Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/H3LDlVRtyOMr2X0brKy8nlIMjR8.roa
File: H3LDlVRtyOMr2X0brKy8nlIMjR8.roa (raw, json)
Hash identifier: O9vKuCP4Ads9F36q70gF6mf6zKv5VWxvE7gVHDnag70=
Subject key identifier: 1F:72:C3:95:54:6D:C8:E3:2B:D9:7D:1B:AC:AC:BC:9E:52:0C:8D:1F
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 14ED
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/H3LDlVRtyOMr2X0brKy8nlIMjR8.roa
Signing time: Sat 13 Sep 2025 03:03:28 +0000
ROA not before: Sat 13 Sep 2025 03:03:28 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 62387
IP address blocks: 101.232.32.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5357 (0x14ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 13 03:03:28 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=1F72C395546DC8E32BD97D1BACACBC9E520C8D1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6d:f5:0a:b0:9e:0a:f5:18:db:6e:4e:b3:b5:
de:02:93:2c:2f:c4:34:2a:b2:09:cb:17:7d:da:c7:
ac:d8:1c:d2:30:b6:bd:9e:fe:e8:08:64:5f:9b:6a:
21:8a:ce:8d:4d:00:06:13:fc:8c:2b:1b:53:eb:ce:
08:9d:bd:cf:eb:d9:13:30:c1:ab:15:fa:6f:09:c8:
d3:ce:c4:a2:58:a6:98:5e:85:45:ec:40:57:6f:09:
2a:46:5a:88:f6:bd:a4:7b:6c:e2:c8:f3:cb:19:b3:
25:45:ea:cc:27:bf:e6:7a:8e:58:fe:93:e7:8f:92:
53:4f:c1:d8:30:78:d3:9c:e1:80:c4:bc:23:1e:17:
6d:f9:b5:f7:93:0e:4e:76:91:dc:da:09:ee:db:5d:
87:5a:dd:65:41:eb:cb:ec:4c:57:5d:85:a2:b3:c4:
ae:52:fc:16:28:85:5c:69:3e:d0:01:36:77:09:ed:
62:86:bc:87:85:18:64:f1:52:a0:b6:b1:05:4e:ab:
47:ff:e4:0f:88:5a:40:57:fa:07:8f:18:3d:16:7a:
2e:03:64:3a:eb:f3:4a:b1:3c:90:21:db:3e:07:af:
28:a0:f8:d0:ee:86:ea:db:12:de:b1:ee:77:1e:37:
19:54:f5:da:a8:26:91:48:c1:91:50:d1:96:61:97:
fe:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:72:C3:95:54:6D:C8:E3:2B:D9:7D:1B:AC:AC:BC:9E:52:0C:8D:1F
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/H3LDlVRtyOMr2X0brKy8nlIMjR8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.232.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:06:2b:84:41:e8:fc:3c:f6:86:63:6c:95:df:ee:ab:91:b0:
64:3b:c4:e0:93:ed:2c:c2:4a:d5:ef:9c:a4:e7:6a:c1:3d:d2:
7b:f3:89:66:ab:2c:bb:ec:94:f8:7c:24:c8:26:92:72:fd:db:
ca:87:13:ed:2e:a9:21:be:0e:e3:2d:fc:af:72:1c:06:d8:2c:
3c:9a:93:d8:78:ba:89:f9:82:e1:98:fe:7d:99:e0:fe:a2:a1:
23:68:0e:4c:d6:ef:48:a7:ef:58:54:0b:8d:da:9e:3c:34:85:
9d:22:65:aa:5f:c2:f4:27:3d:1a:d5:a6:d6:d1:7a:74:f6:70:
e6:a8:c6:8f:55:5d:db:88:20:2e:1b:8c:ed:7f:82:ce:99:73:
74:3b:e2:f4:8c:d6:3b:18:6b:d1:36:a0:a7:4b:3e:75:4d:72:
70:53:4e:fb:37:f6:7d:86:c4:31:63:f3:ab:3a:42:34:83:7c:
cd:8a:1f:cc:f5:01:eb:45:2d:15:8f:4a:93:54:e0:d3:a2:77:
65:44:3d:b0:47:58:b2:73:45:fd:55:20:fb:cc:ba:8d:ea:57:
c6:4e:f1:8a:17:6d:f6:14:53:d5:2c:64:30:f0:56:e1:b5:6e:
bf:87:24:68:59:ad:95:11:b2:ca:34:94:8c:de:f6:83:79:0d:
2b:29:f7:69
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA5MTMw
MzAzMjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDFGNzJDMzk1NTQ2REM4
RTMyQkQ5N0QxQkFDQUNCQzlFNTIwQzhEMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBbfUKsJ4K9Rjbbk6ztd4CkywvxDQqsgnLF33ax6zYHNIwtr2e
/ugIZF+baiGKzo1NAAYT/IwrG1Przgidvc/r2RMwwasV+m8JyNPOxKJYpphehUXs
QFdvCSpGWoj2vaR7bOLI88sZsyVF6swnv+Z6jlj+k+ePklNPwdgweNOc4YDEvCMe
F235tfeTDk52kdzaCe7bXYda3WVB68vsTFddhaKzxK5S/BYohVxpPtABNncJ7WKG
vIeFGGTxUqC2sQVOq0f/5A+IWkBX+gePGD0Wei4DZDrr80qxPJAh2z4Hryig+NDu
hurbEt6x7nceNxlU9dqoJpFIwZFQ0ZZhl/6TAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUH3LDlVRtyOMr2X0brKy8nlIMjR8wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0gzTERsVlJ0eU9NcjJY
MGJyS3k4bmxJTWpSOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJl6CAwDQYJKoZIhvcNAQELBQADggEBAKQGK4RB6Pw89oZjbJXf7quRsGQ7xOCT
7SzCStXvnKTnasE90nvziWarLLvslPh8JMgmknL928qHE+0uqSG+DuMt/K9yHAbY
LDyak9h4uon5guGY/n2Z4P6ioSNoDkzW70in71hUC43anjw0hZ0iZapfwvQnPRrV
ptbRenT2cOaoxo9VXduIIC4bjO1/gs6Zc3Q74vSM1jsYa9E2oKdLPnVNcnBTTvs3
9n2GxDFj86s6QjSDfM2KH8z1AetFLRWPSpNU4NOid2VEPbBHWLJzRf1VIPvMuo3q
V8ZO8YoXbfYUU9UsZDDwVuG1br+HJGhZrZURsso0lIze9oN5DSsp92k=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:25 2025 by rpki-client