Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/oWjD7I0z1dZ3UJU7S-6I--8tTgY.roa
File: oWjD7I0z1dZ3UJU7S-6I--8tTgY.roa (raw, json)
Hash identifier: vGobKdGlGJ9GjAuct8VAxyNndXF7YPersgT4QWfeyDs=
Subject key identifier: A1:68:C3:EC:8D:33:D5:D6:77:50:95:3B:4B:EE:88:FB:EF:2D:4E:06
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 14D2
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/oWjD7I0z1dZ3UJU7S-6I--8tTgY.roa
Signing time: Thu 11 Sep 2025 06:15:51 +0000
ROA not before: Thu 11 Sep 2025 06:15:51 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 23853
IP address blocks: 2404:7600:400::/38 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5330 (0x14d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: Sep 11 06:15:51 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=A168C3EC8D33D5D67750953B4BEE88FBEF2D4E06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:08:3c:7e:b1:51:aa:87:ba:06:2d:f8:6f:52:
43:30:e8:34:b1:9f:d4:79:9e:c5:09:ff:3e:c7:85:
12:4f:e4:17:29:6a:fc:54:8c:3e:54:97:a8:94:73:
93:8b:2b:78:92:3c:a5:35:97:ca:43:e4:e8:38:70:
5e:88:6d:4f:05:4f:1d:6b:60:0d:41:60:c1:19:5e:
50:89:b8:c7:37:7c:af:f3:6a:1a:7d:8e:e8:aa:3b:
8a:74:4b:1e:0c:7b:05:f7:eb:53:b3:47:5c:74:29:
0a:bf:28:57:9b:dd:de:e5:22:c7:42:32:16:f6:24:
cf:07:0d:3d:bd:5a:33:3d:5d:44:6a:78:76:02:a3:
44:c8:6f:a5:bd:7d:ec:f8:bf:c0:e0:55:02:51:99:
ee:49:2c:08:61:a2:28:ad:3f:2c:19:5b:d6:bb:88:
c0:f0:5f:7d:82:e4:82:d9:14:43:4a:7d:16:f9:e3:
0b:d2:57:ea:cc:bc:04:44:64:87:95:f8:20:00:04:
88:2e:1b:60:19:f4:a2:f4:cc:6f:3c:d7:e4:34:cc:
df:03:3a:4a:42:69:c4:4f:8d:d8:f0:8d:b3:70:31:
d1:3f:79:22:d0:c0:81:fe:f4:8c:09:aa:31:cb:b3:
1e:ad:5b:91:43:e3:fd:8e:00:31:23:fa:d7:70:3e:
78:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:68:C3:EC:8D:33:D5:D6:77:50:95:3B:4B:EE:88:FB:EF:2D:4E:06
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/oWjD7I0z1dZ3UJU7S-6I--8tTgY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:7600:400::/38
Signature Algorithm: sha256WithRSAEncryption
7d:e8:d5:a5:ff:f3:2f:be:d3:fd:6a:b0:b9:f4:14:eb:52:66:
d0:7f:25:ed:79:5f:cf:b7:c0:58:42:83:0a:41:e8:e9:7f:2d:
8a:85:27:52:7a:4b:c6:84:91:39:e5:a8:b2:e7:c5:ca:88:a2:
93:ab:ad:1c:d7:5b:70:23:5f:93:1e:2c:fb:7b:3c:1e:35:6a:
86:82:a7:de:40:80:c1:a6:1b:de:9f:04:15:8f:77:cd:a8:e9:
e7:f7:63:ca:1b:04:c7:ef:99:60:fa:7d:dd:92:8d:7f:c8:3f:
f5:77:e4:0e:ad:9c:59:36:ef:88:b8:87:c7:2e:7e:83:2b:d6:
23:ff:ba:b0:2c:90:d1:4c:f9:9f:bc:58:3e:a0:f6:42:36:8d:
40:43:d1:0f:d3:ec:9f:7f:77:ae:37:d8:9a:f7:6a:1e:c1:d9:
a1:78:08:07:3a:93:8e:44:c3:2f:4c:02:17:0e:80:8e:c9:a9:
c8:99:2e:35:ba:36:cc:60:b5:81:8e:ad:05:a4:27:10:d0:35:
ac:84:32:be:55:ba:45:2a:b1:f2:f7:fb:99:e4:ef:2a:2b:83:
cf:f3:84:03:a1:ab:68:6d:9c:45:6a:e8:05:c3:7c:16:74:1b:
a4:c9:fc:ad:71:0c:af:fa:3c:47:9c:54:f0:f7:d5:24:aa:56:
46:e1:6a:c5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA5MTEw
NjE1NTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEExNjhDM0VDOEQzM0Q1
RDY3NzUwOTUzQjRCRUU4OEZCRUYyRDRFMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPCDx+sVGqh7oGLfhvUkMw6DSxn9R5nsUJ/z7HhRJP5BcpavxU
jD5Ul6iUc5OLK3iSPKU1l8pD5Og4cF6IbU8FTx1rYA1BYMEZXlCJuMc3fK/zahp9
juiqO4p0Sx4MewX361OzR1x0KQq/KFeb3d7lIsdCMhb2JM8HDT29WjM9XURqeHYC
o0TIb6W9fez4v8DgVQJRme5JLAhhoiitPywZW9a7iMDwX32C5ILZFENKfRb54wvS
V+rMvAREZIeV+CAABIguG2AZ9KL0zG881+Q0zN8DOkpCacRPjdjwjbNwMdE/eSLQ
wIH+9IwJqjHLsx6tW5FD4/2OADEj+tdwPnivAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUoWjD7I0z1dZ3UJU7S+6I++8tTgYwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9vV2pEN0kwejFkWjNVSlU3
Uy02SS0tOHRUZ1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYC
JAR2AAQwDQYJKoZIhvcNAQELBQADggEBAH3o1aX/8y++0/1qsLn0FOtSZtB/Je15
X8+3wFhCgwpB6Ol/LYqFJ1J6S8aEkTnlqLLnxcqIopOrrRzXW3AjX5MeLPt7PB41
aoaCp95AgMGmG96fBBWPd82o6ef3Y8obBMfvmWD6fd2SjX/IP/V35A6tnFk274i4
h8cufoMr1iP/urAskNFM+Z+8WD6g9kI2jUBD0Q/T7J9/d6432Jr3ah7B2aF4CAc6
k45Ewy9MAhcOgI7JqciZLjW6NsxgtYGOrQWkJxDQNayEMr5VukUqsfL3+5nk7yor
g8/zhAOhq2htnEVq6AXDfBZ0G6TJ/K1xDK/6PEecVPD31SSqVkbhasU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:27:18 2025 by rpki-client