:6e:80:0d:6d:60:ce:6e:47:91:
e3:11:d0:6b:61:d7:6c:b9:66:1f:aa:ca:e5:e7:76:14:5c:87:
fa:68:dc:b9:97:a0:d4:9a:c4:68:48:28:a3:1a:57:0b:44:d2:
8c:47:68:7c:75:ee:6e:6e:28:23:9a:2e:02:4d:02:1e:39:3d:
e9:e0:2f:25:16:54:41:2d:cd:5a:48:56:27:63:d6:4e:ed:0c:
52:8f:1b:b3:5e:81:bc:3e:bb:1c:60:6c:bf:80:04:61:10:86:
a9:67:51:61:5d:e2:b6:91:2f:2f:93:b0:ae:ba:78:41:cb:8b:
ad:02:65:96:0e:17:35:48:91:75:2b:b3:06:ee:14:b7:e5:73:
49:7e:29:be:fb:5e:ec:e5:7d:0e:32:0c:dd:5d:d9:75:c2:ca:
1a:3d:97:3e:bf:13:2a:03:ef:b2:63:d8:6c:f9:e9:52:47:34:
95:63:3c:e9:fa:9d:d2:e7:9e:b8:58:fb:19:2a:c0:35:c3:65:
92:c6:6c:46:1b:79:45:73:02:23:34:b5:20:85:5f:ba:d1:e7:
2a:c6:d7:c3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTkx
QzVCMDNDOTdDRTBGRTNFQzc4RTIzQzY4NTZGNzkyQzIwRDQwNDAeFw0yNTAxMTcw
MTIzMzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc2MUNERTYzN0ZDRUM1
QzFDMEI2MjIyNURGM0IzMzdFRDRGNDJCQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgFKmA+Ey3Zw4338wAAAqgX4BqRoPZ24tntupWrcKcmR9adipY
B+eohXv9IDs32lEB9kKHB/i4N78dIHydkolYxuhg2H+vw2/I6tERVri2iKsuYrPU
C32HPRgGC6iCjtAAJOIDkSQrytQVss9zEYvloFW3vkJFGy2qJNiTpYo8xOAOXTh8
sPRMGmwvpItFJ3FQ+8KVYDTsLtJULHlkquHD6ci8qkjejYArRkzVtucBVsK5lnNO
kCh4cDE8eCOZf727x6YHc474bLssxOydxBIophP5Sr5SXBhaX6NZWzA2sa5oDiFb
dpP1OJXRADrt+l0zOtxKQ+/U1r4xUfeHWyBFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdhzeY3/OxcHAtiIl3zszftT0K6MwHwYDVR0jBBgwFoAUWRxbA8l84P4+x44j
xoVveSwg1AQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2
L1dSeGJBOGw4NFA0LXg0NGp4b1Z2ZVN3ZzFBUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV1J4YkE4bDg0UDQteDQ0anhvVnZlU3dnMUFRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2L2RoemVZM19PeGNIQXRp
SWwzenN6ZnRUMEs2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/5gwDQYJKoZIhvcNAQELBQADggEBAISIls98A/0XhJfQ5/+w8iO85egfkm25
Zkr6UhtS/FY09P5RCDlmB2OOsOhAE26ADW1gzm5HkeMR0Gth12y5Zh+qyuXndhRc
h/po3LmXoNSaxGhIKKMaVwtE0oxHaHx17m5uKCOaLgJNAh45PengLyUWVEEtzVpI
Vidj1k7tDFKPG7Negbw+uxxgbL+ABGEQhqlnUWFd4raRLy+TsK66eEHLi60CZZYO
FzVIkXUrswbuFLflc0l+Kb77XuzlfQ4yDN1d2XXCyho9lz6/EyoD77Jj2Gz56VJH
NJVjPOn6ndLnnrhY+xkqwDXDZZLGbEYbeUVzAiM0tSCFX7rR5yrG18M=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:12:46 2025 by rpki-client