Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/35kiMuB5B46jwBXYPaI_XaJTjSY.roa
File: 35kiMuB5B46jwBXYPaI_XaJTjSY.roa (raw, json)
Hash identifier: TurQC5WT8oHjM7I2S0BWbfcjZM6YYgModAXsI/Hgu6A=
Subject key identifier: DF:99:22:32:E0:79:07:8E:A3:C0:15:D8:3D:A2:3F:5D:A2:53:8D:26
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 2039
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/35kiMuB5B46jwBXYPaI_XaJTjSY.roa
Signing time: Tue 26 Aug 2025 05:15:42 +0000
ROA not before: Tue 26 Aug 2025 05:15:42 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 23724
IP address blocks: 103.235.228.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8249 (0x2039)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 05:15:42 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=DF992232E079078EA3C015D83DA23F5DA2538D26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:28:9f:5e:bf:58:f7:08:49:2c:48:75:96:76:
18:ee:87:33:da:a3:b3:0c:8a:45:37:06:42:48:eb:
fe:35:2f:96:04:bc:ac:a8:c9:e5:e0:bc:41:38:58:
a1:5b:c7:e4:20:90:19:8a:5a:c5:43:6d:8d:79:71:
8a:c9:3e:ab:b9:57:eb:52:32:cf:f0:29:60:f2:e0:
da:e5:74:6b:8d:23:8b:5b:7d:71:5b:bf:21:82:15:
26:d6:6a:3a:4f:ad:fc:9b:1a:99:46:ac:bc:cc:bd:
ae:b5:81:94:1a:20:52:35:f7:53:ce:e5:db:3b:a4:
29:03:67:f5:df:d0:cf:23:26:60:ef:d1:b0:06:c8:
07:97:d5:69:d7:bf:0d:f5:a6:10:4a:65:19:a4:1c:
c1:ab:81:56:0c:e1:e9:3a:26:ab:86:6e:6d:8a:c4:
67:34:94:94:0e:05:bd:77:18:13:5a:50:05:f5:97:
71:ef:7d:99:de:40:e6:9c:18:b4:60:79:c1:9f:71:
07:b2:9f:41:5c:1b:09:23:6b:f8:c3:0f:45:2a:27:
3f:5a:86:3d:74:bf:a4:e9:cc:5a:de:12:04:6b:61:
32:85:f9:df:2f:5f:34:70:83:ad:10:00:12:e9:cd:
7d:d1:88:df:db:ad:5e:a8:82:f9:cc:b4:fa:06:f4:
74:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:99:22:32:E0:79:07:8E:A3:C0:15:D8:3D:A2:3F:5D:A2:53:8D:26
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/35kiMuB5B46jwBXYPaI_XaJTjSY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.228.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:50:40:ae:18:58:54:de:55:a4:03:76:5f:61:80:07:63:b7:
6f:93:19:d3:2e:a1:cd:f5:23:9a:e7:7e:bb:a2:1e:7a:16:12:
be:68:c9:bc:8d:1b:1b:26:d2:9a:7f:9d:ae:46:98:95:a8:43:
be:3a:b4:71:70:c2:bb:0a:14:d5:d0:dd:29:8f:89:c7:29:69:
e4:aa:56:35:fa:f5:53:ed:d9:38:dd:cc:b8:7e:ee:8e:44:78:
e7:74:0c:b6:61:ed:01:49:66:a8:9e:52:c5:cb:96:a8:2d:ce:
72:eb:bd:ef:d4:ee:d6:69:99:66:36:a3:e1:d2:93:52:c9:48:
cc:34:69:93:e9:95:5d:12:ad:78:eb:ed:06:07:53:26:78:64:
52:94:31:cc:ad:ee:01:99:7d:3c:41:41:76:3f:8e:e6:c2:10:
f3:d3:eb:31:36:97:df:fa:8e:d0:64:06:ee:f5:b4:db:08:51:
59:2b:73:81:5c:44:9e:b9:63:03:b1:25:90:8d:93:10:f7:2a:
c0:fc:e6:b5:c1:1c:c6:0c:f3:ac:c0:23:fa:38:13:df:2b:42:
83:8e:1c:aa:8d:cf:7c:0c:bd:d4:a7:7d:ff:1f:0b:bb:af:f1:
67:17:a6:aa:e2:1e:1e:7d:5e:e5:69:05:b6:d2:3c:a9:2f:c7:
72:e6:d8:e6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NTE1NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERGOTkyMjMyRTA3OTA3
OEVBM0MwMTVEODNEQTIzRjVEQTI1MzhEMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWKJ9ev1j3CEksSHWWdhjuhzPao7MMikU3BkJI6/41L5YEvKyo
yeXgvEE4WKFbx+QgkBmKWsVDbY15cYrJPqu5V+tSMs/wKWDy4NrldGuNI4tbfXFb
vyGCFSbWajpPrfybGplGrLzMva61gZQaIFI191PO5ds7pCkDZ/Xf0M8jJmDv0bAG
yAeX1WnXvw31phBKZRmkHMGrgVYM4ek6JquGbm2KxGc0lJQOBb13GBNaUAX1l3Hv
fZneQOacGLRgecGfcQeyn0FcGwkja/jDD0UqJz9ahj10v6TpzFreEgRrYTKF+d8v
XzRwg60QABLpzX3RiN/brV6ogvnMtPoG9HQJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU35kiMuB5B46jwBXYPaI/XaJTjSYwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxLzM1a2lNdUI1QjQ2andC
WFlQYUlfWGFKVGpTWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn6+QwDQYJKoZIhvcNAQELBQADggEBAIxQQK4YWFTeVaQDdl9hgAdjt2+TGdMu
oc31I5rnfruiHnoWEr5oybyNGxsm0pp/na5GmJWoQ746tHFwwrsKFNXQ3SmPiccp
aeSqVjX69VPt2TjdzLh+7o5EeOd0DLZh7QFJZqieUsXLlqgtznLrve/U7tZpmWY2
o+HSk1LJSMw0aZPplV0SrXjr7QYHUyZ4ZFKUMcyt7gGZfTxBQXY/jubCEPPT6zE2
l9/6jtBkBu71tNsIUVkrc4FcRJ65YwOxJZCNkxD3KsD85rXBHMYM86zAI/o4E98r
QoOOHKqNz3wMvdSnff8fC7uv8WcXpqriHh59XuVpBbbSPKkvx3Lm2OY=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:25:49 2025 by rpki-client