Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZUq1BkIBwAmG5awoho2OyHX3K84.roa
File: ZUq1BkIBwAmG5awoho2OyHX3K84.roa (raw, json)
Hash identifier: NuqjAOzMjt1/DZi1UnOau8zucaBGfVwwOpC2v3T9NN0=
Subject key identifier: 65:4A:B5:06:42:01:C0:09:86:E5:AC:28:86:8D:8E:C8:75:F7:2B:CE
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 134D
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZUq1BkIBwAmG5awoho2OyHX3K84.roa
Signing time: Thu 22 May 2025 09:04:47 +0000
ROA not before: Thu 22 May 2025 09:04:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 55990
IP address blocks: 115.32.16.0/20 maxlen: 20
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4941 (0x134d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: May 22 09:04:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=654AB5064201C00986E5AC28868D8EC875F72BCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:98:64:0d:14:8d:72:94:cf:75:82:69:df:c9:
76:12:8c:20:44:69:54:3e:05:8f:5b:b1:40:fe:c6:
3d:66:3e:4e:58:da:89:08:8a:00:1e:5c:9c:4f:b1:
9d:ca:65:c3:c2:6d:ce:e4:f4:b3:68:93:80:5c:62:
d2:be:b2:db:8d:9e:8e:33:e2:95:d4:97:ce:b0:ab:
02:ca:ef:29:3b:fa:8c:c9:62:7d:cc:66:cf:e2:a6:
31:d5:55:e7:f6:0c:d0:6d:63:4a:3e:7e:8c:fa:bd:
35:8b:67:b2:f5:e6:6a:d2:ec:fd:42:24:57:cf:5b:
47:e0:0e:98:05:2e:cf:c1:ff:e8:16:77:d1:a6:b6:
ff:1e:30:3d:5f:a6:2c:42:7c:d0:92:d8:e9:10:39:
ee:74:37:92:7d:ca:b2:c5:d6:83:2c:f9:40:7c:a0:
92:6f:e0:37:a2:c8:ac:9c:e7:cd:14:b3:5b:a7:78:
e6:77:ce:98:a3:4e:9d:3b:1a:8b:7d:5a:e8:42:df:
38:ae:d7:f8:d8:b4:15:6c:3e:87:ee:be:99:5c:5c:
52:41:ab:12:08:9b:63:5c:91:f2:a2:ae:fb:8c:84:
aa:72:4c:8c:5b:32:09:24:97:fc:f4:a4:ab:d7:20:
e3:2e:4d:27:3f:3d:7b:34:db:9a:33:a2:78:99:dc:
11:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4A:B5:06:42:01:C0:09:86:E5:AC:28:86:8D:8E:C8:75:F7:2B:CE
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZUq1BkIBwAmG5awoho2OyHX3K84.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.32.16.0/20
Signature Algorithm: sha256WithRSAEncryption
33:6f:bb:27:25:25:34:98:07:45:95:95:ce:51:ed:6d:17:0a:
cd:ac:e6:76:32:71:51:4f:72:5f:10:fe:1f:44:b8:a1:7d:e4:
ff:7c:e3:61:3b:13:07:1a:ec:bb:36:f9:1f:18:7d:97:76:24:
5b:58:6f:e9:1c:98:dc:5c:26:61:c2:92:dc:cf:13:a4:17:ed:
9d:e7:b0:f7:c9:b3:51:ec:3a:8a:c2:83:5d:25:36:b1:e2:79:
79:5e:ff:48:60:88:f3:66:16:8a:95:ad:08:48:2f:71:63:bc:
34:35:27:a6:7e:2c:78:a8:ff:38:4e:dc:29:01:63:0f:e2:cc:
0e:39:05:e8:68:6c:84:71:28:b6:60:10:ad:d3:75:65:12:92:
d4:f7:63:c2:a8:db:c2:ea:7c:36:ed:e2:2f:76:92:9f:79:69:
21:e5:96:f4:c6:d2:f7:0d:65:8b:b2:47:95:a7:09:1f:89:ea:
e4:3f:28:b2:22:c5:49:f6:f4:e1:22:98:84:34:4c:43:ca:60:
d2:6b:71:b8:8f:1c:53:6c:9a:76:be:73:d8:1f:03:25:bd:73:
c3:da:4c:30:c5:4d:8a:f7:36:92:7c:52:cb:fd:ec:b8:2a:08:
96:78:69:6c:16:74:8c:c2:7b:88:e6:9f:be:60:31:28:e2:3d:
2e:6c:31:67
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw
OTA0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY1NEFCNTA2NDIwMUMw
MDk4NkU1QUMyODg2OEQ4RUM4NzVGNzJCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZmGQNFI1ylM91gmnfyXYSjCBEaVQ+BY9bsUD+xj1mPk5Y2okI
igAeXJxPsZ3KZcPCbc7k9LNok4BcYtK+stuNno4z4pXUl86wqwLK7yk7+ozJYn3M
Zs/ipjHVVef2DNBtY0o+foz6vTWLZ7L15mrS7P1CJFfPW0fgDpgFLs/B/+gWd9Gm
tv8eMD1fpixCfNCS2OkQOe50N5J9yrLF1oMs+UB8oJJv4DeiyKyc580Us1uneOZ3
zpijTp07Got9WuhC3ziu1/jYtBVsPofuvplcXFJBqxIIm2NckfKirvuMhKpyTIxb
Mgkkl/z0pKvXIOMuTSc/PXs025ozoniZ3BG5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUZUq1BkIBwAmG5awoho2OyHX3K84wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvWlVxMUJrSUJ3QW1H
NWF3b2hvMk95SFgzSzg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBHMgEDANBgkqhkiG9w0BAQsFAAOCAQEAM2+7JyUlNJgHRZWVzlHtbRcKzazm
djJxUU9yXxD+H0S4oX3k/3zjYTsTBxrsuzb5Hxh9l3YkW1hv6RyY3FwmYcKS3M8T
pBftneew98mzUew6isKDXSU2seJ5eV7/SGCI82YWipWtCEgvcWO8NDUnpn4seKj/
OE7cKQFjD+LMDjkF6GhshHEotmAQrdN1ZRKS1Pdjwqjbwup8Nu3iL3aSn3lpIeWW
9MbS9w1li7JHlacJH4nq5D8osiLFSfb04SKYhDRMQ8pg0mtxuI8cU2yadr5z2B8D
Jb1zw9pMMMVNivc2knxSy/3suCoIlnhpbBZ0jMJ7iOafvmAxKOI9LmwxZw==
-----END CERTIFICATE-----
Generated at Sun Oct 26 05:23:19 2025 by rpki-client