Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/y6RyUSLdWvnb3Nqe1zIWAVeOwHs.roa
File: y6RyUSLdWvnb3Nqe1zIWAVeOwHs.roa (raw, json)
Hash identifier: gPnI0NxeqSyiEswPzYa0WVVBR14+LEbFmo1G5VlWVEE=
Subject key identifier: CB:A4:72:51:22:DD:5A:F9:DB:DC:DA:9E:D7:32:16:01:57:8E:C0:7B
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1EEA
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/y6RyUSLdWvnb3Nqe1zIWAVeOwHs.roa
Signing time: Sat 13 Sep 2025 03:05:36 +0000
ROA not before: Sat 13 Sep 2025 03:05:36 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 24373
IP address blocks: 103.220.252.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7914 (0x1eea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 13 03:05:36 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=CBA4725122DD5AF9DBDCDA9ED7321601578EC07B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:32:56:97:7c:d5:c9:c4:29:ad:a5:5b:e5:d5:
6e:1a:03:44:18:15:4e:b9:93:13:6e:a8:4c:02:eb:
81:55:67:92:16:2c:6a:45:59:12:af:c5:53:26:20:
a9:10:95:5d:b9:97:55:1a:18:d1:c2:ad:cc:75:4a:
c1:1f:71:15:d0:0a:b2:72:ba:a0:14:fc:98:6f:2c:
f3:5a:d9:b4:37:34:25:16:d7:39:45:81:50:2f:f5:
fa:39:11:f0:4f:d0:41:9a:76:c0:7d:08:d0:44:90:
16:d9:c8:3b:e1:f3:64:04:d5:f5:c7:c8:51:26:e4:
3d:09:c7:1a:94:16:c2:78:76:e3:3f:13:91:6c:3c:
e1:c3:02:d3:17:37:fe:52:81:23:d6:bc:6a:6e:fa:
d2:0f:ce:11:fc:1c:b0:cd:28:0b:74:85:5d:91:2b:
0c:3a:df:4d:f1:44:e9:b8:1a:d8:2d:73:47:68:1f:
7c:3a:f2:cd:45:56:a3:80:58:18:5a:d0:c5:32:04:
19:ca:21:01:42:76:8b:de:8f:08:9e:fe:53:4b:c0:
1f:07:b1:d7:6d:1d:71:d0:64:41:9e:35:b3:9d:d2:
1d:a4:55:c6:88:98:a8:3e:fa:97:24:dd:c1:54:7d:
97:f2:f6:30:b2:21:c1:d9:47:a7:d4:4f:36:d8:a7:
4c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A4:72:51:22:DD:5A:F9:DB:DC:DA:9E:D7:32:16:01:57:8E:C0:7B
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/y6RyUSLdWvnb3Nqe1zIWAVeOwHs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.252.0/22
Signature Algorithm: sha256WithRSAEncryption
94:67:b9:46:b2:b4:d5:d2:de:f2:a0:e5:12:5b:83:e5:b8:cb:
5e:ef:3a:42:e0:e8:ab:06:19:8f:15:cc:85:00:02:db:f1:14:
0f:c7:b6:9f:88:fe:0e:7e:69:72:18:d6:5b:8e:7b:3e:cc:4e:
cc:08:d3:69:ef:a6:09:92:04:65:ba:4a:92:a3:92:02:e4:c4:
9b:81:bb:f7:d0:ab:93:2c:b4:8e:41:bd:3f:01:71:0c:ed:e9:
59:7e:03:23:6f:e9:1f:a0:5a:a5:0d:ba:d6:97:76:9d:fd:e4:
4a:24:5f:52:26:3a:d5:8e:b9:fc:2e:f1:a7:5c:a6:97:10:12:
eb:f0:9c:96:04:33:b5:c5:0a:02:a5:d2:37:57:7a:10:d3:fd:
b0:17:51:58:bc:f1:0f:f4:9a:5a:f1:1a:10:f8:55:75:53:97:
15:71:69:45:85:b7:61:3a:ac:0b:f8:01:23:5d:9d:3b:f7:d8:
a6:27:55:a7:5f:74:5b:a6:d2:b9:02:b3:a5:a6:e7:a7:1c:8a:
a7:51:67:4c:72:49:cd:90:b1:7d:0e:47:11:61:08:a8:31:ba:
51:b6:29:d3:93:38:5e:d3:28:b1:7c:29:cf:53:e9:17:01:a9:
5f:1b:c9:38:d1:d2:4c:5f:60:96:60:4f:b0:87:80:a0:a0:64:
8f:93:5c:fa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw
MzA1MzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCQTQ3MjUxMjJERDVB
RjlEQkRDREE5RUQ3MzIxNjAxNTc4RUMwN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzMlaXfNXJxCmtpVvl1W4aA0QYFU65kxNuqEwC64FVZ5IWLGpF
WRKvxVMmIKkQlV25l1UaGNHCrcx1SsEfcRXQCrJyuqAU/JhvLPNa2bQ3NCUW1zlF
gVAv9fo5EfBP0EGadsB9CNBEkBbZyDvh82QE1fXHyFEm5D0JxxqUFsJ4duM/E5Fs
POHDAtMXN/5SgSPWvGpu+tIPzhH8HLDNKAt0hV2RKww6303xROm4Gtgtc0doH3w6
8s1FVqOAWBha0MUyBBnKIQFCdovejwie/lNLwB8HsddtHXHQZEGeNbOd0h2kVcaI
mKg++pck3cFUfZfy9jCyIcHZR6fUTzbYp0wjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUy6RyUSLdWvnb3Nqe1zIWAVeOwHswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3k2UnlVU0xkV3ZuYjNO
cWUxeklXQVZlT3dIcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3PwwDQYJKoZIhvcNAQELBQADggEBAJRnuUaytNXS3vKg5RJbg+W4y17vOkLg
6KsGGY8VzIUAAtvxFA/Htp+I/g5+aXIY1luOez7MTswI02nvpgmSBGW6SpKjkgLk
xJuBu/fQq5MstI5BvT8BcQzt6Vl+AyNv6R+gWqUNutaXdp395EokX1ImOtWOufwu
8adcppcQEuvwnJYEM7XFCgKl0jdXehDT/bAXUVi88Q/0mlrxGhD4VXVTlxVxaUWF
t2E6rAv4ASNdnTv32KYnVadfdFum0rkCs6Wm56cciqdRZ0xySc2QsX0ORxFhCKgx
ulG2KdOTOF7TKLF8Kc9T6RcBqV8byTjR0kxfYJZgT7CHgKCgZI+TXPo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:51:32 2025 by rpki-client