Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3194/TkMmlTcEcQLD7pSSb1TqYpSMWS0.roa
File: TkMmlTcEcQLD7pSSb1TqYpSMWS0.roa (raw, json)
Hash identifier: EXUzTGbeJC8KE4XzujOoFpoduu3zvEsV8X0422gj9gE=
Subject key identifier: 4E:43:26:95:37:04:71:02:C3:EE:94:92:6F:54:EA:62:94:8C:59:2D
Certificate issuer: /CN=01BE335E6A4EFB954DBA7893846929A3A5F6867A
Certificate serial: 12
Authority key identifier: 01:BE:33:5E:6A:4E:FB:95:4D:BA:78:93:84:69:29:A3:A5:F6:86:7A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/TkMmlTcEcQLD7pSSb1TqYpSMWS0.roa
Signing time: Wed 22 Oct 2025 02:13:23 +0000
ROA not before: Wed 22 Oct 2025 02:13:23 +0000
ROA not after: Wed 21 Oct 2026 08:58:05 +0000
asID: 151232
IP address blocks: 103.45.129.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01BE335E6A4EFB954DBA7893846929A3A5F6867A
Validity
Not Before: Oct 22 02:13:23 2025 GMT
Not After : Oct 21 08:58:05 2026 GMT
Subject: CN=4E43269537047102C3EE94926F54EA62948C592D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fa:4d:ba:e1:78:12:da:1a:ea:ec:11:14:43:
0f:57:0f:e3:e0:5a:14:18:48:12:36:83:47:59:72:
da:e2:b2:2c:8d:a0:b5:4f:d3:7d:1c:ef:c4:13:7b:
ef:61:83:5c:b3:83:74:23:59:06:db:5a:7d:30:59:
7d:4e:5f:7b:40:0c:e5:36:fe:9b:bb:40:e2:f5:31:
b6:f8:9d:b4:1e:c7:94:8c:d6:32:ab:34:53:87:b0:
09:ac:40:4d:cf:fd:17:c4:6e:c5:7a:d6:06:b0:7d:
26:ca:c0:aa:71:c5:3e:70:01:48:f0:dd:76:10:ba:
cf:46:80:41:51:bf:82:8e:c2:c1:be:23:d8:19:45:
5d:0a:d2:2d:1b:c0:af:0d:36:c0:74:3a:48:73:c0:
3e:bc:e6:a7:49:0e:ef:16:ea:cb:fa:06:0b:7c:cf:
ac:be:87:3a:c1:e7:ea:bb:3c:91:ec:88:97:c5:d7:
d5:8b:62:d4:f1:43:17:c1:7e:35:b3:09:54:d5:0d:
d1:ce:f5:10:7d:d7:1d:64:51:08:74:84:16:00:6c:
ba:be:9a:ad:d3:17:23:c2:03:49:7d:a2:41:71:af:
84:37:8d:b4:4f:63:53:96:34:13:a2:39:d6:0a:04:
8f:bd:e6:f0:f7:8e:05:d5:70:b3:d4:1a:a7:f9:23:
7a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:43:26:95:37:04:71:02:C3:EE:94:92:6F:54:EA:62:94:8C:59:2D
X509v3 Authority Key Identifier:
keyid:01:BE:33:5E:6A:4E:FB:95:4D:BA:78:93:84:69:29:A3:A5:F6:86:7A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/TkMmlTcEcQLD7pSSb1TqYpSMWS0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.45.129.0/24
Signature Algorithm: sha256WithRSAEncryption
55:cc:9f:ff:a8:45:c4:44:c5:85:6b:56:25:ef:e3:23:1c:32:
99:4f:d8:bc:88:fe:3d:1f:bf:41:48:43:d8:c3:35:f4:1c:18:
5f:5a:fd:44:19:3a:ac:8a:b7:d7:6b:6e:62:58:74:4b:ec:2c:
b1:bf:28:e0:18:16:4e:ae:1e:31:ee:0e:74:8c:e0:74:ca:92:
30:f0:47:36:b1:38:78:09:9f:76:9b:c9:78:7a:c9:b3:50:0a:
1e:72:9e:c1:0e:b1:06:a6:a9:c3:f9:c2:0e:4b:51:63:8d:8f:
ed:71:80:0f:f1:e3:db:43:52:db:49:06:b9:90:d7:21:70:5a:
4c:fc:72:62:10:b2:c4:9d:ef:7a:9e:aa:e7:53:a6:d7:f2:85:
16:10:33:77:26:e9:82:d2:b9:11:ac:0e:7c:b4:9e:2b:42:07:
33:58:41:1d:39:56:5f:4d:01:42:2d:1c:54:1e:93:73:a7:64:
dd:07:21:12:7a:34:02:31:7c:77:d2:31:8f:a7:23:b2:87:41:
75:14:b3:c3:0a:a8:fa:2b:54:9f:85:e3:5c:48:f9:a5:3e:3b:
c0:32:3f:a2:f1:6f:3c:a4:94:b5:6a:0e:e3:2e:fe:63:06:94:
64:89:a2:d9:8a:6b:d9:2c:a2:48:49:42:18:0d:99:89:f6:21:
d6:b5:a4:6a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwMUJF
MzM1RTZBNEVGQjk1NERCQTc4OTM4NDY5MjlBM0E1RjY4NjdBMB4XDTI1MTAyMjAy
MTMyM1oXDTI2MTAyMTA4NTgwNVowMzExMC8GA1UEAxMoNEU0MzI2OTUzNzA0NzEw
MkMzRUU5NDkyNkY1NEVBNjI5NDhDNTkyRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANT6TbrheBLaGursERRDD1cP4+BaFBhIEjaDR1ly2uKyLI2gtU/T
fRzvxBN772GDXLODdCNZBttafTBZfU5fe0AM5Tb+m7tA4vUxtvidtB7HlIzWMqs0
U4ewCaxATc/9F8RuxXrWBrB9JsrAqnHFPnABSPDddhC6z0aAQVG/go7Cwb4j2BlF
XQrSLRvArw02wHQ6SHPAPrzmp0kO7xbqy/oGC3zPrL6HOsHn6rs8keyIl8XX1Yti
1PFDF8F+NbMJVNUN0c71EH3XHWRRCHSEFgBsur6ardMXI8IDSX2iQXGvhDeNtE9j
U5Y0E6I51goEj73m8PeOBdVws9Qap/kjetECAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBROQyaVNwRxAsPulJJvVOpilIxZLTAfBgNVHSMEGDAWgBQBvjNeak77lU26eJOE
aSmjpfaGejAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTk0
L0FiNHpYbXBPLTVWTnVuaVRoR2twbzZYMmhuby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQWI0elhtcE8tNVZOdW5pVGhHa3BvNlgyaG5vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE5NC9Ua01tbFRjRWNRTEQ3
cFNTYjFUcVlwU01XUzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZy2BMA0GCSqGSIb3DQEBCwUAA4IBAQBVzJ//qEXERMWFa1Yl7+MjHDKZT9i8
iP49H79BSEPYwzX0HBhfWv1EGTqsirfXa25iWHRL7CyxvyjgGBZOrh4x7g50jOB0
ypIw8Ec2sTh4CZ92m8l4esmzUAoecp7BDrEGpqnD+cIOS1FjjY/tcYAP8ePbQ1Lb
SQa5kNchcFpM/HJiELLEne96nqrnU6bX8oUWEDN3JumC0rkRrA58tJ4rQgczWEEd
OVZfTQFCLRxUHpNzp2TdByESejQCMXx30jGPpyOyh0F1FLPDCqj6K1SfheNcSPml
PjvAMj+i8W88pJS1ag7jLv5jBpRkiaLZimvZLKJISUIYDZmJ9iHWtaRq
-----END CERTIFICATE-----
Generated at Tue Oct 28 17:36:38 2025 by rpki-client