Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/Nx1tb4udXLktqS28eIX_IIY5deY.roa
File: Nx1tb4udXLktqS28eIX_IIY5deY.roa (raw, json)
Hash identifier: 7ttvUriDJUvbg51CYTvK1Lju8d2IvNmy0VVvnYs2GlI=
Subject key identifier: 37:1D:6D:6F:8B:9D:5C:B9:2D:A9:2D:BC:78:85:FF:20:86:39:75:E6
Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4
Certificate serial: 3D
Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/Nx1tb4udXLktqS28eIX_IIY5deY.roa
Signing time: Fri 22 Aug 2025 06:30:21 +0000
ROA not before: Fri 22 Aug 2025 06:30:21 +0000
ROA not after: Thu 20 Aug 2026 07:49:18 +0000
asID: 63582
IP address blocks: 2402:7d80:8888::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61 (0x3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4
Validity
Not Before: Aug 22 06:30:21 2025 GMT
Not After : Aug 20 07:49:18 2026 GMT
Subject: CN=371D6D6F8B9D5CB92DA92DBC7885FF20863975E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f7:1c:91:fe:51:5b:61:88:78:3b:9d:f4:38:
21:6a:a6:4f:ae:0a:b7:6e:3b:c0:dc:5c:cf:73:fc:
59:be:ef:e2:64:b8:5b:38:49:2f:ff:b1:90:96:b3:
0f:af:f3:76:9c:a2:aa:08:25:de:b5:50:16:cd:c7:
c7:0d:29:e8:ca:e0:e7:63:d7:6f:e6:2f:17:fb:fc:
f9:49:df:b4:0c:05:c7:bc:1c:6c:40:5f:0e:aa:7d:
01:b1:7b:f7:d6:bf:99:0e:64:bc:3a:b1:70:cc:8a:
c0:31:fc:fa:5a:29:c8:ab:82:0a:21:b4:54:96:c8:
66:99:42:35:10:a5:64:f1:16:a2:47:3e:39:6e:0b:
bc:7b:b8:d5:3b:a7:9f:3f:3d:92:82:e4:ad:4b:fd:
ec:b9:84:2d:3a:b6:fa:14:db:d2:5a:b9:b5:78:90:
b2:b3:7c:9d:16:db:96:2a:e5:71:b1:d8:1e:9e:23:
d9:8d:0b:c3:56:55:79:0a:df:cc:c7:05:54:3d:6c:
53:08:3b:a8:e4:d5:97:d6:f5:3e:38:6d:bc:b0:a3:
dd:95:9a:01:b9:b1:fc:32:c9:d0:33:95:10:b9:31:
81:cd:1f:b7:ce:42:a6:fd:84:85:9d:61:90:03:ea:
3b:b9:c7:05:fa:c2:47:97:11:f2:26:c8:d9:7c:a2:
fb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1D:6D:6F:8B:9D:5C:B9:2D:A9:2D:BC:78:85:FF:20:86:39:75:E6
X509v3 Authority Key Identifier:
keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/Nx1tb4udXLktqS28eIX_IIY5deY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:7d80:8888::/48
Signature Algorithm: sha256WithRSAEncryption
04:65:75:33:39:b7:53:d8:29:5c:d6:99:94:f1:0c:df:b1:bc:
5a:7b:4f:cc:23:c1:e8:07:88:40:66:3e:8d:00:0d:bc:5b:f7:
ab:27:4f:6c:ec:8e:96:34:8a:a5:8b:f0:d6:03:9b:19:1f:aa:
e7:f3:87:c0:eb:12:6d:ff:1d:16:10:46:d9:2f:0b:94:9a:e6:
e0:75:28:66:0c:7e:d6:4f:ba:b7:42:b4:31:64:95:13:13:b1:
95:23:2c:aa:35:64:ec:41:1b:87:15:ae:3d:4a:c1:3e:ae:e4:
a8:bf:90:21:1e:e5:c6:78:39:d9:a5:c3:4f:80:97:80:a9:c5:
74:1d:bc:12:6a:81:f1:64:3c:d1:92:3f:f6:6b:85:73:a2:04:
81:c8:db:11:1a:5a:54:12:63:5a:34:b5:28:dd:37:7c:31:86:
c6:5f:c0:c0:99:cd:ef:18:28:37:ba:be:84:7e:5c:e2:55:6f:
bf:d8:6a:ae:23:c6:a3:c3:b4:91:ed:35:94:db:a2:63:1e:b4:
3b:66:68:3d:80:b6:fb:e8:ad:12:b1:1a:5c:58:16:05:d6:30:
52:cf:ae:23:de:53:f9:1a:67:6a:f7:db:04:b7:22:b8:29:e4:
0d:88:76:79:66:be:c0:8d:9e:fd:c4:78:aa:56:ca:a0:54:41:
38:2e:b6:3f
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIBPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4
OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2
MzAyMVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoMzcxRDZENkY4QjlENUNC
OTJEQTkyREJDNzg4NUZGMjA4NjM5NzVFNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOL3HJH+UVthiHg7nfQ4IWqmT64Kt247wNxcz3P8Wb7v4mS4WzhJ
L/+xkJazD6/zdpyiqggl3rVQFs3Hxw0p6Mrg52PXb+YvF/v8+UnftAwFx7wcbEBf
Dqp9AbF799a/mQ5kvDqxcMyKwDH8+lopyKuCCiG0VJbIZplCNRClZPEWokc+OW4L
vHu41Tunnz89koLkrUv97LmELTq2+hTb0lq5tXiQsrN8nRbblirlcbHYHp4j2Y0L
w1ZVeQrfzMcFVD1sUwg7qOTVl9b1PjhtvLCj3ZWaAbmx/DLJ0DOVELkxgc0ft85C
pv2EhZ1hkAPqO7nHBfrCR5cR8ibI2Xyi+xcCAwEAAaOCAfYwggHyMB0GA1UdDgQW
BBQ3HW1vi51cuS2pLbx4hf8ghjl15jAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E
4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy
LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9OeDF0YjR1ZFhMa3Rx
UzI4ZUlYX0lJWTVkZVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJAJ9gIiIMA0GCSqGSIb3DQEBCwUAA4IBAQAEZXUzObdT2Clc1pmU8Qzfsbxa
e0/MI8HoB4hAZj6NAA28W/erJ09s7I6WNIqli/DWA5sZH6rn84fA6xJt/x0WEEbZ
LwuUmubgdShmDH7WT7q3QrQxZJUTE7GVIyyqNWTsQRuHFa49SsE+ruSov5AhHuXG
eDnZpcNPgJeAqcV0HbwSaoHxZDzRkj/2a4VzogSByNsRGlpUEmNaNLUo3Td8MYbG
X8DAmc3vGCg3ur6EflziVW+/2GquI8ajw7SR7TWU26JjHrQ7Zmg9gLb76K0SsRpc
WBYF1jBSz64j3lP5Gmdq99sEtyK4KeQNiHZ5Zr7AjZ79xHiqVsqgVEE4LrY/
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:48:54 2025 by rpki-client