Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/q7CXJRH13TusfD8L3DVSCTfz70o.roa
File: q7CXJRH13TusfD8L3DVSCTfz70o.roa (raw, json)
Hash identifier: zCYFqQJBqwdMQBxIBX5zjVeFKyTawBzRbf6jYYpHu4I=
Subject key identifier: AB:B0:97:25:11:F5:DD:3B:AC:7C:3F:0B:DC:35:52:09:37:F3:EF:4A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 7F9F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q7CXJRH13TusfD8L3DVSCTfz70o.roa
Signing time: Wed 06 Aug 2025 07:33:18 +0000
ROA not before: Wed 06 Aug 2025 07:33:18 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.32.0/20 maxlen: 20
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32671 (0x7f9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Aug 6 07:33:18 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=ABB0972511F5DD3BAC7C3F0BDC35520937F3EF4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:83:c7:4c:45:9b:99:a8:23:61:04:52:41:6d:
47:9c:94:48:b7:e2:d4:0b:44:e6:09:3e:bf:69:c0:
cf:46:00:08:c2:2b:05:32:0a:90:8a:21:29:0b:92:
ad:ca:93:6c:1e:48:ce:21:ab:97:07:cf:d7:3a:2b:
ac:28:7a:c9:c2:25:10:fc:e3:a5:5e:9a:c5:f2:a1:
8c:6b:bb:21:84:25:0a:86:ca:33:d7:67:5b:12:d9:
8d:a9:f8:8d:ce:6a:18:62:89:8c:7b:84:88:fd:71:
81:38:52:36:49:dc:8e:8b:75:78:62:82:ed:db:fa:
8b:f5:b9:94:42:28:56:7a:7c:48:b3:0e:60:ba:82:
04:91:83:54:4f:e3:7b:02:ca:5d:a8:c5:39:47:2a:
db:4c:0c:db:f3:51:23:65:6c:9a:3b:cb:86:c2:41:
3a:6a:db:96:3a:7a:27:99:38:e0:04:ae:65:9f:4c:
e7:d0:f6:17:22:0f:9d:39:60:3e:ef:ff:9f:05:ee:
f7:48:ca:6c:41:5f:eb:ab:e3:b0:9b:9a:85:5a:13:
7a:14:d4:37:28:0a:cc:8e:02:e7:2f:94:d3:cd:ea:
23:7e:3d:c5:c9:ab:da:28:3a:fe:aa:87:4c:aa:b8:
58:64:01:85:85:b4:96:43:c9:ad:b8:b6:c8:0b:23:
34:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B0:97:25:11:F5:DD:3B:AC:7C:3F:0B:DC:35:52:09:37:F3:EF:4A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/q7CXJRH13TusfD8L3DVSCTfz70o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.32.0/20
Signature Algorithm: sha256WithRSAEncryption
45:25:66:b9:a4:20:2d:65:aa:26:90:82:a3:50:81:81:6f:aa:
07:c2:03:4d:1a:ce:62:26:13:8a:18:e3:00:5f:06:25:70:ba:
9f:92:bf:5c:cc:5a:7f:67:2e:f9:54:44:3f:af:6b:54:57:19:
35:65:ab:5a:24:81:de:07:c2:50:65:20:03:62:08:1c:83:75:
ee:89:e8:9b:5e:ef:25:94:fc:d6:8b:98:48:c0:88:39:3d:81:
e0:93:30:f9:ae:08:9a:e2:c2:0c:2d:29:2d:c3:aa:bb:0d:43:
05:c1:f2:06:e0:fb:59:76:ee:98:b2:8d:e1:f3:41:7d:4b:21:
c8:b7:1d:c6:7b:4a:78:05:a3:a2:d7:ed:60:a2:2f:8c:d7:07:
93:b4:de:8c:d5:d5:34:a0:ae:48:b9:cb:ed:cd:90:65:30:bc:
1e:cc:98:b1:c0:2b:96:8f:95:f1:84:e4:78:00:4c:68:78:03:
c4:18:1a:2d:dc:19:88:42:31:a7:9b:6a:ff:5d:7e:b2:80:11:
40:fa:c0:c4:68:f8:57:78:eb:94:2d:79:6c:c7:af:02:9e:ef:
9b:a0:e7:55:4d:ac:d9:4d:95:e9:22:fd:9f:19:04:13:97:46:
32:28:59:a7:c6:30:ab:b7:e4:d1:36:62:eb:8d:66:9a:cb:4e:
41:72:5a:b5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICf58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw
NzMzMThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFCQjA5NzI1MTFGNURE
M0JBQzdDM0YwQkRDMzU1MjA5MzdGM0VGNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdg8dMRZuZqCNhBFJBbUeclEi34tQLROYJPr9pwM9GAAjCKwUy
CpCKISkLkq3Kk2weSM4hq5cHz9c6K6woesnCJRD846VemsXyoYxruyGEJQqGyjPX
Z1sS2Y2p+I3OahhiiYx7hIj9cYE4UjZJ3I6LdXhigu3b+ov1uZRCKFZ6fEizDmC6
ggSRg1RP43sCyl2oxTlHKttMDNvzUSNlbJo7y4bCQTpq25Y6eieZOOAErmWfTOfQ
9hciD505YD7v/58F7vdIymxBX+ur47CbmoVaE3oU1DcoCsyOAucvlNPN6iN+PcXJ
q9ooOv6qh0yquFhkAYWFtJZDya24tsgLIzTvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUq7CXJRH13TusfD8L3DVSCTfz70owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3E3Q1hKUkgxM1R1c2ZE
OEwzRFZTQ1Rmejcwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQr7yAwDQYJKoZIhvcNAQELBQADggEBAEUlZrmkIC1lqiaQgqNQgYFvqgfCA00a
zmImE4oY4wBfBiVwup+Sv1zMWn9nLvlURD+va1RXGTVlq1okgd4HwlBlIANiCByD
de6J6Jte7yWU/NaLmEjAiDk9geCTMPmuCJriwgwtKS3DqrsNQwXB8gbg+1l27piy
jeHzQX1LIci3HcZ7SngFo6LX7WCiL4zXB5O03ozV1TSgrki5y+3NkGUwvB7MmLHA
K5aPlfGE5HgATGh4A8QYGi3cGYhCMaebav9dfrKAEUD6wMRo+Fd465QteWzHrwKe
75ug51VNrNlNleki/Z8ZBBOXRjIoWafGMKu35NE2YuuNZprLTkFyWrU=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:39:44 2025 by rpki-client