Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/8YbRFwEKH7TCMsKW48XDWSNrzSg.roa
File: 8YbRFwEKH7TCMsKW48XDWSNrzSg.roa (raw, json)
Hash identifier: FOd0exJ31OfC0JLs7/uJfwa6pZvBbhWvAggjCf59l6M=
Subject key identifier: F1:86:D1:17:01:0A:1F:B4:C2:32:C2:96:E3:C5:C3:59:23:6B:CD:28
Certificate issuer: /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
Certificate serial: CF
Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/8YbRFwEKH7TCMsKW48XDWSNrzSg.roa
Signing time: Fri 20 Jun 2025 06:53:32 +0000
ROA not before: Fri 20 Jun 2025 06:53:32 +0000
ROA not after: Sat 16 May 2026 10:06:17 +0000
asID: 54801
IP address blocks: 43.254.192.0/22 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 207 (0xcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
Validity
Not Before: Jun 20 06:53:32 2025 GMT
Not After : May 16 10:06:17 2026 GMT
Subject: CN=F186D117010A1FB4C232C296E3C5C359236BCD28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:74:a9:2b:bb:06:3b:4f:a3:47:b9:29:17:
73:74:04:16:48:fe:c5:b8:7f:7e:74:ba:5a:10:63:
ca:eb:3d:c5:8c:b7:e7:84:e6:9c:0f:d6:a9:11:ca:
e3:ea:ec:bb:cd:3d:c9:16:4d:15:59:c0:83:f9:3c:
11:42:ed:ee:f9:10:07:20:3a:63:2f:92:24:32:2e:
df:5b:91:72:76:bb:b0:22:57:5f:5d:6f:50:43:20:
ec:bb:4c:41:e7:aa:97:29:a6:10:f0:6a:ee:9f:65:
ff:a1:12:f2:4c:da:8a:72:a4:6d:b4:5c:43:e0:60:
73:7c:55:05:31:c3:0b:5b:bd:a6:b8:2e:7a:ff:c9:
d1:7e:96:60:d8:7b:39:5a:78:5f:39:9e:9b:a9:11:
4d:69:73:5d:3e:01:f0:a6:42:14:ea:66:4a:3f:0a:
bb:03:2e:69:3d:1e:ac:6b:75:66:c4:9a:ad:b8:99:
34:73:8e:e5:7d:99:c9:a1:f8:93:95:79:e6:4f:9d:
da:0a:10:f8:35:93:c1:ba:95:12:93:dc:91:38:89:
7e:10:90:e4:47:80:3b:43:5e:15:26:45:2f:fc:0e:
3d:4c:e3:93:6d:25:62:a9:36:a2:2d:8c:0c:a0:09:
f3:6c:82:72:66:83:65:6e:ef:ed:2b:ca:7b:30:2a:
6a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:86:D1:17:01:0A:1F:B4:C2:32:C2:96:E3:C5:C3:59:23:6B:CD:28
X509v3 Authority Key Identifier:
keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/8YbRFwEKH7TCMsKW48XDWSNrzSg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.192.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:2a:70:b1:6d:36:23:f6:9e:d7:e3:3d:59:1f:3a:f8:df:e2:
74:7c:a7:75:0f:94:2a:27:37:19:ca:28:d9:64:97:c2:a8:a2:
9e:2a:80:3a:c5:89:5a:44:12:7a:fe:7e:9c:63:08:6d:9a:e4:
5f:87:74:1a:38:64:84:a4:18:31:e9:68:5c:a5:f9:a0:c4:ee:
d3:c6:c9:3d:da:34:45:7d:3d:11:42:23:84:ea:45:95:90:3d:
b1:77:2d:e9:0e:ec:13:8e:32:59:55:33:b6:94:55:ee:ba:86:
7e:ab:6f:12:f4:be:0a:4a:c4:6b:6a:9b:8d:06:44:e7:28:5b:
56:09:01:f3:06:c0:3e:03:06:a8:cf:0a:43:2f:62:c2:32:ec:
b5:9d:65:dd:6e:68:80:05:72:44:dc:42:3b:e4:c7:26:c1:04:
fc:3c:69:0f:b0:56:a1:d5:b5:65:88:b9:5a:d3:96:f4:3d:02:
9a:f4:0e:a1:80:4a:62:c5:2e:4a:3e:ae:3f:bd:84:f7:7b:0f:
70:6e:22:cf:9a:b3:2f:de:ef:3d:32:72:2f:bf:43:1a:c8:d2:
66:e2:36:e5:97:ba:29:52:1e:67:b5:22:7b:8a:11:c6:d8:2b:
f0:32:d0:e9:72:af:11:45:40:79:1d:fa:8b:04:90:cd:5e:84:
69:5a:c9:9a
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQURE
MjcyNkRENkZGOUY1QTQ1OUFFNUIwQTlFRThFN0RERkM3RjA3QzAeFw0yNTA2MjAw
NjUzMzJaFw0yNjA1MTYxMDA2MTdaMDMxMTAvBgNVBAMTKEYxODZEMTE3MDEwQTFG
QjRDMjMyQzI5NkUzQzVDMzU5MjM2QkNEMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC25HSpK7sGO0+jR7kpF3N0BBZI/sW4f350uloQY8rrPcWMt+eE
5pwP1qkRyuPq7LvNPckWTRVZwIP5PBFC7e75EAcgOmMvkiQyLt9bkXJ2u7AiV19d
b1BDIOy7TEHnqpcpphDwau6fZf+hEvJM2opypG20XEPgYHN8VQUxwwtbvaa4Lnr/
ydF+lmDYezlaeF85npupEU1pc10+AfCmQhTqZko/CrsDLmk9HqxrdWbEmq24mTRz
juV9mcmh+JOVeeZPndoKEPg1k8G6lRKT3JE4iX4QkORHgDtDXhUmRS/8Dj1M45Nt
JWKpNqItjAygCfNsgnJmg2Vu7+0rynswKmr/AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU8YbRFwEKH7TCMsKW48XDWSNrzSgwHwYDVR0jBBgwFoAUrdJybdb/n1pFmuWw
qe6Ofd/H8HwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIy
OC9yZEp5YmRiX24xcEZtdVd3cWU2T2ZkX0g4SHcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMjgvOFliUkZ3RUtIN1RD
TXNLVzQ4WERXU05yelNnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAiv+wDANBgkqhkiG9w0BAQsFAAOCAQEATCpwsW02I/ae1+M9WR86+N/idHyn
dQ+UKic3Gcoo2WSXwqiiniqAOsWJWkQSev5+nGMIbZrkX4d0GjhkhKQYMeloXKX5
oMTu08bJPdo0RX09EUIjhOpFlZA9sXct6Q7sE44yWVUztpRV7rqGfqtvEvS+CkrE
a2qbjQZE5yhbVgkB8wbAPgMGqM8KQy9iwjLstZ1l3W5ogAVyRNxCO+THJsEE/Dxp
D7BWodW1ZYi5WtOW9D0CmvQOoYBKYsUuSj6uP72E93sPcG4iz5qzL97vPTJyL79D
GsjSZuI25Ze6KVIeZ7Uie4oRxtgr8DLQ6XKvEUVAeR36iwSQzV6EaVrJmg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 17:42:45 2025 by rpki-client