Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2ykehmXXhoverS1razLaK2Cw9oM.roa
File: 2ykehmXXhoverS1razLaK2Cw9oM.roa (raw, json)
Hash identifier: BSCO+LsBWKbxlEIZbqfXb6ME3jR325sZ52zJEe8kEzU=
Subject key identifier: DB:29:1E:86:65:D7:86:8B:DE:AD:2D:6B:6B:32:DA:2B:60:B0:F6:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7F85
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2ykehmXXhoverS1razLaK2Cw9oM.roa
Signing time: Wed 06 Aug 2025 07:33:11 +0000
ROA not before: Wed 06 Aug 2025 07:33:11 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.246.40.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32645 (0x7f85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Aug 6 07:33:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DB291E8665D7868BDEAD2D6B6B32DA2B60B0F683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:d8:f6:a7:56:f3:73:d7:0b:10:23:f3:47:
02:51:d0:b4:fe:25:9d:47:a9:42:f5:cf:34:5a:0d:
b3:d7:5a:e7:de:78:21:c3:a8:50:e9:31:b5:ba:7f:
ad:ac:4b:97:38:32:22:58:a5:af:f1:54:ba:99:35:
ce:a1:f5:01:9f:58:3e:75:06:53:36:f8:e5:37:85:
e3:95:bc:ed:85:c2:9b:2b:2c:b1:54:26:68:0a:57:
2a:f9:07:7d:03:79:9a:2d:ff:63:27:f8:9a:e9:40:
06:66:1e:37:69:73:98:e2:b0:f4:2b:77:b8:9d:39:
6b:ab:4a:e1:81:0f:0e:1c:e6:75:35:a4:23:ff:ae:
f8:38:86:85:15:da:ad:ea:66:5f:fd:fa:5b:d2:d6:
f1:44:24:24:b2:c0:7b:1b:d7:c6:fd:d6:13:a5:59:
1a:67:31:04:bd:45:1a:f3:24:49:da:77:c9:04:28:
81:a7:0a:72:6e:91:0d:07:0e:2e:82:2b:1c:3a:85:
38:0e:a9:e1:97:65:b8:72:2c:ad:eb:90:ac:7b:7a:
70:f0:c1:e7:db:28:6e:72:00:86:d5:10:cf:e7:7a:
95:c9:42:c5:6d:95:a4:54:f7:69:71:a6:89:08:53:
d8:e4:a0:5d:62:c6:fc:25:e6:dc:64:63:44:ea:38:
65:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:29:1E:86:65:D7:86:8B:DE:AD:2D:6B:6B:32:DA:2B:60:B0:F6:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2ykehmXXhoverS1razLaK2Cw9oM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:a2:3b:17:71:ec:c2:01:90:3a:0a:53:91:33:34:90:7a:0c:
96:15:fa:2c:a7:da:5d:eb:31:b4:2e:75:e3:0f:66:13:4e:14:
b7:69:f5:06:2f:db:d4:75:73:b3:ea:97:8c:f7:35:af:9f:aa:
a8:b2:7b:b1:56:b3:d6:ef:f7:c8:10:0c:6c:51:8f:66:1c:01:
1c:a2:d5:da:60:87:f1:49:c6:a0:e5:11:3c:9c:50:52:58:21:
cd:f0:57:4e:99:e2:1d:5a:6a:29:14:a9:07:0e:15:73:3e:6f:
34:b6:b7:94:76:77:87:2d:26:51:06:e9:bb:ee:38:78:a9:d8:
cf:71:ab:21:15:e0:3f:78:fe:fa:74:7a:1c:3d:60:88:c3:f9:
d7:f0:77:d9:70:59:28:35:a3:a5:fe:bf:fb:3f:cc:0a:4f:0b:
ce:f8:ca:52:33:2b:29:7a:f0:65:a2:69:ff:ff:c3:f7:36:59:
d4:de:46:15:b3:90:11:d8:cf:d5:dd:4a:2d:1f:b4:0f:c0:88:
a8:fe:c6:89:27:ec:f8:53:b6:84:ca:59:18:f6:98:24:cf:af:
42:6b:0e:26:cd:75:46:bf:3e:a9:82:ab:46:6a:fc:2f:de:7f:
65:f0:91:aa:a7:62:c3:7c:ae:ee:45:7b:a4:af:41:22:05:b9:
d2:fc:d1:bf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICf4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw
NzMzMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERCMjkxRTg2NjVENzg2
OEJERUFEMkQ2QjZCMzJEQTJCNjBCMEY2ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtidj2p1bzc9cLECPzRwJR0LT+JZ1HqUL1zzRaDbPXWufeeCHD
qFDpMbW6f62sS5c4MiJYpa/xVLqZNc6h9QGfWD51BlM2+OU3heOVvO2FwpsrLLFU
JmgKVyr5B30DeZot/2Mn+JrpQAZmHjdpc5jisPQrd7idOWurSuGBDw4c5nU1pCP/
rvg4hoUV2q3qZl/9+lvS1vFEJCSywHsb18b91hOlWRpnMQS9RRrzJEnad8kEKIGn
CnJukQ0HDi6CKxw6hTgOqeGXZbhyLK3rkKx7enDwwefbKG5yAIbVEM/nepXJQsVt
laRU92lxpokIU9jkoF1ixvwl5txkY0TqOGUhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2ykehmXXhoverS1razLaK2Cw9oMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJ5a2VobVhYaG92ZXJT
MXJhekxhSzJDdzlvTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr9igwDQYJKoZIhvcNAQELBQADggEBAD+iOxdx7MIBkDoKU5EzNJB6DJYV+iyn
2l3rMbQudeMPZhNOFLdp9QYv29R1c7Pql4z3Na+fqqiye7FWs9bv98gQDGxRj2Yc
ARyi1dpgh/FJxqDlETycUFJYIc3wV06Z4h1aaikUqQcOFXM+bzS2t5R2d4ctJlEG
6bvuOHip2M9xqyEV4D94/vp0ehw9YIjD+dfwd9lwWSg1o6X+v/s/zApPC874ylIz
Kyl68GWiaf//w/c2WdTeRhWzkBHYz9XdSi0ftA/AiKj+xokn7PhTtoTKWRj2mCTP
r0JrDibNdUa/PqmCq0Zq/C/ef2XwkaqnYsN8ru5Fe6SvQSIFudL80b8=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:36:20 2025 by rpki-client