Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/r78L_jfDaGDjaH3rsP83eK4kcG4.roa
File: r78L_jfDaGDjaH3rsP83eK4kcG4.roa (raw, json)
Hash identifier: u1or2If1pLNDG9eB56Xw8Z+2kHObmlhnvE4GqSl5VaQ=
Subject key identifier: AF:BF:0B:FE:37:C3:68:60:E3:68:7D:EB:B0:FF:37:78:AE:24:70:6E
Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Certificate serial: 17C5
Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/r78L_jfDaGDjaH3rsP83eK4kcG4.roa
Signing time: Mon 04 Aug 2025 13:06:15 +0000
ROA not before: Mon 04 Aug 2025 13:06:15 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 21859
IP address blocks: 103.99.76.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6085 (0x17c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Validity
Not Before: Aug 4 13:06:15 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=AFBF0BFE37C36860E3687DEBB0FF3778AE24706E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ff:e3:aa:48:df:dd:35:57:6e:07:ed:ee:1f:
60:9d:bf:75:91:a2:89:bd:ea:b6:91:5c:3e:bf:d6:
27:c9:28:41:fe:c9:dd:17:fd:ab:56:59:68:d3:34:
5b:dd:66:2a:65:a7:78:ee:b8:8d:c9:34:ef:ea:00:
d4:d5:a5:bd:13:ba:d6:1b:80:f6:6f:00:5b:12:3e:
7d:98:6a:fa:2f:34:9b:10:59:4d:cd:e2:13:79:34:
2b:70:4d:9e:98:df:1e:7f:97:a7:22:ba:35:36:c6:
79:6f:41:0d:22:de:e0:e8:e8:62:2a:09:54:4a:c6:
fe:b9:14:da:f6:06:4f:0e:64:38:0f:e5:56:a7:6b:
53:82:18:66:b4:e9:ad:43:b6:f4:39:79:59:b0:09:
21:1b:6c:ae:88:5c:dd:23:2f:a8:8e:d7:f8:3a:cd:
7b:ca:df:35:5a:2b:4f:3b:54:35:0f:0a:75:a0:ee:
db:77:c7:53:4e:cd:7f:51:53:1d:95:c3:69:dc:ee:
aa:53:5b:70:45:12:ba:07:5e:f8:c4:c6:10:db:29:
65:31:84:e4:06:74:40:b3:07:60:5b:a3:9f:f1:6f:
cf:f3:73:06:e5:c6:f0:de:c2:fc:23:e0:f3:d4:53:
c8:7e:f1:75:7f:4f:00:bf:c9:43:27:3e:51:30:49:
9a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BF:0B:FE:37:C3:68:60:E3:68:7D:EB:B0:FF:37:78:AE:24:70:6E
X509v3 Authority Key Identifier:
keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/r78L_jfDaGDjaH3rsP83eK4kcG4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.76.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:de:8a:a6:e4:be:ad:0d:02:4d:6e:65:e9:5d:28:65:1c:ae:
8b:3a:03:75:43:0c:a5:2c:a5:ad:ff:80:d5:9b:39:dd:21:63:
b6:2a:67:9a:4f:59:72:68:2c:2c:4e:5f:13:29:88:d5:2b:fa:
6b:df:a6:7e:a2:52:31:1d:c5:e6:9f:8c:57:c7:ea:fa:31:e0:
eb:8e:7d:2e:48:de:54:e7:bb:28:2d:4c:be:ae:0c:b8:86:bd:
1f:2b:a0:6a:66:c8:1d:44:e4:06:10:67:d4:7c:f4:63:97:91:
73:6e:d9:61:bc:2b:47:9b:85:f5:b0:a4:21:09:ca:fd:1f:25:
75:5a:e5:64:85:96:bb:e2:f7:ea:0a:28:6e:0f:81:e4:82:83:
03:94:1b:d6:67:68:e2:ab:65:16:26:1f:1b:a9:47:32:0b:59:
e2:2e:2f:fd:d1:df:26:7c:af:00:35:6c:7a:1d:5f:60:0a:34:
61:db:53:93:dc:5f:44:32:ce:0b:0e:6e:1b:db:a6:ea:40:89:
03:c6:e7:bb:0f:a3:0d:94:77:27:51:5c:e5:b1:64:b5:a1:ef:
15:bd:1d:3c:39:b1:0f:d4:10:0c:f6:33:be:9e:5d:be:7d:d1:
49:af:6e:9d:ab:4b:26:60:f8:22:6e:9f:f5:88:e6:15:f9:f7:
b9:64:72:de
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICF8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG
NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNTA4MDQx
MzA2MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFGQkYwQkZFMzdDMzY4
NjBFMzY4N0RFQkIwRkYzNzc4QUUyNDcwNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv/+OqSN/dNVduB+3uH2Cdv3WRoom96raRXD6/1ifJKEH+yd0X
/atWWWjTNFvdZiplp3juuI3JNO/qANTVpb0TutYbgPZvAFsSPn2YavovNJsQWU3N
4hN5NCtwTZ6Y3x5/l6ciujU2xnlvQQ0i3uDo6GIqCVRKxv65FNr2Bk8OZDgP5Van
a1OCGGa06a1DtvQ5eVmwCSEbbK6IXN0jL6iO1/g6zXvK3zVaK087VDUPCnWg7tt3
x1NOzX9RUx2Vw2nc7qpTW3BFEroHXvjExhDbKWUxhOQGdECzB2Bbo5/xb8/zcwbl
xvDewvwj4PPUU8h+8XV/TwC/yUMnPlEwSZprAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUr78L/jfDaGDjaH3rsP83eK4kcG4wHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF
CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3
OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1Nzgvcjc4TF9qZkRhR0Rq
YUgzcnNQODNlSzRrY0c0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdjTDANBgkqhkiG9w0BAQsFAAOCAQEAGt6KpuS+rQ0CTW5l6V0oZRyuizoD
dUMMpSylrf+A1Zs53SFjtipnmk9ZcmgsLE5fEymI1Sv6a9+mfqJSMR3F5p+MV8fq
+jHg6459LkjeVOe7KC1Mvq4MuIa9HyugambIHUTkBhBn1Hz0Y5eRc27ZYbwrR5uF
9bCkIQnK/R8ldVrlZIWWu+L36goobg+B5IKDA5Qb1mdo4qtlFiYfG6lHMgtZ4i4v
/dHfJnyvADVseh1fYAo0YdtTk9xfRDLOCw5uG9um6kCJA8bnuw+jDZR3J1Fc5bFk
taHvFb0dPDmxD9QQDPYzvp5dvn3RSa9unatLJmD4Im6f9YjmFfn3uWRy3g==
-----END CERTIFICATE-----
Generated at Tue Oct 28 12:57:47 2025 by rpki-client