Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/0miT1qb3sPNiM6EZTvVrHTe5sXk.roa
File: 0miT1qb3sPNiM6EZTvVrHTe5sXk.roa (raw, json)
Hash identifier: yyQaDYM0U26nrGrY9My6oAjBxf+bycNmeZJpp10aiqE=
Subject key identifier: D2:68:93:D6:A6:F7:B0:F3:62:33:A1:19:4E:F5:6B:1D:37:B9:B1:79
Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Certificate serial: 0821
Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/0miT1qb3sPNiM6EZTvVrHTe5sXk.roa
Signing time: Sat 13 Sep 2025 03:04:07 +0000
ROA not before: Sat 13 Sep 2025 03:04:07 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 63631
IP address blocks: 2407:8b80::/32 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2081 (0x821)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Validity
Not Before: Sep 13 03:04:07 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=D26893D6A6F7B0F36233A1194EF56B1D37B9B179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:66:b8:53:72:e0:95:25:03:7b:f4:8d:65:51:
25:56:60:83:36:c6:aa:78:cb:3f:4a:3a:0f:d4:4c:
1d:03:97:6f:a4:2d:98:31:4c:3f:06:c1:16:69:fe:
40:7a:76:63:0e:14:70:fd:36:d7:96:11:20:bf:39:
22:d4:47:49:14:73:f9:ba:1b:e0:8a:d8:e5:44:3c:
a6:48:18:57:14:ef:57:78:08:1c:83:79:8d:63:06:
eb:4c:68:68:34:39:9a:db:bd:a0:d4:ce:b6:72:27:
78:56:d2:18:bd:e3:6e:09:eb:98:4b:1a:4d:7b:2f:
4b:e2:b8:75:e0:53:47:d4:44:71:2c:98:a2:e8:7a:
32:18:72:b0:58:02:31:c2:4f:53:85:9d:ba:1b:d8:
e9:6b:a2:0b:39:96:df:cf:c0:4f:9e:9f:79:e3:fe:
27:e3:54:38:bd:bd:1c:05:f2:35:d4:0b:90:99:6b:
44:8c:26:d7:ab:39:aa:78:16:a8:5a:df:a5:01:49:
a9:11:60:62:f2:81:79:a6:f5:fc:ee:83:fc:17:e7:
cb:fd:b9:0c:51:da:fe:3d:0f:9e:75:9d:bb:7a:fd:
c3:79:9c:b6:fb:14:c7:bf:5c:da:b7:9b:4a:d0:f4:
61:f5:14:ea:0a:e6:49:c6:e8:97:b6:4e:5f:f7:81:
d8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:68:93:D6:A6:F7:B0:F3:62:33:A1:19:4E:F5:6B:1D:37:B9:B1:79
X509v3 Authority Key Identifier:
keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/0miT1qb3sPNiM6EZTvVrHTe5sXk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:8b80::/32
Signature Algorithm: sha256WithRSAEncryption
9d:04:a9:19:46:f3:6d:31:57:61:3b:d8:71:44:80:51:b6:62:
5c:db:3d:3c:f9:75:02:e5:3f:10:f0:79:b1:2c:dc:51:f8:05:
f3:20:e4:48:08:fc:1f:d7:e2:26:02:06:79:ff:61:7f:01:1f:
c7:dc:d8:dd:06:24:6d:94:50:c5:f4:a5:91:fc:0e:2b:bb:0a:
66:a1:7d:37:35:94:14:c2:a3:aa:dd:8d:e3:3b:55:36:6a:1b:
73:fe:54:e5:25:9b:3f:62:ec:7e:03:0d:ff:45:10:c1:08:ee:
67:d1:f2:f3:d8:43:3c:3c:fb:20:d0:47:d4:13:a5:cb:7d:e2:
2b:d2:91:0a:33:aa:65:93:b0:0a:8b:02:a4:fe:8f:c7:a6:b8:
66:7a:34:20:da:56:f8:a0:13:25:0c:b3:d6:59:68:97:5c:cc:
32:85:b3:99:fc:d7:cb:37:d3:35:4b:a3:79:8b:33:83:b9:cc:
3f:45:b3:1d:4b:7f:5b:cb:3b:86:3a:8a:d8:37:51:ae:05:b8:
f3:1e:37:fc:b2:2d:6b:39:64:ca:5d:9a:06:bc:e0:f4:bb:19:
6b:06:d0:30:0a:ed:af:91:14:12:ec:9a:b7:8e:00:64:68:ae:
3e:3b:f5:81:37:6e:8e:f6:25:73:8f:6a:bc:2e:37:dc:70:ca:
52:c3:0e:f4
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCCEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw
MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNTA5MTMw
MzA0MDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQyNjg5M0Q2QTZGN0Iw
RjM2MjMzQTExOTRFRjU2QjFEMzdCOUIxNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOZrhTcuCVJQN79I1lUSVWYIM2xqp4yz9KOg/UTB0Dl2+kLZgx
TD8GwRZp/kB6dmMOFHD9NteWESC/OSLUR0kUc/m6G+CK2OVEPKZIGFcU71d4CByD
eY1jButMaGg0OZrbvaDUzrZyJ3hW0hi9424J65hLGk17L0viuHXgU0fURHEsmKLo
ejIYcrBYAjHCT1OFnbob2Olrogs5lt/PwE+en3nj/ifjVDi9vRwF8jXUC5CZa0SM
JterOap4Fqha36UBSakRYGLygXmm9fzug/wX58v9uQxR2v49D551nbt6/cN5nLb7
FMe/XNq3m0rQ9GH1FOoK5knG6Je2Tl/3gdiNAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU0miT1qb3sPNiM6EZTvVrHTe5sXkwHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb
e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1
NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvMG1pVDFxYjNzUE5p
TTZFWlR2VnJIVGU1c1hrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHi4AwDQYJKoZIhvcNAQELBQADggEBAJ0EqRlG820xV2E72HFEgFG2Ylzb
PTz5dQLlPxDwebEs3FH4BfMg5EgI/B/X4iYCBnn/YX8BH8fc2N0GJG2UUMX0pZH8
Diu7CmahfTc1lBTCo6rdjeM7VTZqG3P+VOUlmz9i7H4DDf9FEMEI7mfR8vPYQzw8
+yDQR9QTpct94ivSkQozqmWTsAqLAqT+j8emuGZ6NCDaVvigEyUMs9ZZaJdczDKF
s5n818s30zVLo3mLM4O5zD9Fsx1Lf1vLO4Y6itg3Ua4FuPMeN/yyLWs5ZMpdmga8
4PS7GWsG0DAK7a+RFBLsmreOAGRorj479YE3bo72JXOParwuN9xwylLDDvQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:28:27 2025 by rpki-client