Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/cIWlcgIlWrr7dPhvnLjAEmryGDc.roa
File: cIWlcgIlWrr7dPhvnLjAEmryGDc.roa (raw, json)
Hash identifier: qYlW/Je7TxRMGGbrH6KCQs+TJv0I6bBgau3xwOaOT6g=
Subject key identifier: 70:85:A5:72:02:25:5A:BA:FB:74:F8:6F:9C:B8:C0:12:6A:F2:18:37
Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Certificate serial: 17D1
Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/cIWlcgIlWrr7dPhvnLjAEmryGDc.roa
Signing time: Tue 05 Aug 2025 13:46:32 +0000
ROA not before: Tue 05 Aug 2025 13:46:32 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 18186
IP address blocks: 103.99.77.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6097 (0x17d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Validity
Not Before: Aug 5 13:46:32 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=7085A57202255ABAFB74F86F9CB8C0126AF21837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:fc:a2:c5:87:c8:2e:5d:5f:d2:e0:b6:aa:0e:
67:7d:cd:13:53:d5:c2:0d:33:da:16:ab:0f:6e:c8:
b2:b1:1c:23:04:6e:19:39:0d:a8:0a:f6:42:bf:0f:
75:67:f3:35:87:11:e0:97:65:38:7e:57:31:84:84:
c3:04:0b:14:b8:e0:97:c3:33:9c:17:08:53:80:fa:
c5:6a:4f:fb:34:0c:39:2f:3d:ce:e0:51:87:e7:7e:
4a:3c:ca:e8:6d:c0:17:2d:65:26:0c:f3:9e:a8:cc:
ba:0a:a3:7a:f0:8a:44:a1:04:b2:89:69:c1:e7:d3:
ea:25:6c:19:4a:dd:3e:f3:5d:bc:96:7c:49:f3:f2:
8b:78:d4:20:f3:e9:62:0d:fa:dc:24:78:df:4a:0d:
c4:13:43:72:44:ee:ee:5c:c3:c0:de:25:92:11:79:
c9:77:f2:49:a5:0a:ba:c2:79:07:b2:14:5e:64:4b:
77:c7:1d:d0:91:6b:cd:45:86:82:c9:73:fa:16:36:
61:f5:d2:d1:c7:b6:7f:58:ae:aa:34:f5:e3:04:e7:
9f:1b:15:3d:89:31:36:f8:c2:ff:aa:f9:39:c0:ea:
f4:98:53:fa:bd:13:3f:d8:02:29:d0:66:0b:cc:57:
c7:a4:51:9e:69:c0:55:97:6e:6a:2e:f8:ba:ed:91:
7f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:85:A5:72:02:25:5A:BA:FB:74:F8:6F:9C:B8:C0:12:6A:F2:18:37
X509v3 Authority Key Identifier:
keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/cIWlcgIlWrr7dPhvnLjAEmryGDc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.77.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ff:0c:6f:b9:a8:f7:2b:d5:8f:0b:a9:e9:49:9c:2c:74:86:
f6:e8:9f:09:0f:83:ec:1c:b1:36:6f:05:12:f0:5f:fe:71:da:
bc:01:2c:75:eb:62:13:e3:9a:b1:2c:b7:93:a5:f3:ef:b6:78:
ca:3c:d7:7b:ea:df:ec:3e:79:f0:88:bf:88:ed:4d:3b:83:23:
f7:cc:13:c3:03:f9:3d:73:4a:25:93:d6:6c:24:20:03:68:86:
14:65:3b:f9:7e:95:54:f0:60:00:44:0d:6e:21:7d:39:0d:de:
95:98:21:51:eb:b7:f7:0a:9a:03:82:44:4b:66:90:f9:61:ed:
31:02:db:32:7f:b8:fb:49:43:e6:c4:de:43:ef:38:b0:04:c6:
76:35:83:57:9f:58:ab:c6:a7:3e:f1:b3:fc:4e:7b:b6:2a:2d:
76:5f:91:16:ec:e4:c1:2e:50:e0:ba:8c:18:8a:37:53:92:a9:
a2:37:af:9e:e1:49:7a:21:a4:7c:62:02:fa:db:c1:a9:ae:3e:
69:6f:cd:8e:0a:82:40:0d:7a:96:dc:cf:1c:fe:b7:78:fd:c3:
f7:f5:9a:75:98:3e:6a:42:68:9b:b2:9e:b1:f1:5f:5f:7a:06:
da:8f:6e:4b:a6:83:bc:93:c1:f6:93:1a:bd:a0:1c:31:3b:e0:
ac:82:38:ed
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICF9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG
NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNTA4MDUx
MzQ2MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDcwODVBNTcyMDIyNTVB
QkFGQjc0Rjg2RjlDQjhDMDEyNkFGMjE4MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh/KLFh8guXV/S4LaqDmd9zRNT1cINM9oWqw9uyLKxHCMEbhk5
DagK9kK/D3Vn8zWHEeCXZTh+VzGEhMMECxS44JfDM5wXCFOA+sVqT/s0DDkvPc7g
UYfnfko8yuhtwBctZSYM856ozLoKo3rwikShBLKJacHn0+olbBlK3T7zXbyWfEnz
8ot41CDz6WIN+twkeN9KDcQTQ3JE7u5cw8DeJZIRecl38kmlCrrCeQeyFF5kS3fH
HdCRa81FhoLJc/oWNmH10tHHtn9Yrqo09eME558bFT2JMTb4wv+q+TnA6vSYU/q9
Ez/YAinQZgvMV8ekUZ5pwFWXbmou+LrtkX9bAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUcIWlcgIlWrr7dPhvnLjAEmryGDcwHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF
CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3
OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvY0lXbGNnSWxXcnI3
ZFBodm5MakFFbXJ5R0RjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGdjTTANBgkqhkiG9w0BAQsFAAOCAQEAS/8Mb7mo9yvVjwup6UmcLHSG9uif
CQ+D7ByxNm8FEvBf/nHavAEsdetiE+OasSy3k6Xz77Z4yjzXe+rf7D558Ii/iO1N
O4Mj98wTwwP5PXNKJZPWbCQgA2iGFGU7+X6VVPBgAEQNbiF9OQ3elZghUeu39wqa
A4JES2aQ+WHtMQLbMn+4+0lD5sTeQ+84sATGdjWDV59Yq8anPvGz/E57tiotdl+R
FuzkwS5Q4LqMGIo3U5KpojevnuFJeiGkfGIC+tvBqa4+aW/NjgqCQA16ltzPHP63
eP3D9/WadZg+akJom7KesfFfX3oG2o9uS6aDvJPB9pMavaAcMTvgrII47Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:33:13 2025 by rpki-client