Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/h6Of_dBflj1U6593yuByrQNpOiw.roa
File: h6Of_dBflj1U6593yuByrQNpOiw.roa (raw, json)
Hash identifier: KLMU6BhRSivVdgQw9zl+cA1nOrzIQfaVEI9zR0n6xbM=
Subject key identifier: 87:A3:9F:FD:D0:5F:96:3D:54:EB:9F:77:CA:E0:72:AD:03:69:3A:2C
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 01F0
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/h6Of_dBflj1U6593yuByrQNpOiw.roa
Signing time: Tue 01 Jul 2025 15:33:15 +0000
ROA not before: Tue 01 Jul 2025 15:33:15 +0000
ROA not after: Wed 15 Apr 2026 09:08:30 +0000
asID: 51847
IP address blocks: 103.114.72.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 496 (0x1f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Jul 1 15:33:15 2025 GMT
Not After : Apr 15 09:08:30 2026 GMT
Subject: CN=87A39FFDD05F963D54EB9F77CAE072AD03693A2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:ef:ed:e1:34:ee:2b:1e:24:4a:fd:bf:11:29:
3c:05:6e:ae:7b:d4:e2:ad:58:9a:e9:18:22:bc:e5:
b8:de:93:51:13:12:3e:e8:d4:c3:54:d4:ee:c0:35:
f6:c2:3e:e9:77:c6:4f:09:76:ec:ab:e6:e7:ba:63:
3c:6c:9f:9b:ea:17:f0:37:d6:ef:49:5a:4a:ac:af:
26:bc:9b:3b:2d:4a:49:05:95:f2:43:3d:5b:26:76:
43:19:41:ef:b1:ea:a5:ac:ef:ee:83:f0:75:ab:86:
26:e5:d8:b3:cc:3d:60:cd:cb:30:ef:14:b5:fc:3b:
0d:30:10:0c:52:e1:5c:68:8e:bd:fb:5a:94:23:9d:
9c:d6:b1:aa:3e:68:04:25:78:13:e2:0c:e6:54:92:
e8:f7:9a:4e:f8:f4:df:c0:31:ef:e4:e7:28:e5:ce:
39:5b:55:28:53:f0:42:02:3d:d4:8a:29:45:13:ae:
f8:6f:6a:5d:3b:65:38:2a:a7:96:0e:a5:30:8a:d9:
44:ec:34:d5:3a:f5:3a:06:e4:bf:07:da:f2:62:4c:
c8:2a:d1:45:13:b4:62:16:eb:eb:32:a9:f3:7f:8a:
c0:84:4d:1d:a1:75:eb:58:0e:b8:e7:3f:a1:f5:a6:
4b:1e:a8:57:f3:71:3d:b4:15:fb:79:47:76:b6:35:
ef:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A3:9F:FD:D0:5F:96:3D:54:EB:9F:77:CA:E0:72:AD:03:69:3A:2C
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/h6Of_dBflj1U6593yuByrQNpOiw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.72.0/22
Signature Algorithm: sha256WithRSAEncryption
73:03:d0:ca:9a:59:d1:bb:26:dd:76:99:07:f9:c4:59:bc:1e:
39:07:63:8b:03:a8:7c:32:1a:73:9a:7e:72:8c:ca:ba:38:79:
03:40:be:df:63:df:a0:ed:2b:c9:80:74:02:88:ae:06:ed:f5:
7b:50:57:ba:dd:27:64:0b:3a:14:78:f5:69:d3:ae:04:36:8f:
61:e5:f2:a3:89:c3:bd:71:bb:9d:da:e9:d2:d7:b6:99:01:30:
51:28:b5:5f:da:42:5a:3c:51:60:b2:42:e5:8d:8c:85:12:1f:
6a:e9:29:29:b9:af:6c:5d:fe:e9:16:5d:27:7b:d0:b1:fd:78:
40:30:c9:dd:21:c7:4a:f7:d3:a7:2c:ba:fb:f5:84:98:0b:73:
cb:92:f2:5e:90:39:ac:99:14:b5:f4:54:a8:a2:8b:f0:8d:2b:
82:30:86:92:07:aa:c7:5a:41:db:9e:00:03:69:ee:cd:d3:98:
15:b9:a5:8d:34:52:b1:6f:af:55:a7:4b:cb:7c:3f:3c:e7:a6:
f5:0b:7b:11:ef:9b:04:2f:2a:ed:f7:f3:09:87:67:02:ba:3e:
f3:fe:e2:8e:88:d4:64:02:d8:8e:96:b9:20:4b:94:1b:d6:93:
5c:42:d4:9f:c9:3a:73:ca:08:1d:86:24:e3:06:c7:cf:6e:9d:
7b:90:6c:44
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF
RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MDEx
NTMzMTVaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDg3QTM5RkZERDA1Rjk2
M0Q1NEVCOUY3N0NBRTA3MkFEMDM2OTNBMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD47+3hNO4rHiRK/b8RKTwFbq571OKtWJrpGCK85bjek1ETEj7o
1MNU1O7ANfbCPul3xk8Jduyr5ue6Yzxsn5vqF/A31u9JWkqsrya8mzstSkkFlfJD
PVsmdkMZQe+x6qWs7+6D8HWrhibl2LPMPWDNyzDvFLX8Ow0wEAxS4Vxojr37WpQj
nZzWsao+aAQleBPiDOZUkuj3mk749N/AMe/k5yjlzjlbVShT8EICPdSKKUUTrvhv
al07ZTgqp5YOpTCK2UTsNNU69ToG5L8H2vJiTMgq0UUTtGIW6+syqfN/isCETR2h
detYDrjnP6H1pkseqFfzcT20Fft5R3a2Ne/tAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUh6Of/dBflj1U6593yuByrQNpOiwwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R
o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx
Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvaDZPZl9kQmZsajFV
NjU5M3l1QnlyUU5wT2l3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdySDANBgkqhkiG9w0BAQsFAAOCAQEAcwPQyppZ0bsm3XaZB/nEWbweOQdj
iwOofDIac5p+cozKujh5A0C+32PfoO0ryYB0AoiuBu31e1BXut0nZAs6FHj1adOu
BDaPYeXyo4nDvXG7ndrp0te2mQEwUSi1X9pCWjxRYLJC5Y2MhRIfaukpKbmvbF3+
6RZdJ3vQsf14QDDJ3SHHSvfTpyy6+/WEmAtzy5LyXpA5rJkUtfRUqKKL8I0rgjCG
kgeqx1pB254AA2nuzdOYFbmljTRSsW+vVadLy3w/POem9Qt7Ee+bBC8q7ffzCYdn
Aro+8/7ijojUZALYjpa5IEuUG9aTXELUn8k6c8oIHYYk4wbHz26de5BsRA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:10:59 2025 by rpki-client