Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/tCk0O9Fa9uk7CmzmSraufeYWXSA.roa
File: tCk0O9Fa9uk7CmzmSraufeYWXSA.roa (raw, json)
Hash identifier: sh1PFfN0mAGJywuerZ93gmMQ8nDYmg1GTlAIYOOmt0Y=
Subject key identifier: B4:29:34:3B:D1:5A:F6:E9:3B:0A:6C:E6:4A:B6:AE:7D:E6:16:5D:20
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 1213
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/tCk0O9Fa9uk7CmzmSraufeYWXSA.roa
Signing time: Mon 05 May 2025 12:06:13 +0000
ROA not before: Mon 05 May 2025 12:06:13 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 62387
IP address blocks: 101.232.104.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4627 (0x1213)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: May 5 12:06:13 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B429343BD15AF6E93B0A6CE64AB6AE7DE6165D20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:74:de:ff:5f:5b:ae:45:83:59:6c:ea:9a:0f:
04:2b:4b:b6:a6:4b:f1:61:93:0a:1b:1b:c1:20:9a:
db:a4:73:2a:ae:4a:84:bf:c0:16:47:3c:d4:ea:1c:
8b:ca:ac:7a:7f:ab:da:c7:c4:0e:fb:a3:ee:d5:fa:
73:ec:03:16:8d:aa:60:d8:de:0d:cf:43:ea:b7:77:
3b:93:2a:3a:8b:80:17:bd:d1:88:d7:b7:ed:d6:25:
37:97:15:04:31:ca:85:0f:6e:3d:27:29:3f:a9:a0:
39:86:93:88:55:37:30:21:55:d5:e9:17:9d:a4:e1:
03:36:da:b0:cc:46:2e:40:9a:ef:48:c3:0b:ea:68:
56:f2:db:62:49:70:6b:08:cc:35:7f:33:f4:c1:c0:
08:25:5e:11:66:8c:e7:57:c5:88:6d:bf:94:cf:54:
ce:c4:f2:fa:57:9b:99:5a:ef:a7:b9:82:ee:f5:f9:
74:c4:6f:71:fd:b9:15:03:64:3b:e8:f4:bc:5c:49:
40:8b:0c:5b:c4:4d:74:ed:3f:38:79:71:b9:ff:cf:
ee:20:70:81:2e:00:9a:48:0a:94:28:f5:74:8f:59:
68:5c:92:50:8a:a8:17:bd:dd:00:90:20:e3:d0:36:
65:44:b6:80:b4:a6:23:79:0b:61:d2:bc:f3:8a:5f:
09:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:29:34:3B:D1:5A:F6:E9:3B:0A:6C:E6:4A:B6:AE:7D:E6:16:5D:20
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/tCk0O9Fa9uk7CmzmSraufeYWXSA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.232.104.0/22
Signature Algorithm: sha256WithRSAEncryption
27:64:80:28:2f:7e:19:a0:8c:87:39:79:1b:2c:c1:b5:9b:4d:
b0:f4:e9:c2:9b:d4:8e:62:62:d2:ba:0a:d9:60:c7:b0:95:fa:
57:46:4f:9f:43:57:b3:62:d9:0e:39:8c:a2:6c:db:e8:9b:ba:
2c:e9:70:dc:7e:35:5e:3e:6f:df:a3:39:2e:08:4b:04:13:90:
6f:21:72:d7:a5:7d:ba:6c:f6:0b:00:a5:78:c7:ea:77:f8:a0:
22:bf:d1:04:8d:b7:d9:4d:45:eb:6c:2c:1f:16:3b:da:9d:40:
d9:41:59:d4:59:ab:32:c1:1e:5c:54:39:68:91:85:1b:f7:f0:
1e:e1:1c:2a:ed:af:38:b9:a2:51:32:de:b6:c7:6e:42:72:13:
75:02:72:aa:17:c7:08:c7:a4:aa:e5:1f:85:87:d5:82:80:a1:
2a:87:7b:c8:09:34:ba:5c:9f:0e:3b:6b:7b:15:98:af:5a:5e:
d3:5e:50:e7:04:6f:de:f2:2d:c6:b1:cd:86:0c:9b:1e:38:99:
ba:23:1c:de:13:c2:61:2f:42:5c:b9:03:3c:e3:d0:2b:da:5c:
7f:e7:b1:14:95:94:17:2b:24:30:a5:9c:be:21:02:ec:4d:0b:
e4:ef:b0:8e:2f:0e:ed:84:44:3a:f7:a1:4f:eb:29:90:76:73:
f5:b1:31:00
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEhMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MDUx
MjA2MTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI0MjkzNDNCRDE1QUY2
RTkzQjBBNkNFNjRBQjZBRTdERTYxNjVEMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhdN7/X1uuRYNZbOqaDwQrS7amS/FhkwobG8EgmtukcyquSoS/
wBZHPNTqHIvKrHp/q9rHxA77o+7V+nPsAxaNqmDY3g3PQ+q3dzuTKjqLgBe90YjX
t+3WJTeXFQQxyoUPbj0nKT+poDmGk4hVNzAhVdXpF52k4QM22rDMRi5Amu9Iwwvq
aFby22JJcGsIzDV/M/TBwAglXhFmjOdXxYhtv5TPVM7E8vpXm5la76e5gu71+XTE
b3H9uRUDZDvo9LxcSUCLDFvETXTtPzh5cbn/z+4gcIEuAJpICpQo9XSPWWhcklCK
qBe93QCQIOPQNmVEtoC0piN5C2HSvPOKXwkzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtCk0O9Fa9uk7CmzmSraufeYWXSAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3RDazBPOUZhOXVrN0Nt
em1TcmF1ZmVZV1hTQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJl6GgwDQYJKoZIhvcNAQELBQADggEBACdkgCgvfhmgjIc5eRsswbWbTbD06cKb
1I5iYtK6Ctlgx7CV+ldGT59DV7Ni2Q45jKJs2+ibuizpcNx+NV4+b9+jOS4ISwQT
kG8hctelfbps9gsApXjH6nf4oCK/0QSNt9lNRetsLB8WO9qdQNlBWdRZqzLBHlxU
OWiRhRv38B7hHCrtrzi5olEy3rbHbkJyE3UCcqoXxwjHpKrlH4WH1YKAoSqHe8gJ
NLpcnw47a3sVmK9aXtNeUOcEb97yLcaxzYYMmx44mbojHN4TwmEvQly5Azzj0Cva
XH/nsRSVlBcrJDClnL4hAuxNC+TvsI4vDu2ERDr3oU/rKZB2c/WxMQA=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:45:04 2025 by rpki-client