Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/GVlxzjTrgWLUN0H2xsSQ-Y9Fp2Y.roa
File: GVlxzjTrgWLUN0H2xsSQ-Y9Fp2Y.roa (raw, json)
Hash identifier: DuE4weZKgRUw4MYbsm3SXmM1yC7HI0cEIJgLnS+LeMQ=
Subject key identifier: 19:59:71:CE:34:EB:81:62:D4:37:41:F6:C6:C4:90:F9:8F:45:A7:66
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0DEC
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/GVlxzjTrgWLUN0H2xsSQ-Y9Fp2Y.roa
Signing time: Mon 11 Aug 2025 02:14:50 +0000
ROA not before: Mon 11 Aug 2025 02:14:50 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 63567
IP address blocks: 43.248.184.0/21 maxlen: 21
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3564 (0xdec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Aug 11 02:14:50 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=195971CE34EB8162D43741F6C6C490F98F45A766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:6b:bb:d7:54:58:7f:18:fb:ba:22:b8:8e:
67:29:84:6f:07:f9:a2:d5:a2:73:29:39:88:8e:31:
c2:e3:7b:b0:cc:55:69:4c:32:fd:bc:e2:61:90:98:
61:c1:82:ae:b9:e3:9f:3b:7b:29:fc:8c:a6:22:02:
2c:e3:c2:3a:22:67:e0:d1:30:53:2a:26:2d:3b:c8:
d2:e0:ef:16:54:5e:6d:bb:7e:c7:c3:dc:b3:d1:75:
12:d7:d5:77:a1:75:22:07:60:43:16:98:ac:89:d4:
88:da:7f:53:af:c4:b7:1e:f9:2c:2c:a7:bb:71:aa:
32:0b:f9:a8:ea:28:4a:7e:25:38:d0:f9:15:40:97:
c4:34:5b:c2:56:04:25:10:2d:cd:ab:66:52:a8:78:
e3:40:23:a2:24:52:3a:b6:e0:c8:16:7a:59:54:b5:
cb:e9:a3:a3:9f:77:08:44:58:f6:80:04:35:ef:c5:
1a:74:9e:c4:a8:01:7f:6b:ab:3d:3b:63:de:ee:74:
43:b0:93:be:71:8b:b1:9c:16:db:f7:29:33:2f:c4:
ba:bd:6b:11:79:e8:e7:da:fc:30:41:60:b2:0b:a6:
df:be:0a:05:d5:8e:66:d4:be:47:a1:8b:d4:68:f7:
2b:f4:47:15:10:01:b8:60:50:95:af:0d:42:ae:5d:
70:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:59:71:CE:34:EB:81:62:D4:37:41:F6:C6:C4:90:F9:8F:45:A7:66
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/GVlxzjTrgWLUN0H2xsSQ-Y9Fp2Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.184.0/21
Signature Algorithm: sha256WithRSAEncryption
61:ae:bd:61:7b:12:1d:67:95:5f:d1:fe:21:5d:4b:5d:30:ac:
ef:80:24:71:5a:96:43:6d:0b:90:da:19:a4:7d:2b:8c:6b:9c:
cb:c4:3e:42:fd:9c:68:0f:a6:d6:2a:c3:af:40:a3:78:59:b4:
ed:1c:22:21:26:3e:b2:47:39:a1:fe:80:b7:50:63:70:b0:99:
0f:09:de:12:cb:45:9a:58:54:21:b9:ac:dc:a2:a1:72:99:89:
9a:77:fc:ae:5f:a2:19:20:ec:ca:d2:5a:d5:52:4b:cc:d7:2c:
18:e3:b4:f2:6e:b6:91:1e:bc:4d:e2:73:ed:26:3b:c1:67:a8:
fd:92:55:ac:90:fa:a3:f6:4c:87:0d:44:14:ba:b9:f5:c5:14:
e0:fe:59:ad:66:73:70:44:a8:74:95:6a:b2:a9:48:1d:b3:57:
6b:16:3a:ab:83:ac:aa:e9:be:a8:cc:82:78:75:d0:a3:e5:48:
1f:aa:ff:b7:03:84:c9:98:4a:87:10:33:8f:2b:2a:6f:f7:17:
08:f9:81:5a:7a:0c:f3:ba:2b:82:e4:ea:9d:e3:6f:66:f2:a4:
5d:ac:c9:47:22:14:f9:04:b6:13:1c:4f:77:a7:13:fe:fe:39:
93:59:1c:4d:d2:35:5a:18:0b:cc:97:e0:16:5f:3b:d7:47:00:
10:37:80:f3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA4MTEw
MjE0NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE5NTk3MUNFMzRFQjgx
NjJENDM3NDFGNkM2QzQ5MEY5OEY0NUE3NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8UGu711RYfxj7uiK4jmcphG8H+aLVonMpOYiOMcLje7DMVWlM
Mv284mGQmGHBgq654587eyn8jKYiAizjwjoiZ+DRMFMqJi07yNLg7xZUXm27fsfD
3LPRdRLX1XehdSIHYEMWmKyJ1Ijaf1OvxLce+Swsp7txqjIL+ajqKEp+JTjQ+RVA
l8Q0W8JWBCUQLc2rZlKoeONAI6IkUjq24MgWellUtcvpo6OfdwhEWPaABDXvxRp0
nsSoAX9rqz07Y97udEOwk75xi7GcFtv3KTMvxLq9axF56Ofa/DBBYLILpt++CgXV
jmbUvkehi9Ro9yv0RxUQAbhgUJWvDUKuXXDdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGVlxzjTrgWLUN0H2xsSQ+Y9Fp2YwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL0dWbHh6alRyZ1dMVU4w
SDJ4c1NRLVk5RnAyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAMr+LgwDQYJKoZIhvcNAQELBQADggEBAGGuvWF7Eh1nlV/R/iFdS10wrO+AJHFa
lkNtC5DaGaR9K4xrnMvEPkL9nGgPptYqw69Ao3hZtO0cIiEmPrJHOaH+gLdQY3Cw
mQ8J3hLLRZpYVCG5rNyioXKZiZp3/K5fohkg7MrSWtVSS8zXLBjjtPJutpEevE3i
c+0mO8FnqP2SVayQ+qP2TIcNRBS6ufXFFOD+Wa1mc3BEqHSVarKpSB2zV2sWOquD
rKrpvqjMgnh10KPlSB+q/7cDhMmYSocQM48rKm/3Fwj5gVp6DPO6K4Lk6p3jb2by
pF2syUciFPkEthMcT3enE/7+OZNZHE3SNVoYC8yX4BZfO9dHABA3gPM=
-----END CERTIFICATE-----
Generated at Thu Aug 14 11:07:54 2025 by rpki-client