Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/oRHZ4yI9mT0o082-nF0DEBCbztg.roa
File: oRHZ4yI9mT0o082-nF0DEBCbztg.roa (raw, json)
Hash identifier: 6wbbI436N4Vmi2wEflVNpTLGeHSaQhfiKZvOBSeuZM0=
Subject key identifier: A1:11:D9:E3:22:3D:99:3D:28:D3:CD:BE:9C:5D:03:10:10:9B:CE:D8
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0BE6
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/oRHZ4yI9mT0o082-nF0DEBCbztg.roa
Signing time: Tue 13 May 2025 06:54:12 +0000
ROA not before: Tue 13 May 2025 06:54:12 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.241.51.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3046 (0xbe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: May 13 06:54:12 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=A111D9E3223D993D28D3CDBE9C5D0310109BCED8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:58:87:23:0f:5a:4e:cd:9c:8d:0f:b1:ca:e2:
c7:f0:17:b6:bb:a9:a6:b8:c3:91:ed:44:2e:31:b3:
dd:6a:5b:c5:0e:bf:e2:b5:02:03:e7:3f:3b:fb:2d:
2e:5d:ee:94:4b:85:56:b8:05:12:4a:da:4d:96:06:
f9:7f:ee:9f:f3:82:72:32:2f:60:b9:67:a9:fe:33:
98:e5:ab:f8:de:d4:1e:18:52:89:ee:65:5d:22:c3:
c4:31:3f:8b:51:06:78:24:3e:c6:e5:dd:de:7a:c1:
e6:6b:03:58:6d:9d:4c:0a:8c:c0:8c:9c:74:25:92:
77:0c:a4:0a:ea:a9:b6:75:fa:e2:d2:c6:ad:44:49:
fa:1a:30:5b:3e:e4:b9:f3:f3:ca:bb:97:da:61:ff:
24:89:71:4c:78:63:5c:fd:35:3b:5f:aa:db:e5:3b:
51:bd:99:44:56:cf:aa:e4:26:f6:83:c0:fd:17:43:
db:76:89:67:92:91:55:09:04:2d:85:d2:7d:d7:72:
1e:7d:c1:79:ee:a7:ef:b6:a2:9a:66:21:8c:7b:43:
e5:15:d9:65:12:28:73:ed:e9:8c:0b:b6:92:e4:6a:
92:d5:99:1f:e0:a1:43:1f:05:28:d4:9c:97:e3:0b:
9c:a8:2d:5c:78:e4:e6:56:be:6c:4b:27:e6:88:22:
27:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:11:D9:E3:22:3D:99:3D:28:D3:CD:BE:9C:5D:03:10:10:9B:CE:D8
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/oRHZ4yI9mT0o082-nF0DEBCbztg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.51.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ab:11:bf:b8:40:b0:c2:ab:d0:db:84:d1:c8:8d:a1:85:47:
9d:e9:da:5f:7e:65:8d:bb:86:a5:ac:f2:e1:2e:05:17:ca:ed:
d8:f2:da:bb:83:b7:46:08:a7:47:a1:93:6f:c4:57:dd:3c:ae:
d0:8a:59:e6:36:6d:ab:e7:a1:a1:10:8f:e5:63:e2:ba:46:0c:
91:fd:ea:86:4f:15:72:4b:91:9a:19:a6:2c:80:ad:b7:03:6d:
23:13:8a:56:a8:f8:89:cd:5f:49:fc:4a:4a:76:75:47:90:32:
79:79:c8:0d:b3:4e:9c:eb:bc:eb:18:aa:a0:6b:5a:7c:21:66:
63:3f:7f:bd:82:d6:ce:01:b4:2c:5b:3a:94:83:20:75:31:1e:
34:2f:15:2f:fb:23:a3:ec:0e:e1:6c:19:61:c2:51:31:6a:e8:
f6:e0:8e:f8:2b:31:98:6b:68:7a:22:42:9a:36:92:66:ac:fb:
30:51:10:cf:48:e1:db:55:cd:d7:9e:c1:c7:bc:43:92:fa:be:
56:12:12:1c:50:8f:93:09:ce:c8:72:a3:7e:06:3d:6f:c5:95:
00:df:1e:36:8f:0d:e6:89:6c:59:16:89:ba:4e:9d:bb:86:28:
4c:7e:d3:f7:58:e3:aa:e3:4f:e2:f3:ec:bc:e2:95:d0:63:00:
53:15:62:3c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICC+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA1MTMw
NjU0MTJaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKEExMTFEOUUzMjIzRDk5
M0QyOEQzQ0RCRTlDNUQwMzEwMTA5QkNFRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEWIcjD1pOzZyND7HK4sfwF7a7qaa4w5HtRC4xs91qW8UOv+K1
AgPnPzv7LS5d7pRLhVa4BRJK2k2WBvl/7p/zgnIyL2C5Z6n+M5jlq/je1B4YUonu
ZV0iw8QxP4tRBngkPsbl3d56weZrA1htnUwKjMCMnHQlkncMpArqqbZ1+uLSxq1E
SfoaMFs+5Lnz88q7l9ph/ySJcUx4Y1z9NTtfqtvlO1G9mURWz6rkJvaDwP0XQ9t2
iWeSkVUJBC2F0n3Xch59wXnup++2oppmIYx7Q+UV2WUSKHPt6YwLtpLkapLVmR/g
oUMfBSjUnJfjC5yoLVx45OZWvmxLJ+aIIidLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUoRHZ4yI9mT0o082+nF0DEBCbztgwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL29SSFo0eUk5bVQwbzA4
Mi1uRjBERUJDYnp0Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr8TMwDQYJKoZIhvcNAQELBQADggEBAIirEb+4QLDCq9DbhNHIjaGFR53p2l9+
ZY27hqWs8uEuBRfK7djy2ruDt0YIp0ehk2/EV908rtCKWeY2bavnoaEQj+Vj4rpG
DJH96oZPFXJLkZoZpiyArbcDbSMTilao+InNX0n8Skp2dUeQMnl5yA2zTpzrvOsY
qqBrWnwhZmM/f72C1s4BtCxbOpSDIHUxHjQvFS/7I6PsDuFsGWHCUTFq6Pbgjvgr
MZhraHoiQpo2kmas+zBREM9I4dtVzdeewce8Q5L6vlYSEhxQj5MJzshyo34GPW/F
lQDfHjaPDeaJbFkWibpOnbuGKEx+0/dY46rjT+Lz7LzildBjAFMVYjw=
-----END CERTIFICATE-----
Generated at Sun May 18 00:06:11 2025 by rpki-client