Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hVwccpbQfyN4atOIQyVJlx9HN2I.roa
File: hVwccpbQfyN4atOIQyVJlx9HN2I.roa (raw, json)
Hash identifier: yvPCY9Yh8FbsmhdAddb/5XSOtiPXuJJH0gnhTaPYIoE=
Subject key identifier: 85:5C:1C:72:96:D0:7F:23:78:6A:D3:88:43:25:49:97:1F:47:37:62
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1E35
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hVwccpbQfyN4atOIQyVJlx9HN2I.roa
Signing time: Sat 13 Sep 2025 03:04:55 +0000
ROA not before: Sat 13 Sep 2025 03:04:55 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 24373
IP address blocks: 103.221.36.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7733 (0x1e35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 13 03:04:55 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=855C1C7296D07F23786AD388432549971F473762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a5:ff:11:ca:bf:00:10:34:9d:da:f5:5b:a9:
21:f1:60:74:bc:2b:f7:ac:10:0e:74:e1:53:54:05:
a2:77:ed:ec:83:02:9f:04:d2:4a:fb:f2:b0:df:e3:
11:89:c0:12:87:e1:14:db:c3:d6:e1:ab:76:4d:3d:
56:8f:ac:78:cd:7b:8b:67:be:49:b8:0b:59:47:8c:
9b:ca:cf:0f:7c:0b:59:82:27:90:9c:09:5f:10:19:
6f:7f:67:6f:b5:68:9f:13:5c:24:8d:da:1b:10:db:
79:30:70:78:23:b4:7c:64:1e:13:ba:ce:43:f0:e8:
86:55:dc:d4:75:07:dc:58:59:14:a3:fc:8d:5d:0c:
11:8f:12:42:3a:ed:3a:33:a8:0e:a1:27:5c:61:f7:
d4:d1:d9:3e:31:b0:dc:52:64:46:63:b3:10:2a:a2:
74:3d:e6:d3:fe:bd:67:fd:5d:ee:36:c3:d2:eb:f9:
b2:75:2f:ab:2d:d3:b5:41:5e:f5:be:50:df:ac:92:
83:29:c4:eb:60:fc:19:ff:2e:31:87:18:77:1e:34:
63:aa:8a:c7:fd:af:81:19:7a:93:ee:77:43:f7:25:
93:02:3c:34:a9:86:15:06:fa:62:b3:4b:97:40:c5:
7c:98:27:42:3d:72:7f:1c:f1:e1:0d:14:20:57:a1:
1f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5C:1C:72:96:D0:7F:23:78:6A:D3:88:43:25:49:97:1F:47:37:62
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hVwccpbQfyN4atOIQyVJlx9HN2I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:c3:d7:13:be:b3:d2:82:6b:eb:ef:d6:db:05:73:ac:3d:a5:
42:dd:75:b4:10:ea:be:10:8f:e5:eb:a8:22:84:74:ce:72:e5:
b0:10:13:46:79:06:4b:eb:e1:2e:2f:55:1f:ae:bb:c7:11:b7:
17:71:84:79:be:8c:35:69:c1:55:a7:77:5e:ed:9a:bb:61:4f:
e3:56:f7:2b:45:23:1e:f3:79:61:00:33:41:4d:c1:c4:1e:4b:
5c:ea:6c:a5:58:84:75:a3:99:12:55:2e:ab:8c:51:0d:72:81:
bc:18:23:fa:de:dd:53:f6:86:dc:bd:39:0b:97:f8:51:9e:16:
ed:05:e4:8d:d0:39:8f:63:3d:4f:8e:35:c4:13:7b:82:87:27:
4a:a1:0d:f0:e0:a0:4d:ec:d8:0c:a7:6e:60:b6:5a:a9:32:03:
4a:41:30:ac:46:5b:f8:c0:6b:e4:c4:bb:a7:3f:3b:d6:81:63:
ba:cd:30:12:3d:4a:62:7b:90:8f:5d:67:d6:b0:cf:9f:56:5b:
e0:d0:6c:15:49:ee:7e:1a:10:61:49:32:45:92:e3:9d:c0:8c:
79:3f:0c:73:ab:c4:50:a1:4c:cc:da:8f:b7:e7:43:d9:99:17:
c4:85:f2:b3:26:b9:a1:ad:b3:50:34:e5:82:ae:f9:97:84:a7:
cc:33:d6:c5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHjUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw
MzA0NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg1NUMxQzcyOTZEMDdG
MjM3ODZBRDM4ODQzMjU0OTk3MUY0NzM3NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDepf8Ryr8AEDSd2vVbqSHxYHS8K/esEA504VNUBaJ37eyDAp8E
0kr78rDf4xGJwBKH4RTbw9bhq3ZNPVaPrHjNe4tnvkm4C1lHjJvKzw98C1mCJ5Cc
CV8QGW9/Z2+1aJ8TXCSN2hsQ23kwcHgjtHxkHhO6zkPw6IZV3NR1B9xYWRSj/I1d
DBGPEkI67TozqA6hJ1xh99TR2T4xsNxSZEZjsxAqonQ95tP+vWf9Xe42w9Lr+bJ1
L6st07VBXvW+UN+skoMpxOtg/Bn/LjGHGHceNGOqisf9r4EZepPud0P3JZMCPDSp
hhUG+mKzS5dAxXyYJ0I9cn8c8eENFCBXoR/BAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhVwccpbQfyN4atOIQyVJlx9HN2IwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hWd2NjcGJRZnlONGF0
T0lReVZKbHg5SE4ySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3SQwDQYJKoZIhvcNAQELBQADggEBAJzD1xO+s9KCa+vv1tsFc6w9pULddbQQ
6r4Qj+XrqCKEdM5y5bAQE0Z5Bkvr4S4vVR+uu8cRtxdxhHm+jDVpwVWnd17tmrth
T+NW9ytFIx7zeWEAM0FNwcQeS1zqbKVYhHWjmRJVLquMUQ1ygbwYI/re3VP2hty9
OQuX+FGeFu0F5I3QOY9jPU+ONcQTe4KHJ0qhDfDgoE3s2AynbmC2WqkyA0pBMKxG
W/jAa+TEu6c/O9aBY7rNMBI9SmJ7kI9dZ9awz59WW+DQbBVJ7n4aEGFJMkWS453A
jHk/DHOrxFChTMzaj7fnQ9mZF8SF8rMmuaGts1A05YKu+ZeEp8wz1sU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:51:07 2025 by rpki-client