Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/vzpbhDWll6LsOYewiveJVaLZvw8.roa
File: vzpbhDWll6LsOYewiveJVaLZvw8.roa (raw, json)
Hash identifier: dXJPedUOw4ipZ7+JaoY0WBmsfOf30RaHXnjwiWaFJ/Y=
Subject key identifier: BF:3A:5B:84:35:A5:97:A2:EC:39:87:B0:8A:F7:89:55:A2:D9:BF:0F
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 14EE
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/vzpbhDWll6LsOYewiveJVaLZvw8.roa
Signing time: Sat 13 Sep 2025 03:03:28 +0000
ROA not before: Sat 13 Sep 2025 03:03:28 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 62387
IP address blocks: 123.98.52.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5358 (0x14ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 13 03:03:28 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=BF3A5B8435A597A2EC3987B08AF78955A2D9BF0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f3:6f:aa:14:93:6d:e5:1d:bc:d2:20:eb:cc:
a7:6e:85:64:4f:f2:52:33:c0:c7:6c:39:d4:90:07:
80:63:82:df:3b:8d:cb:ce:6b:3c:c3:82:a9:c1:c5:
51:2f:02:e0:37:d2:89:76:8b:f4:d0:b8:6e:51:de:
df:21:79:02:3f:44:c9:5c:58:61:fc:7a:ed:ff:eb:
66:48:fe:66:05:48:7d:4c:2f:d7:08:ab:d1:4d:a9:
78:41:19:e8:6b:dc:ca:c0:36:de:16:e0:95:3e:b2:
98:f3:e7:9d:2f:d9:5d:db:25:48:93:af:a5:7e:5c:
fb:50:bd:54:4d:ea:b0:a7:a5:cc:8f:9a:ee:db:17:
cd:81:36:33:a3:ec:a9:d1:78:b5:23:14:01:f6:b5:
e9:30:6f:89:65:e6:4a:b5:18:a8:0d:c8:ec:f2:0e:
12:2a:39:fb:ac:b0:c5:40:b2:03:10:74:7b:47:c9:
5e:8f:fe:2e:49:91:8a:0f:74:0e:87:65:0e:fe:88:
67:b6:6a:ff:a1:f1:f9:ea:18:21:85:1d:d6:8a:75:
62:62:f3:12:e8:44:73:4f:a3:4c:b2:44:22:99:fe:
69:d7:9c:24:6f:d8:c3:9c:82:d9:3d:c9:33:ad:b6:
71:4b:60:16:32:a0:30:a0:84:07:c4:71:0c:e8:89:
7a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3A:5B:84:35:A5:97:A2:EC:39:87:B0:8A:F7:89:55:A2:D9:BF:0F
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/vzpbhDWll6LsOYewiveJVaLZvw8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.52.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:db:98:6e:d0:65:a8:db:d7:f7:67:e8:5f:c4:12:6d:2e:5b:
c4:3a:cf:e0:1a:e5:4d:f5:9b:58:33:2b:25:06:07:4d:f7:09:
3e:23:43:27:db:8c:a8:4d:5e:30:c4:20:f2:7e:28:57:e7:3e:
2d:c1:69:dd:0d:2b:19:72:2f:7c:0c:fb:e6:43:99:70:46:59:
f9:58:04:21:fc:5f:30:96:27:2a:0a:be:0b:7d:a8:bb:0c:37:
68:b9:d9:d2:79:22:98:0e:98:3c:d9:9b:6e:e9:b1:a6:a7:04:
92:3e:c6:5d:b7:6f:b7:9b:db:53:5e:f8:59:ca:53:3a:60:c8:
1c:a8:72:19:1b:17:39:7f:b9:93:01:60:28:89:46:14:6d:4f:
a7:e1:ca:50:f8:4d:a6:63:3d:65:25:07:52:1a:26:fc:d0:0e:
36:0b:6b:32:2a:44:d8:73:87:79:c4:47:e7:37:56:44:ec:d9:
43:39:9e:eb:e1:a5:4f:30:15:8c:e3:bd:eb:af:3e:6b:70:89:
03:51:89:f7:ca:72:56:8f:b8:5b:05:03:8e:dc:b9:84:c6:21:
a5:d4:7d:53:75:76:ab:41:9f:c8:56:dc:cb:60:bf:a9:d2:b7:
b4:6b:5a:4d:be:5f:85:a9:79:f2:ad:3f:31:f8:80:68:91:0b:
dc:16:e2:44
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA5MTMw
MzAzMjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJGM0E1Qjg0MzVBNTk3
QTJFQzM5ODdCMDhBRjc4OTU1QTJEOUJGMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDl82+qFJNt5R280iDrzKduhWRP8lIzwMdsOdSQB4Bjgt87jcvO
azzDgqnBxVEvAuA30ol2i/TQuG5R3t8heQI/RMlcWGH8eu3/62ZI/mYFSH1ML9cI
q9FNqXhBGehr3MrANt4W4JU+spjz550v2V3bJUiTr6V+XPtQvVRN6rCnpcyPmu7b
F82BNjOj7KnReLUjFAH2tekwb4ll5kq1GKgNyOzyDhIqOfussMVAsgMQdHtHyV6P
/i5JkYoPdA6HZQ7+iGe2av+h8fnqGCGFHdaKdWJi8xLoRHNPo0yyRCKZ/mnXnCRv
2MOcgtk9yTOttnFLYBYyoDCghAfEcQzoiXqbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUvzpbhDWll6LsOYewiveJVaLZvw8wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3Z6cGJoRFdsbDZMc09Z
ZXdpdmVKVmFMWnZ3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YjQwDQYJKoZIhvcNAQELBQADggEBAF3bmG7QZajb1/dn6F/EEm0uW8Q6z+Aa
5U31m1gzKyUGB033CT4jQyfbjKhNXjDEIPJ+KFfnPi3Bad0NKxlyL3wM++ZDmXBG
WflYBCH8XzCWJyoKvgt9qLsMN2i52dJ5IpgOmDzZm27psaanBJI+xl23b7eb21Ne
+FnKUzpgyByochkbFzl/uZMBYCiJRhRtT6fhylD4TaZjPWUlB1IaJvzQDjYLazIq
RNhzh3nER+c3VkTs2UM5nuvhpU8wFYzjveuvPmtwiQNRiffKclaPuFsFA47cuYTG
IaXUfVN1dqtBn8hW3Mtgv6nSt7RrWk2+X4WpefKtPzH4gGiRC9wW4kQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:21 2025 by rpki-client