Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/USiwWmP7_uZv84RfFsFEk-_9H8Q.roa
File: USiwWmP7_uZv84RfFsFEk-_9H8Q.roa (raw, json)
Hash identifier: b7crNyxxWRj94oFuRTJxzkl+UkzfJZ2V5euQ8agMh3o=
Subject key identifier: 51:28:B0:5A:63:FB:FE:E6:6F:F3:84:5F:16:C1:44:93:EF:FD:1F:C4
Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Certificate serial: 17CC
Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/USiwWmP7_uZv84RfFsFEk-_9H8Q.roa
Signing time: Tue 05 Aug 2025 13:45:43 +0000
ROA not before: Tue 05 Aug 2025 13:45:43 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 140224
IP address blocks: 103.99.76.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6092 (0x17cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Validity
Not Before: Aug 5 13:45:43 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=5128B05A63FBFEE66FF3845F16C14493EFFD1FC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d2:db:ce:8f:5f:9f:21:9d:5c:e9:2a:32:28:
5b:be:d9:b3:27:cd:93:fc:2b:21:2d:14:28:f5:0c:
77:22:30:45:2c:33:aa:51:39:2b:0d:de:16:36:dc:
46:1a:48:fb:e1:fe:16:a4:ac:31:13:e4:a6:00:3e:
3c:8f:73:fa:25:cf:f4:94:dd:dc:b8:bc:1c:fc:e1:
da:8b:da:92:ea:53:9a:a7:6f:7e:0a:a8:ae:22:45:
a8:a8:67:07:3c:ab:7d:bc:af:eb:9f:11:bd:d0:6d:
f9:bd:84:38:c6:ac:77:06:da:d6:e0:b9:fd:25:46:
00:b5:b4:7d:2d:74:96:d8:fd:cf:10:9b:dd:59:28:
9d:57:09:35:49:ad:99:58:30:30:d6:5f:29:c8:8c:
f4:b7:d4:64:fe:43:95:f0:9a:6d:c9:d7:39:c7:a2:
e7:ae:a9:fe:e6:49:a9:4d:c4:58:c5:53:60:4b:0e:
f6:7c:7e:01:3b:03:57:49:d9:cd:c1:a8:e3:33:99:
0b:7a:49:b4:9b:b5:f3:d2:f9:ab:32:4a:f5:05:bb:
6d:01:98:09:92:92:e8:2a:0e:98:16:c0:cf:1e:b6:
65:ed:97:b5:e1:0f:ce:62:24:44:40:80:24:5f:a1:
e9:ee:61:8e:ad:a9:57:ad:75:a9:49:88:41:21:05:
ff:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:28:B0:5A:63:FB:FE:E6:6F:F3:84:5F:16:C1:44:93:EF:FD:1F:C4
X509v3 Authority Key Identifier:
keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/USiwWmP7_uZv84RfFsFEk-_9H8Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.76.0/24
Signature Algorithm: sha256WithRSAEncryption
13:3f:c3:eb:32:c8:3b:ba:3c:bc:25:52:ed:cb:ef:35:2d:0e:
7d:d7:b3:26:98:24:fb:d8:c0:a7:b1:43:00:57:cd:aa:f8:28:
e2:43:f9:2b:21:23:f6:f9:e4:7e:00:98:6a:3b:15:27:85:ff:
74:09:32:f2:ac:59:60:59:dd:f3:f7:63:e5:5c:08:b0:c6:b7:
6b:9f:6b:c8:64:61:13:63:17:16:1c:fb:38:0f:0e:1b:d9:a1:
25:a1:36:77:3a:ff:36:6d:30:08:17:ee:08:be:3e:5a:74:46:
34:36:e1:57:28:8e:da:1c:8d:3b:9f:01:19:8b:c5:5f:c7:3d:
9a:f8:a1:4e:95:30:31:16:24:7b:9c:6d:2c:b2:57:5e:85:e3:
47:69:6e:bd:2f:1c:79:72:6d:fb:42:fb:d4:77:95:33:74:ab:
d6:e6:ce:e1:31:0c:59:d1:3b:13:b7:44:bd:f0:8b:d4:18:f9:
c4:b1:df:b7:7b:fc:4c:cd:08:fa:02:f4:7d:22:35:73:29:4c:
98:c4:7c:ff:98:a7:d9:dc:f8:ec:09:5e:ec:a7:40:1c:bd:fe:
65:65:e8:c2:55:1d:a4:6a:e1:97:ba:0d:d9:e4:53:2b:15:cf:
2b:b2:f3:07:08:ea:27:18:7f:0b:c3:b9:56:f1:12:2d:5d:6b:
ef:7d:6b:ef
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICF8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG
NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNTA4MDUx
MzQ1NDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUxMjhCMDVBNjNGQkZF
RTY2RkYzODQ1RjE2QzE0NDkzRUZGRDFGQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo0tvOj1+fIZ1c6SoyKFu+2bMnzZP8KyEtFCj1DHciMEUsM6pR
OSsN3hY23EYaSPvh/hakrDET5KYAPjyPc/olz/SU3dy4vBz84dqL2pLqU5qnb34K
qK4iRaioZwc8q328r+ufEb3Qbfm9hDjGrHcG2tbguf0lRgC1tH0tdJbY/c8Qm91Z
KJ1XCTVJrZlYMDDWXynIjPS31GT+Q5Xwmm3J1znHoueuqf7mSalNxFjFU2BLDvZ8
fgE7A1dJ2c3BqOMzmQt6SbSbtfPS+asySvUFu20BmAmSkugqDpgWwM8etmXtl7Xh
D85iJERAgCRfoenuYY6tqVetdalJiEEhBf8VAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUUSiwWmP7/uZv84RfFsFEk+/9H8QwHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF
CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3
OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvVVNpd1dtUDdfdVp2
ODRSZkZzRkVrLV85SDhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGdjTDANBgkqhkiG9w0BAQsFAAOCAQEAEz/D6zLIO7o8vCVS7cvvNS0Ofdez
Jpgk+9jAp7FDAFfNqvgo4kP5KyEj9vnkfgCYajsVJ4X/dAky8qxZYFnd8/dj5VwI
sMa3a59ryGRhE2MXFhz7OA8OG9mhJaE2dzr/Nm0wCBfuCL4+WnRGNDbhVyiO2hyN
O58BGYvFX8c9mvihTpUwMRYke5xtLLJXXoXjR2luvS8ceXJt+0L71HeVM3Sr1ubO
4TEMWdE7E7dEvfCL1Bj5xLHft3v8TM0I+gL0fSI1cylMmMR8/5in2dz47Ale7KdA
HL3+ZWXowlUdpGrhl7oN2eRTKxXPK7LzBwjqJxh/C8O5VvESLV1r731r7w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:33:07 2025 by rpki-client