Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/vQKj_Ya7sxh8uzTnlr3is-g6YL8.roa
File: vQKj_Ya7sxh8uzTnlr3is-g6YL8.roa (raw, json)
Hash identifier: px6L9Flw0NiMLW5AgeiRuEZ6JQAEIND0JIC9mSS1rw8=
Subject key identifier: BD:02:A3:FD:86:BB:B3:18:7C:BB:34:E7:96:BD:E2:B3:E8:3A:60:BF
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 15C8
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/vQKj_Ya7sxh8uzTnlr3is-g6YL8.roa
Signing time: Sat 13 Sep 2025 03:06:47 +0000
ROA not before: Sat 13 Sep 2025 03:06:47 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 55990
IP address blocks: 115.175.64.0/19 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5576 (0x15c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Sep 13 03:06:47 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=BD02A3FD86BBB3187CBB34E796BDE2B3E83A60BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e8:01:b9:ee:b1:00:fc:aa:65:df:c9:1e:b6:
5f:6a:de:a7:99:0a:69:1a:f2:66:21:e0:ba:87:52:
27:5f:0a:3d:54:9f:77:bd:a7:dd:d3:62:3a:b9:f6:
47:bb:ee:d9:bb:31:f8:b4:57:16:cb:b6:b6:09:48:
9b:88:8d:6c:d2:5d:66:93:ca:b5:1a:f4:4b:12:53:
d0:c1:8f:cc:47:48:40:92:13:64:43:0b:34:72:c7:
a7:70:6c:b3:39:eb:87:46:37:8f:77:e1:e3:2c:9c:
59:3a:af:67:60:ec:f7:9a:70:a5:49:ab:77:48:28:
7b:ac:50:2d:a1:22:d2:59:c0:92:dc:fe:6a:13:71:
ce:bd:47:38:f0:d3:50:1a:66:87:e4:55:d0:63:05:
83:da:f0:9f:63:75:06:38:b2:10:ec:af:8b:76:98:
ea:c0:20:ad:f7:be:b7:2a:f5:32:f8:97:76:c5:3a:
1b:30:61:2a:2c:b7:d3:f9:a5:0d:c7:52:82:b5:3b:
f5:1c:b3:6c:b8:b4:29:d3:f1:8d:87:af:a9:d1:e7:
8d:5b:70:b1:3b:2b:b0:54:86:18:3a:32:0d:bd:e4:
11:da:98:eb:78:22:23:4f:44:5c:32:45:e4:3e:da:
d6:8f:99:4f:da:c3:2a:8c:19:3a:5e:30:2e:85:9c:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:02:A3:FD:86:BB:B3:18:7C:BB:34:E7:96:BD:E2:B3:E8:3A:60:BF
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/vQKj_Ya7sxh8uzTnlr3is-g6YL8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.175.64.0/19
Signature Algorithm: sha256WithRSAEncryption
21:65:28:35:75:fc:f4:c5:40:00:83:ac:ea:e5:62:25:cf:c0:
8c:64:bd:bc:e4:3d:80:38:73:21:4d:c1:9e:86:99:d8:d3:bc:
b5:02:7d:c1:08:38:30:91:a4:a5:a8:ad:c1:49:2f:54:fe:22:
d0:e5:19:0e:df:0a:bb:68:42:d9:17:c9:a6:9f:99:5b:ba:72:
79:cb:3d:61:70:16:ac:48:16:34:ae:9d:77:ad:a4:a6:7e:42:
e6:7d:63:a7:d4:92:73:54:6d:9f:b2:dd:3c:67:32:a8:a5:b0:
55:7a:23:36:33:68:0a:21:76:7b:b8:9e:95:3d:53:e0:35:d7:
14:c5:66:73:5e:40:0c:cb:44:51:6e:52:c8:89:ae:fc:c2:ee:
6b:7f:54:0b:25:fc:4f:8b:b7:5c:04:e3:94:9f:e4:9c:af:df:
70:10:9a:2b:43:47:ea:87:fb:e4:1b:e5:27:42:2f:ae:62:02:
59:28:07:d8:cf:81:32:cc:69:a7:48:ab:54:b8:2d:1d:07:24:
46:b3:b4:4b:ed:23:fd:ce:93:48:ee:79:47:3b:fe:e6:8f:f4:
28:1b:0a:d0:81:89:d4:c7:57:16:28:0c:1e:8a:1e:ca:0d:90:
0a:f9:d0:aa:87:4a:d4:2a:8c:da:9b:86:92:cb:73:4d:3f:fe:
d7:02:62:c3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw
MzA2NDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJEMDJBM0ZEODZCQkIz
MTg3Q0JCMzRFNzk2QkRFMkIzRTgzQTYwQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ6AG57rEA/Kpl38ketl9q3qeZCmka8mYh4LqHUidfCj1Un3e9
p93TYjq59ke77tm7Mfi0VxbLtrYJSJuIjWzSXWaTyrUa9EsSU9DBj8xHSECSE2RD
CzRyx6dwbLM564dGN4934eMsnFk6r2dg7PeacKVJq3dIKHusUC2hItJZwJLc/moT
cc69Rzjw01AaZofkVdBjBYPa8J9jdQY4shDsr4t2mOrAIK33vrcq9TL4l3bFOhsw
YSost9P5pQ3HUoK1O/Ucs2y4tCnT8Y2Hr6nR541bcLE7K7BUhhg6Mg295BHamOt4
IiNPRFwyReQ+2taPmU/awyqMGTpeMC6FnA9PAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUvQKj/Ya7sxh8uzTnlr3is+g6YL8wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvdlFLal9ZYTdzeGg4
dXpUbmxyM2lzLWc2WUw4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBXOvQDANBgkqhkiG9w0BAQsFAAOCAQEAIWUoNXX89MVAAIOs6uViJc/AjGS9
vOQ9gDhzIU3BnoaZ2NO8tQJ9wQg4MJGkpaitwUkvVP4i0OUZDt8Ku2hC2RfJpp+Z
W7pyecs9YXAWrEgWNK6dd62kpn5C5n1jp9SSc1Rtn7LdPGcyqKWwVXojNjNoCiF2
e7ielT1T4DXXFMVmc15ADMtEUW5SyImu/MLua39UCyX8T4u3XATjlJ/knK/fcBCa
K0NH6of75BvlJ0IvrmICWSgH2M+BMsxpp0irVLgtHQckRrO0S+0j/c6TSO55Rzv+
5o/0KBsK0IGJ1MdXFigMHooeyg2QCvnQqodK1CqM2puGkstzTT/+1wJiww==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:58:43 2025 by rpki-client