Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/wupW9xO-Pb2A_PVTI4_crq-azI8.roa
File: wupW9xO-Pb2A_PVTI4_crq-azI8.roa (raw, json)
Hash identifier: 45Zw9LEWmqY3JM84M7tXuIv+GNiqcMJwYp3CyIhBECA=
Subject key identifier: C2:EA:56:F7:13:BE:3D:BD:80:FC:F5:53:23:8F:DC:AE:AF:9A:CC:8F
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 2357
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/wupW9xO-Pb2A_PVTI4_crq-azI8.roa
Signing time: Thu 26 Jun 2025 08:35:09 +0000
ROA not before: Thu 26 Jun 2025 08:35:09 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 209178
IP address blocks: 223.29.255.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9047 (0x2357)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Jun 26 08:35:09 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C2EA56F713BE3DBD80FCF553238FDCAEAF9ACC8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:2e:92:b5:ce:6f:ac:35:92:67:0a:a8:ec:
40:14:8a:a6:eb:73:ed:60:c6:98:91:27:54:d6:36:
1a:89:e5:26:37:26:0e:ba:eb:04:f6:f1:e9:92:db:
cc:71:4a:0e:d3:22:e5:42:c9:ef:6d:24:23:2b:1c:
92:9a:53:bf:8e:a4:97:c7:a1:31:bf:ba:bf:ac:c3:
02:05:e8:a2:af:e4:11:67:13:b8:7e:5f:f5:9d:08:
24:8a:6c:31:cc:29:aa:82:24:23:ed:72:36:65:79:
ca:b3:7b:28:fd:e0:01:b6:70:11:66:39:4f:81:ed:
10:ef:f2:78:94:ed:96:44:e9:56:1a:71:fd:e6:af:
2f:de:96:12:70:1e:39:ab:ce:90:8a:3d:32:eb:a3:
1a:0c:28:25:b2:d8:12:78:1f:6b:39:86:90:28:4f:
e1:23:4c:c0:71:9f:a6:e1:7a:c1:e1:f9:a4:e7:84:
e4:d7:dd:ce:86:82:c6:3d:52:aa:b6:cd:a7:6a:fb:
d8:c3:7c:46:b8:b0:03:18:bd:bd:8b:55:19:69:c8:
d1:bc:4c:f5:8e:46:1b:28:42:18:3d:ed:4b:3c:17:
8a:f3:9a:5c:a6:72:a2:51:e4:6a:1d:19:02:5b:5f:
5b:16:09:b6:f8:f8:56:08:db:da:ec:bf:00:17:24:
46:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:EA:56:F7:13:BE:3D:BD:80:FC:F5:53:23:8F:DC:AE:AF:9A:CC:8F
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/wupW9xO-Pb2A_PVTI4_crq-azI8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.255.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:53:81:d8:6f:ba:0e:73:7d:55:7e:a2:63:44:6e:17:b4:5e:
be:aa:94:15:e1:2a:5b:7f:70:2f:59:67:9f:f4:18:d2:b4:a9:
ae:14:d9:f2:59:df:c1:1f:3c:e3:94:05:5d:72:52:df:ab:fe:
3b:98:e1:6b:36:82:ba:73:8d:84:84:84:22:d0:f5:31:3e:ea:
fc:28:73:aa:89:00:00:2e:b3:d6:71:f7:71:eb:43:7a:05:af:
13:be:f6:fe:b2:81:c1:1e:bd:79:4d:12:be:0c:c9:1d:15:ed:
c8:65:bd:84:32:37:21:ed:36:83:6c:9c:bc:08:aa:13:e6:f1:
4d:22:44:ee:4a:21:30:2b:d5:b5:e4:dc:80:58:08:3a:1e:92:
74:e5:c9:43:6f:4f:89:4a:dd:81:97:7b:19:23:21:5b:9a:a6:
a7:2a:8c:f4:0e:a3:7b:51:b9:72:12:5c:6e:23:cb:29:e6:02:
c0:d9:2b:51:e9:9f:db:27:88:3e:5e:f8:98:b8:62:34:78:04:
5c:98:33:a3:ff:06:3b:3c:e4:96:b6:2e:57:25:90:90:15:12:
93:f9:43:a5:7a:dd:d5:53:e6:a1:dc:73:7e:71:de:ed:ca:5a:
1b:2c:61:f8:7d:52:95:b1:90:7e:27:d6:22:67:84:9f:70:b2:
07:41:ee:ae
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICI1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA2MjYw
ODM1MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEMyRUE1NkY3MTNCRTNE
QkQ4MEZDRjU1MzIzOEZEQ0FFQUY5QUNDOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCd4i6Stc5vrDWSZwqo7EAUiqbrc+1gxpiRJ1TWNhqJ5SY3Jg66
6wT28emS28xxSg7TIuVCye9tJCMrHJKaU7+OpJfHoTG/ur+swwIF6KKv5BFnE7h+
X/WdCCSKbDHMKaqCJCPtcjZlecqzeyj94AG2cBFmOU+B7RDv8niU7ZZE6VYacf3m
ry/elhJwHjmrzpCKPTLroxoMKCWy2BJ4H2s5hpAoT+EjTMBxn6bhesHh+aTnhOTX
3c6GgsY9Uqq2zadq+9jDfEa4sAMYvb2LVRlpyNG8TPWORhsoQhg97Us8F4rzmlym
cqJR5GodGQJbX1sWCbb4+FYI29rsvwAXJEalAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUwupW9xO+Pb2A/PVTI4/crq+azI8wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvd3VwVzl4Ty1QYjJB
X1BWVEk0X2NycS1hekk4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAN8d/zANBgkqhkiG9w0BAQsFAAOCAQEAzFOB2G+6DnN9VX6iY0RuF7RevqqU
FeEqW39wL1lnn/QY0rSprhTZ8lnfwR8845QFXXJS36v+O5jhazaCunONhISEItD1
MT7q/ChzqokAAC6z1nH3cetDegWvE772/rKBwR69eU0SvgzJHRXtyGW9hDI3Ie02
g2ycvAiqE+bxTSJE7kohMCvVteTcgFgIOh6SdOXJQ29PiUrdgZd7GSMhW5qmpyqM
9A6je1G5chJcbiPLKeYCwNkrUemf2yeIPl74mLhiNHgEXJgzo/8GOzzklrYuVyWQ
kBUSk/lDpXrd1VPmodxzfnHe7cpaGyxh+H1SlbGQfifWImeEn3CyB0Hurg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:22:20 2025 by rpki-client