Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/QczQcldBEd_FfhrI9G92xmSHmfQ.roa
File: QczQcldBEd_FfhrI9G92xmSHmfQ.roa (raw, json)
Hash identifier: xS0T1tZgSvnsgieZCXSfQcX9eggSY5l8Yu1Wx/KjtLk=
Subject key identifier: 41:CC:D0:72:57:41:11:DF:C5:7E:1A:C8:F4:6F:76:C6:64:87:99:F4
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 14CA
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/QczQcldBEd_FfhrI9G92xmSHmfQ.roa
Signing time: Thu 11 Sep 2025 06:14:26 +0000
ROA not before: Thu 11 Sep 2025 06:14:26 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 23853
IP address blocks: 2404:7600:140::/42 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5322 (0x14ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: Sep 11 06:14:26 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=41CCD072574111DFC57E1AC8F46F76C6648799F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ea:3d:d1:78:2c:63:a3:d8:45:4d:00:2b:2b:
33:be:4c:49:69:bb:3f:3d:be:5a:ba:84:d9:d6:f5:
cc:0c:c0:e6:0a:64:ec:76:33:21:ef:b9:04:fd:6b:
32:83:5a:81:52:0b:5b:8d:07:2e:70:2c:0d:cd:40:
5f:b8:5d:48:ff:ae:d4:21:b1:2a:fb:f1:81:68:e9:
f2:3d:bf:b4:99:36:db:b2:86:06:f4:51:0b:72:f4:
87:fe:79:91:ff:db:79:b7:fd:45:09:f2:a5:33:10:
ea:57:43:a8:d9:5f:48:c4:49:7f:d5:16:93:b4:82:
0c:99:ee:0a:89:aa:52:3f:47:e5:ec:38:a8:7a:05:
5c:88:b1:79:bb:99:5b:6a:56:6c:65:4b:0e:be:5b:
b4:f9:49:49:0a:5c:00:a4:c9:33:d8:d1:a3:24:23:
a0:87:37:4d:d5:1f:38:00:bb:4b:88:39:a4:88:5f:
05:18:0b:35:9f:e2:2d:78:6c:bd:52:30:0f:a5:72:
81:72:e8:fa:dc:78:22:4e:5c:00:aa:b8:e8:5d:65:
60:b7:f6:ec:a9:7f:77:c6:b5:8a:96:dc:23:95:e6:
dd:b6:5e:bf:ef:1a:fb:9e:c6:81:26:67:4a:d1:75:
52:19:1f:f5:6a:24:8c:8b:af:8f:a9:91:04:36:6b:
61:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:D0:72:57:41:11:DF:C5:7E:1A:C8:F4:6F:76:C6:64:87:99:F4
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/QczQcldBEd_FfhrI9G92xmSHmfQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:7600:140::/42
Signature Algorithm: sha256WithRSAEncryption
e7:5d:19:fd:bc:99:4a:1e:1f:49:a1:29:de:9f:eb:b8:98:f9:
60:98:2c:6a:8b:6e:d7:da:65:3f:f6:6a:8a:54:3f:e1:27:fa:
77:9a:21:dc:4a:97:2d:0c:b1:1f:f5:84:f0:33:96:80:df:57:
a1:3d:b8:db:fb:ca:4b:d8:d6:1a:c0:42:ee:61:54:14:c2:37:
12:c1:09:d1:d2:af:22:44:b7:73:62:2b:65:ae:a6:49:df:bb:
b7:e2:c4:fd:59:81:c5:8a:88:21:48:98:a7:c7:65:85:b3:dc:
d4:5b:46:a2:4e:40:53:72:5f:97:cd:c4:11:b3:c6:b3:6a:28:
5a:84:07:b5:3b:71:ab:e8:d8:32:6b:b9:d8:74:d2:2e:86:95:
7e:07:f7:13:63:7a:73:50:59:c6:d5:17:98:5e:d3:31:ef:cc:
f0:d2:42:40:c8:4b:34:23:75:5e:ef:22:93:e1:4f:5c:a3:9a:
ae:6a:12:56:5d:6c:31:4c:5c:4b:ab:97:ac:49:be:01:df:f1:
57:d6:6f:ac:98:15:fa:f6:98:05:67:74:7e:d5:8a:21:ab:1a:
c3:bd:f3:65:bc:91:1e:d4:96:f8:11:b5:2f:ef:d0:58:b3:ff:
4b:44:1c:e4:c7:a8:d2:bf:67:dd:92:d1:b2:d3:27:d1:64:fc:
3d:73:59:94
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICFMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA5MTEw
NjE0MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQxQ0NEMDcyNTc0MTEx
REZDNTdFMUFDOEY0NkY3NkM2NjQ4Nzk5RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU6j3ReCxjo9hFTQArKzO+TElpuz89vlq6hNnW9cwMwOYKZOx2
MyHvuQT9azKDWoFSC1uNBy5wLA3NQF+4XUj/rtQhsSr78YFo6fI9v7SZNtuyhgb0
UQty9If+eZH/23m3/UUJ8qUzEOpXQ6jZX0jESX/VFpO0ggyZ7gqJqlI/R+XsOKh6
BVyIsXm7mVtqVmxlSw6+W7T5SUkKXACkyTPY0aMkI6CHN03VHzgAu0uIOaSIXwUY
CzWf4i14bL1SMA+lcoFy6PrceCJOXACquOhdZWC39uypf3fGtYqW3COV5t22Xr/v
GvuexoEmZ0rRdVIZH/VqJIyLr4+pkQQ2a2ENAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUQczQcldBEd/FfhrI9G92xmSHmfQwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9RY3pRY2xkQkVkX0ZmaHJJ
OUc5MnhtU0htZlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcG
JAR2AAFAMA0GCSqGSIb3DQEBCwUAA4IBAQDnXRn9vJlKHh9JoSnen+u4mPlgmCxq
i27X2mU/9mqKVD/hJ/p3miHcSpctDLEf9YTwM5aA31ehPbjb+8pL2NYawELuYVQU
wjcSwQnR0q8iRLdzYitlrqZJ37u34sT9WYHFioghSJinx2WFs9zUW0aiTkBTcl+X
zcQRs8azaihahAe1O3Gr6Ngya7nYdNIuhpV+B/cTY3pzUFnG1ReYXtMx78zw0kJA
yEs0I3Ve7yKT4U9co5quahJWXWwxTFxLq5esSb4B3/FX1m+smBX69pgFZ3R+1Yoh
qxrDvfNlvJEe1Jb4EbUv79BYs/9LRBzkx6jSv2fdktGy0yfRZPw9c1mU
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:27:21 2025 by rpki-client