Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa
File: PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa (raw, json)
Hash identifier: YlAqRtqgz/lKJVW7b5oEyG5BKb/aoiQfFjkfEr9CjQk=
Subject key identifier: 3E:88:80:DA:3D:36:1F:2F:8E:F6:44:6D:A3:C9:0E:3E:E1:5F:D8:F4
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 1345
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa
Signing time: Wed 25 Jun 2025 06:18:28 +0000
ROA not before: Wed 25 Jun 2025 06:18:28 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 62387
IP address blocks: 119.59.252.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4933 (0x1345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jun 25 06:18:28 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3E8880DA3D361F2F8EF6446DA3C90E3EE15FD8F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d4:7e:0c:a6:8d:1e:1c:67:23:e4:ed:2d:de:
cd:a4:8a:0a:9b:56:fa:33:84:82:34:ab:68:ac:4b:
c8:64:f8:1e:ed:47:aa:3b:bd:b9:64:dc:89:65:34:
40:5a:98:aa:28:fd:49:9b:ea:59:2a:5a:43:83:15:
ae:8a:10:86:0b:a8:b6:2f:bb:41:f3:5f:c1:f9:73:
e2:d2:0a:00:7f:7f:61:9e:61:80:e4:00:ce:be:31:
f5:98:77:5f:29:86:cc:79:bb:76:36:ea:f2:80:b2:
5c:2e:74:e5:bd:8e:15:12:01:b8:e8:13:9e:ee:05:
e2:6a:4c:66:a0:c8:2a:07:5c:e5:8d:c9:aa:c8:d9:
ae:ea:2e:8b:da:11:f9:6c:43:88:4d:c8:ef:a9:09:
22:29:69:16:3d:7b:c2:14:98:2c:ce:e5:ac:b6:68:
fc:60:94:f6:1e:dc:99:df:cd:d5:3c:93:ac:d8:57:
87:0e:f8:29:75:66:70:00:22:91:ab:e8:a7:12:8e:
fb:b8:c7:9e:43:7c:b8:5b:68:67:d5:60:32:b4:55:
ec:56:b0:4e:50:d3:d0:7f:5e:82:53:41:d5:10:cc:
b1:c1:0d:a1:be:4e:7d:6a:96:58:24:14:1b:6a:b0:
31:14:29:e8:ab:26:14:63:f9:38:03:53:86:b7:37:
5a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:88:80:DA:3D:36:1F:2F:8E:F6:44:6D:A3:C9:0E:3E:E1:5F:D8:F4
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.252.0/22
Signature Algorithm: sha256WithRSAEncryption
05:36:9f:97:30:e6:02:91:db:da:d6:29:99:a1:d7:3f:6e:95:
d6:a7:4a:cc:cd:55:28:5a:31:8d:03:94:de:e7:47:b2:99:01:
11:dc:c6:bd:56:c4:96:30:46:41:44:c0:e2:7c:65:8f:81:87:
b0:35:02:58:04:c8:9d:31:67:2d:e4:11:02:b8:06:6f:77:83:
4b:21:59:41:7f:b6:3b:78:e0:96:fd:18:42:43:2c:95:af:4e:
53:e1:26:43:f3:56:7c:41:1f:08:ce:ae:f5:d4:df:db:21:e3:
11:09:0f:ba:36:3d:fb:8f:c9:ac:64:1a:dd:16:a9:2c:e3:e9:
83:b7:0d:b6:c3:ec:cf:20:02:d5:bd:a0:96:9f:ec:e3:de:31:
cb:79:57:66:74:b9:54:c2:8b:7e:bc:ad:d9:4f:75:5b:40:47:
d7:a8:61:46:40:0f:87:94:3d:64:71:7e:85:70:f8:ce:3e:b0:
71:cb:45:4c:45:96:60:e1:76:ea:8f:10:e2:36:06:6a:c5:4d:
8d:23:a5:d7:08:9a:b0:5b:7f:09:46:8c:2e:da:f7:19:62:46:
43:67:79:02:69:32:15:5e:d3:2c:97:67:43:32:6e:21:99:91:
83:aa:07:35:51:a6:1c:94:97:08:44:1d:79:82:bf:7d:b6:d9:
99:72:8c:bb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICE0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA2MjUw
NjE4MjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDNFODg4MERBM0QzNjFG
MkY4RUY2NDQ2REEzQzkwRTNFRTE1RkQ4RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC81H4Mpo0eHGcj5O0t3s2kigqbVvozhII0q2isS8hk+B7tR6o7
vblk3IllNEBamKoo/Umb6lkqWkODFa6KEIYLqLYvu0HzX8H5c+LSCgB/f2GeYYDk
AM6+MfWYd18phsx5u3Y26vKAslwudOW9jhUSAbjoE57uBeJqTGagyCoHXOWNyarI
2a7qLovaEflsQ4hNyO+pCSIpaRY9e8IUmCzO5ay2aPxglPYe3JnfzdU8k6zYV4cO
+Cl1ZnAAIpGr6KcSjvu4x55DfLhbaGfVYDK0VexWsE5Q09B/XoJTQdUQzLHBDaG+
Tn1qllgkFBtqsDEUKeirJhRj+TgDU4a3N1phAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUPoiA2j02Hy+O9kRto8kOPuFf2PQwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1BvaUEyajAySHktTzlr
UnRvOGtPUHVGZjJQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ3O/wwDQYJKoZIhvcNAQELBQADggEBAAU2n5cw5gKR29rWKZmh1z9uldanSszN
VShaMY0DlN7nR7KZARHcxr1WxJYwRkFEwOJ8ZY+Bh7A1AlgEyJ0xZy3kEQK4Bm93
g0shWUF/tjt44Jb9GEJDLJWvTlPhJkPzVnxBHwjOrvXU39sh4xEJD7o2PfuPyaxk
Gt0WqSzj6YO3DbbD7M8gAtW9oJaf7OPeMct5V2Z0uVTCi368rdlPdVtAR9eoYUZA
D4eUPWRxfoVw+M4+sHHLRUxFlmDhduqPEOI2BmrFTY0jpdcImrBbfwlGjC7a9xli
RkNneQJpMhVe0yyXZ0MybiGZkYOqBzVRphyUlwhEHXmCv3222ZlyjLs=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:59:03 2025 by rpki-client