Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Cwzg6G8oMGcHFjokQI54oajd4ho.roa
File: Cwzg6G8oMGcHFjokQI54oajd4ho.roa (raw, json)
Hash identifier: JlBVzZT2k5QdHdTXen6z1Qz2r2v1m2IWUpGstr0dqag=
Subject key identifier: 0B:0C:E0:E8:6F:28:30:67:07:16:3A:24:40:8E:78:A1:A8:DD:E2:1A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1DDC
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Cwzg6G8oMGcHFjokQI54oajd4ho.roa
Signing time: Sat 13 Sep 2025 03:04:39 +0000
ROA not before: Sat 13 Sep 2025 03:04:39 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 24373
IP address blocks: 103.221.28.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7644 (0x1ddc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 13 03:04:39 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=0B0CE0E86F28306707163A24408E78A1A8DDE21A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d1:8b:fd:bd:96:54:0a:8e:47:39:b3:59:a2:
99:1e:07:db:82:da:4b:07:94:f2:32:8b:da:8d:a2:
8f:6f:17:50:df:c6:8f:58:a3:bc:42:ee:a7:cf:94:
51:27:9e:6f:5d:2c:1f:3a:90:7b:ac:59:89:3d:7f:
8e:cd:e2:68:24:f1:90:a0:56:28:41:86:17:23:bd:
5f:c0:37:70:7c:da:7b:fd:b3:c0:ea:fe:37:59:fb:
bb:82:5e:42:1f:b1:e2:35:c0:35:2f:8c:f6:c4:1f:
00:cc:28:f8:7c:e2:63:f2:20:19:5a:95:c9:39:ae:
7d:4c:f8:3a:4b:c9:fb:be:44:79:29:11:19:5b:8e:
f6:84:72:2e:11:1a:39:f5:9a:54:df:22:4f:87:b9:
7a:e9:ea:fb:da:a6:09:e0:c7:8f:23:d1:56:c3:ef:
33:ba:f3:75:09:0e:a1:40:be:09:36:bd:a7:2b:2a:
51:46:9c:1e:d9:57:09:64:81:71:31:7b:74:f3:23:
79:98:50:5d:b0:94:89:d2:90:8e:01:ee:a6:d1:18:
1c:40:74:6e:53:27:18:0a:0f:95:d4:91:3d:be:42:
15:ef:81:c3:e0:0a:ac:e6:30:77:5f:ba:e0:f1:af:
25:ab:4f:19:98:2d:0e:63:eb:0f:44:17:d6:0c:ad:
ba:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0C:E0:E8:6F:28:30:67:07:16:3A:24:40:8E:78:A1:A8:DD:E2:1A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Cwzg6G8oMGcHFjokQI54oajd4ho.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:65:aa:d3:0d:57:40:c9:3e:da:66:2f:d2:3c:b8:5d:cc:57:
4a:7f:ed:7d:56:cd:bf:4f:c6:51:a9:82:70:13:2d:a3:f2:5d:
04:09:be:81:86:5b:76:80:59:47:6c:a9:b6:12:d2:a6:06:b7:
1c:35:64:92:57:5c:1e:63:c2:a8:a7:60:9a:d9:62:23:4f:b8:
2b:c7:ab:12:56:fa:62:c1:4a:f3:37:5b:3e:6e:88:d6:2a:ba:
a3:a9:38:07:5f:e5:fe:a6:07:2e:0a:9c:aa:bb:cd:ef:12:a9:
29:f4:79:2f:f4:1d:43:bb:9c:df:7b:eb:3f:50:5b:98:10:b7:
05:c8:ce:23:e1:e4:22:64:53:17:3d:da:66:f7:82:36:b1:27:
53:e8:35:b5:e5:d9:1d:6e:ae:d0:db:05:cf:63:17:4c:c3:8f:
52:ab:1a:41:60:4c:91:e8:c9:5a:f3:7a:e4:bb:5c:4c:5f:a8:
4a:9b:d4:0f:cd:a4:cc:e4:57:64:56:2f:57:f9:6b:2d:23:f6:
4b:c3:8a:df:36:3b:1e:59:0d:a3:bb:ea:38:4a:1e:a3:bf:9a:
ee:c2:74:50:21:eb:d6:e9:0f:94:9e:e7:e2:8d:ce:4f:23:10:
ca:90:72:8a:f0:85:7c:7a:ea:9c:3b:a0:f4:83:99:a8:7b:28:
0b:41:90:54
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHdwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw
MzA0MzlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBCMENFMEU4NkYyODMw
NjcwNzE2M0EyNDQwOEU3OEExQThEREUyMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDv0Yv9vZZUCo5HObNZopkeB9uC2ksHlPIyi9qNoo9vF1Dfxo9Y
o7xC7qfPlFEnnm9dLB86kHusWYk9f47N4mgk8ZCgVihBhhcjvV/AN3B82nv9s8Dq
/jdZ+7uCXkIfseI1wDUvjPbEHwDMKPh84mPyIBlalck5rn1M+DpLyfu+RHkpERlb
jvaEci4RGjn1mlTfIk+HuXrp6vvapgngx48j0VbD7zO683UJDqFAvgk2vacrKlFG
nB7ZVwlkgXExe3TzI3mYUF2wlInSkI4B7qbRGBxAdG5TJxgKD5XUkT2+QhXvgcPg
CqzmMHdfuuDxryWrTxmYLQ5j6w9EF9YMrboBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUCwzg6G8oMGcHFjokQI54oajd4howHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0N3emc2RzhvTUdjSEZq
b2tRSTU0b2FqZDRoby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAKZlqtMNV0DJPtpmL9I8uF3MV0p/7X1W
zb9PxlGpgnATLaPyXQQJvoGGW3aAWUdsqbYS0qYGtxw1ZJJXXB5jwqinYJrZYiNP
uCvHqxJW+mLBSvM3Wz5uiNYquqOpOAdf5f6mBy4KnKq7ze8SqSn0eS/0HUO7nN97
6z9QW5gQtwXIziPh5CJkUxc92mb3gjaxJ1PoNbXl2R1urtDbBc9jF0zDj1KrGkFg
TJHoyVrzeuS7XExfqEqb1A/NpMzkV2RWL1f5ay0j9kvDit82Ox5ZDaO76jhKHqO/
mu7CdFAh69bpD5Se5+KNzk8jEMqQcorwhXx66pw7oPSDmah7KAtBkFQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:51:10 2025 by rpki-client