Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/7qZob3AujTc2jeu0nynofAHKNs4.roa
File: 7qZob3AujTc2jeu0nynofAHKNs4.roa (raw, json)
Hash identifier: r2Ki2IK8JfHSEpefyS/xJssFfIE/T47fC3oxXtHqm/s=
Subject key identifier: EE:A6:68:6F:70:2E:8D:37:36:8D:EB:B4:9F:29:E8:7C:01:CA:36:CE
Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Certificate serial: 0A64
Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/7qZob3AujTc2jeu0nynofAHKNs4.roa
Signing time: Sat 13 Sep 2025 03:07:56 +0000
ROA not before: Sat 13 Sep 2025 03:07:56 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 146806
IP address blocks: 157.66.43.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2660 (0xa64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Validity
Not Before: Sep 13 03:07:56 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=EEA6686F702E8D37368DEBB49F29E87C01CA36CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:c6:86:c6:f6:04:72:7b:05:2d:4d:c2:3a:
99:80:33:73:c1:51:26:e0:b1:a1:9e:7c:6d:c5:f3:
52:40:98:f9:5e:a9:15:9e:bf:95:1c:ec:9d:e5:97:
c5:1d:1e:19:ac:2c:e7:92:0b:46:88:eb:cc:1d:bc:
5a:5f:f2:9a:f0:c3:13:ef:bf:d6:68:80:12:9f:d6:
2f:28:b1:4c:f0:79:11:dc:25:1a:19:83:df:81:c7:
76:70:d3:09:77:e0:0a:4c:99:38:8c:88:4d:3f:e4:
54:58:9a:1f:ab:72:ae:70:ae:5e:74:64:47:0a:56:
f3:48:65:06:67:d6:83:22:69:8c:d1:77:3a:fd:f3:
07:db:60:fd:2d:86:76:63:e1:68:33:a1:77:be:d6:
26:65:ea:1f:7c:44:03:66:06:b6:3c:dc:eb:25:34:
e2:9e:1a:b9:53:c7:82:51:2e:46:94:b6:df:61:70:
ca:16:5a:e7:66:6b:15:83:c5:31:91:8e:df:24:2c:
04:25:f5:fe:c2:9d:be:98:73:e3:cf:9e:18:0c:25:
d5:f9:90:10:3a:3a:a8:30:4f:a1:de:28:5c:d2:89:
55:cf:90:d8:ae:d3:98:06:f0:c8:f3:50:37:d6:2c:
9a:0c:83:18:8a:e2:af:49:ed:0c:01:7c:e6:f9:f3:
c5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A6:68:6F:70:2E:8D:37:36:8D:EB:B4:9F:29:E8:7C:01:CA:36:CE
X509v3 Authority Key Identifier:
keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/7qZob3AujTc2jeu0nynofAHKNs4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.43.0/24
Signature Algorithm: sha256WithRSAEncryption
08:bf:d1:49:f5:ec:a3:8f:ba:24:d1:25:cc:01:f6:14:d0:a1:
27:1e:10:d5:35:ff:ae:5a:1b:d3:56:8b:fb:fa:c4:82:5a:ab:
fd:2c:ac:f8:c0:a2:e2:69:23:f0:71:3a:64:c4:7f:1b:af:a1:
fb:fd:81:ff:8a:96:8b:ae:f8:e5:d5:b3:ca:f7:f7:29:2c:1f:
d6:0d:be:68:21:da:3a:c8:4a:86:d6:70:c6:33:a1:93:83:8f:
8e:3c:bd:a8:e6:42:00:66:86:d1:0a:20:8a:fa:ef:53:e2:78:
13:09:c6:49:7b:09:1c:fa:47:d9:85:64:cd:8a:a5:df:89:31:
c6:16:22:f8:a2:00:92:8c:79:4f:82:5d:24:f7:31:ae:f8:45:
b2:d4:d6:ec:87:70:8c:b5:40:f1:01:b4:96:d1:d0:20:73:22:
08:6a:d8:d1:f5:31:8f:2c:c1:6d:07:fe:fb:0a:64:c1:bc:4e:
2b:7e:94:6f:2b:c7:e5:27:24:5d:5c:fe:4a:72:27:10:4d:ab:
6e:80:64:57:9a:d1:3c:8f:93:bd:1a:17:f6:56:57:9d:e0:8d:
fb:d8:31:0b:9a:b1:a7:10:80:54:7f:94:7e:ff:dc:d5:f3:6b:
6b:82:56:e3:dc:5c:3d:43:fa:f7:4f:f4:d0:87:88:7d:5e:53:
4b:f5:84:c1
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz
NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNTA5MTMw
MzA3NTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVFQTY2ODZGNzAyRThE
MzczNjhERUJCNDlGMjlFODdDMDFDQTM2Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLZcaGxvYEcnsFLU3COpmAM3PBUSbgsaGefG3F81JAmPleqRWe
v5Uc7J3ll8UdHhmsLOeSC0aI68wdvFpf8prwwxPvv9ZogBKf1i8osUzweRHcJRoZ
g9+Bx3Zw0wl34ApMmTiMiE0/5FRYmh+rcq5wrl50ZEcKVvNIZQZn1oMiaYzRdzr9
8wfbYP0thnZj4WgzoXe+1iZl6h98RANmBrY83OslNOKeGrlTx4JRLkaUtt9hcMoW
WudmaxWDxTGRjt8kLAQl9f7Cnb6Yc+PPnhgMJdX5kBA6OqgwT6HeKFzSiVXPkNiu
05gG8MjzUDfWLJoMgxiK4q9J7QwBfOb588UzAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU7qZob3AujTc2jeu0nynofAHKNs4wHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30
/NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvN3Fab2IzQXVqVGMy
amV1MG55bm9mQUhLTnM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKzANBgkqhkiG9w0BAQsFAAOCAQEACL/RSfXso4+6JNElzAH2FNChJx4Q
1TX/rlob01aL+/rEglqr/Sys+MCi4mkj8HE6ZMR/G6+h+/2B/4qWi6745dWzyvf3
KSwf1g2+aCHaOshKhtZwxjOhk4OPjjy9qOZCAGaG0QogivrvU+J4EwnGSXsJHPpH
2YVkzYql34kxxhYi+KIAkox5T4JdJPcxrvhFstTW7IdwjLVA8QG0ltHQIHMiCGrY
0fUxjyzBbQf++wpkwbxOK36UbyvH5SckXVz+SnInEE2rboBkV5rRPI+TvRoX9lZX
neCN+9gxC5qxpxCAVH+Ufv/c1fNra4JW49xcPUP690/00IeIfV5TS/WEwQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:52:27 2025 by rpki-client