Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/wyyqcUgR0LW5P_sNpH7jNfIyFZ4.roa
File: wyyqcUgR0LW5P_sNpH7jNfIyFZ4.roa (raw, json)
Hash identifier: OAz3ozWKHsuECXjioaMko7tiXdvS4VoHusuQi5R3sFI=
Subject key identifier: C3:2C:AA:71:48:11:D0:B5:B9:3F:FB:0D:A4:7E:E3:35:F2:32:15:9E
Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Certificate serial: 0825
Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/wyyqcUgR0LW5P_sNpH7jNfIyFZ4.roa
Signing time: Sat 13 Sep 2025 03:04:08 +0000
ROA not before: Sat 13 Sep 2025 03:04:08 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 63631
IP address blocks: 119.161.144.0/21 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2085 (0x825)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Validity
Not Before: Sep 13 03:04:08 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=C32CAA714811D0B5B93FFB0DA47EE335F232159E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:aa:18:e2:c0:35:31:66:cb:d5:8b:ff:d5:f2:
14:a3:5a:75:a2:02:2f:39:46:b1:85:f6:40:3e:f9:
8a:24:23:63:fd:d3:86:7b:68:5b:5a:95:f5:20:02:
d6:9c:0c:21:91:1c:26:08:9d:26:ee:76:24:dc:3d:
84:3b:51:52:30:59:1c:33:13:80:38:6b:94:ff:5c:
9f:17:6d:1b:ae:ab:1f:9a:2a:55:08:2f:f1:91:40:
1e:66:4d:51:82:4c:ab:68:59:b5:40:e4:b7:66:fb:
28:19:ed:56:a2:fc:b1:25:9f:ea:27:29:61:5b:8a:
e3:e4:29:17:ef:5d:15:92:71:79:73:97:41:b7:08:
ab:e5:38:36:79:fe:df:0a:fb:eb:20:fa:bf:d2:aa:
eb:ca:0f:3c:d3:e0:fa:08:8e:ba:12:51:d2:fd:ff:
b0:7c:01:a2:2a:fc:67:7f:3a:ea:fe:75:28:d9:65:
19:95:eb:61:9b:0c:61:e3:a9:78:e3:b9:19:08:e5:
5d:93:e3:0a:6e:f0:c3:b7:d9:7c:15:0f:b6:94:de:
6a:f6:01:28:bd:e3:e7:f4:84:5d:5e:8b:d0:49:4e:
0f:97:7c:47:ec:dc:73:6c:45:b7:aa:5d:69:83:73:
c2:8a:a6:29:21:48:e2:26:3c:d8:b7:24:56:89:91:
be:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2C:AA:71:48:11:D0:B5:B9:3F:FB:0D:A4:7E:E3:35:F2:32:15:9E
X509v3 Authority Key Identifier:
keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/wyyqcUgR0LW5P_sNpH7jNfIyFZ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.161.144.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:89:cf:1f:37:de:74:39:20:4e:7b:61:b1:50:16:4b:0b:81:
00:b5:a7:74:f5:c3:12:3c:8b:5d:3a:9a:79:3d:9e:29:a2:15:
d0:fc:84:7b:a0:df:51:dd:03:51:61:17:8a:8e:33:e6:fa:43:
4b:96:e4:33:e6:bb:fe:fe:61:4b:80:9f:4a:37:d1:b7:0a:70:
0a:09:9e:0c:dc:a3:92:2e:8e:21:d9:27:cc:3d:e5:f5:9a:6e:
39:cc:50:03:ec:32:6f:3b:00:18:87:c3:e0:e9:f4:1e:45:6e:
5d:81:e8:86:04:df:07:e6:00:18:c8:05:ea:cf:61:bf:41:0f:
63:cc:5d:eb:71:06:da:33:52:70:7c:4b:53:01:bb:dd:93:8f:
7f:f6:a8:1c:ea:5a:79:b7:66:e4:03:39:14:23:72:0a:c3:2f:
8e:72:f3:b0:c4:93:41:14:61:33:30:e7:26:bf:45:7d:8a:5e:
5c:3b:93:36:72:1c:10:b1:41:4e:b1:f0:a8:35:ae:ff:3d:01:
79:1e:52:ec:18:6b:ab:b7:42:02:48:4f:aa:1f:17:bc:f7:a0:
3c:2e:29:ad:06:cd:5f:7b:aa:31:0a:fc:75:47:cc:4f:6b:62:
83:20:ab:a9:9e:68:3c:bc:4f:c2:6f:bc:40:04:1a:8a:fb:b6:
1c:18:52:3c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw
MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNTA5MTMw
MzA0MDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMzMkNBQTcxNDgxMUQw
QjVCOTNGRkIwREE0N0VFMzM1RjIzMjE1OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChqhjiwDUxZsvVi//V8hSjWnWiAi85RrGF9kA++YokI2P904Z7
aFtalfUgAtacDCGRHCYInSbudiTcPYQ7UVIwWRwzE4A4a5T/XJ8XbRuuqx+aKlUI
L/GRQB5mTVGCTKtoWbVA5Ldm+ygZ7Vai/LEln+onKWFbiuPkKRfvXRWScXlzl0G3
CKvlODZ5/t8K++sg+r/SquvKDzzT4PoIjroSUdL9/7B8AaIq/Gd/Our+dSjZZRmV
62GbDGHjqXjjuRkI5V2T4wpu8MO32XwVD7aU3mr2ASi94+f0hF1ei9BJTg+XfEfs
3HNsRbeqXWmDc8KKpikhSOImPNi3JFaJkb5vAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUwyyqcUgR0LW5P/sNpH7jNfIyFZ4wHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb
e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1
NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvd3l5cWNVZ1IwTFc1
UF9zTnBIN2pOZkl5Rlo0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA3ehkDANBgkqhkiG9w0BAQsFAAOCAQEADInPHzfedDkgTnthsVAWSwuBALWn
dPXDEjyLXTqaeT2eKaIV0PyEe6DfUd0DUWEXio4z5vpDS5bkM+a7/v5hS4CfSjfR
twpwCgmeDNyjki6OIdknzD3l9ZpuOcxQA+wybzsAGIfD4On0HkVuXYHohgTfB+YA
GMgF6s9hv0EPY8xd63EG2jNScHxLUwG73ZOPf/aoHOpaebdm5AM5FCNyCsMvjnLz
sMSTQRRhMzDnJr9FfYpeXDuTNnIcELFBTrHwqDWu/z0BeR5S7Bhrq7dCAkhPqh8X
vPegPC4prQbNX3uqMQr8dUfMT2tigyCrqZ5oPLxPwm+8QAQaivu2HBhSPA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:28:22 2025 by rpki-client