Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/2i5-FNSepXnUHZYgfcSFvE1GiM0.roa
File: 2i5-FNSepXnUHZYgfcSFvE1GiM0.roa (raw, json)
Hash identifier: q4ndaDVIq65ay5+1Y+TLOp5Q0rhHx2bJ8amDqS4Bl7g=
Subject key identifier: DA:2E:7E:14:D4:9E:A5:79:D4:1D:96:20:7D:C4:85:BC:4D:46:88:CD
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1E42
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2i5-FNSepXnUHZYgfcSFvE1GiM0.roa
Signing time: Sat 13 Sep 2025 03:04:58 +0000
ROA not before: Sat 13 Sep 2025 03:04:58 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 24373
IP address blocks: 103.221.24.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7746 (0x1e42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 13 03:04:58 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=DA2E7E14D49EA579D41D96207DC485BC4D4688CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b8:d3:25:65:a6:9c:14:17:5a:38:58:f0:5d:
24:a1:56:16:9a:40:37:ac:e1:19:e3:55:60:77:63:
05:ce:7f:6f:26:64:79:68:5d:aa:bd:e6:f2:41:65:
69:ad:16:df:a0:68:f6:0a:f6:3a:74:ca:d3:82:91:
ef:bf:1b:67:59:15:71:0e:cd:23:04:63:82:74:79:
98:70:7c:38:9d:f1:72:00:e7:e7:7c:d7:85:05:1b:
64:24:43:1b:80:11:6b:ea:e4:95:6d:cf:00:3e:59:
80:6f:65:9d:a6:7c:18:c7:f3:e9:ed:96:94:96:92:
79:a7:2c:72:80:79:71:2d:de:27:f2:c7:00:c6:4c:
ce:7a:f3:e9:ef:a5:63:d9:b2:f9:c1:c4:73:ef:d6:
77:a7:6b:8f:99:b6:97:81:6b:72:c2:8d:59:01:5b:
c1:0d:41:f1:64:f0:98:e5:24:42:10:23:c0:d8:5a:
24:14:45:f1:13:56:2b:31:86:d4:5d:58:0e:05:e4:
bd:41:14:ca:ae:b1:ba:8e:b8:fa:99:bb:80:c3:28:
31:10:a6:27:a1:c2:49:bd:d9:eb:54:c5:64:cc:da:
c5:be:45:31:0e:3b:a8:ca:d4:1a:fc:5f:ab:30:3c:
ff:ce:c4:aa:ca:62:9b:d2:3f:0e:01:92:07:e6:db:
26:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2E:7E:14:D4:9E:A5:79:D4:1D:96:20:7D:C4:85:BC:4D:46:88:CD
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2i5-FNSepXnUHZYgfcSFvE1GiM0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.24.0/22
Signature Algorithm: sha256WithRSAEncryption
43:85:bf:f9:8a:59:d9:ba:a8:27:8e:84:1b:e4:ff:28:97:45:
71:64:dc:ae:81:95:7e:01:56:ba:a0:0a:f6:c0:08:52:7b:5e:
95:25:f7:7e:8a:cc:7b:3f:6d:bb:42:8b:bd:d8:45:38:62:3f:
91:3b:26:ed:a2:17:ad:2f:f9:41:c0:03:d4:2f:e6:e6:8d:5e:
a8:34:ee:7c:6e:3f:a8:30:7a:8b:01:59:69:8d:2e:e7:5c:65:
c1:2e:2d:b7:d4:d8:3f:43:99:b5:43:d5:70:ed:17:a2:ac:5b:
6e:36:ca:8d:06:fa:fe:55:09:a3:84:db:19:1f:84:7f:83:73:
d2:ba:62:40:40:ad:15:51:32:03:42:c7:b4:5d:26:07:ae:08:
2c:9b:d6:63:e2:44:f3:4c:30:e0:52:f4:6e:f5:3a:56:f2:0e:
84:2d:b9:0e:84:b1:a8:b3:05:d2:a0:0a:8a:0e:be:ee:f0:aa:
e6:72:aa:9d:5e:07:99:fb:5e:4a:05:3a:4d:53:39:8b:50:0f:
86:54:5d:1d:b5:b0:5d:e1:fe:eb:80:b8:d7:2a:92:16:83:4c:
29:2f:d8:ab:d6:7b:fe:12:bf:ca:c7:bc:8d:19:c7:1e:6c:f4:
e1:f7:8e:18:7a:e8:fe:8b:4f:f9:f8:d7:4d:d3:48:6a:1b:93:
d6:4a:25:4c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw
MzA0NThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERBMkU3RTE0RDQ5RUE1
NzlENDFEOTYyMDdEQzQ4NUJDNEQ0Njg4Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuuNMlZaacFBdaOFjwXSShVhaaQDes4RnjVWB3YwXOf28mZHlo
Xaq95vJBZWmtFt+gaPYK9jp0ytOCke+/G2dZFXEOzSMEY4J0eZhwfDid8XIA5+d8
14UFG2QkQxuAEWvq5JVtzwA+WYBvZZ2mfBjH8+ntlpSWknmnLHKAeXEt3ifyxwDG
TM568+nvpWPZsvnBxHPv1nena4+ZtpeBa3LCjVkBW8ENQfFk8JjlJEIQI8DYWiQU
RfETVisxhtRdWA4F5L1BFMqusbqOuPqZu4DDKDEQpiehwkm92etUxWTM2sW+RTEO
O6jK1Br8X6swPP/OxKrKYpvSPw4Bkgfm2yY5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2i5+FNSepXnUHZYgfcSFvE1GiM0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzJpNS1GTlNlcFhuVUha
WWdmY1NGdkUxR2lNMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3RgwDQYJKoZIhvcNAQELBQADggEBAEOFv/mKWdm6qCeOhBvk/yiXRXFk3K6B
lX4BVrqgCvbACFJ7XpUl936KzHs/bbtCi73YRThiP5E7Ju2iF60v+UHAA9Qv5uaN
Xqg07nxuP6gweosBWWmNLudcZcEuLbfU2D9DmbVD1XDtF6KsW242yo0G+v5VCaOE
2xkfhH+Dc9K6YkBArRVRMgNCx7RdJgeuCCyb1mPiRPNMMOBS9G71OlbyDoQtuQ6E
saizBdKgCooOvu7wquZyqp1eB5n7XkoFOk1TOYtQD4ZUXR21sF3h/uuAuNcqkhaD
TCkv2KvWe/4Sv8rHvI0Zxx5s9OH3jhh66P6LT/n4103TSGobk9ZKJUw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:51:32 2025 by rpki-client