Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/TlDVc6mwmNaH_oaocJzBqL-rYc8.roa
File: TlDVc6mwmNaH_oaocJzBqL-rYc8.roa (raw, json)
Hash identifier: 56bN5Eo/RqWc/7qEy//q+Ixbfum72j6YmmH0+TmJg9o=
Subject key identifier: 4E:50:D5:73:A9:B0:98:D6:87:FE:86:A8:70:9C:C1:A8:BF:AB:61:CF
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 203B
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/TlDVc6mwmNaH_oaocJzBqL-rYc8.roa
Signing time: Tue 26 Aug 2025 05:15:43 +0000
ROA not before: Tue 26 Aug 2025 05:15:43 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 23724
IP address blocks: 103.235.232.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8251 (0x203b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 05:15:43 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=4E50D573A9B098D687FE86A8709CC1A8BFAB61CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e1:b5:50:bc:e4:54:9a:d2:98:a1:fc:6d:4b:
2a:ea:a9:80:a5:0c:ec:da:3e:dd:7b:e9:a5:cd:75:
92:04:08:4b:82:96:d1:e5:3a:82:0a:ad:3d:a5:e0:
c4:21:ad:c3:c2:4f:8a:d8:bc:3c:37:77:6d:57:c0:
ef:e0:f9:20:dd:bd:66:44:21:e3:1c:8d:46:6e:0f:
de:d6:8a:7e:75:c2:79:d2:ad:e2:ab:fa:ff:7b:84:
01:8a:77:86:10:36:a5:20:10:7a:1a:46:69:17:b4:
76:c9:63:41:81:c5:b4:f7:d7:bf:ae:88:a3:8c:ca:
30:59:cf:38:57:d3:ea:af:af:5e:26:eb:45:eb:24:
5b:92:cb:6f:89:a4:50:b3:99:b8:7b:bf:93:46:67:
06:b6:e9:3b:9d:d1:b8:48:4a:2e:80:65:6f:eb:bb:
9f:0e:ef:cd:70:80:c9:0e:db:1d:d6:51:8d:e5:33:
1d:9c:54:21:15:31:ea:6a:69:6f:54:df:1a:4e:26:
50:99:46:87:3a:19:2e:07:eb:55:45:bd:fa:67:87:
91:ee:ed:be:51:c4:0e:33:6b:8b:14:b3:24:df:49:
a1:75:2c:6e:c5:2e:0f:2e:b0:f6:8e:4e:1d:58:b2:
ef:aa:aa:13:84:d8:ff:df:3f:80:23:40:32:bc:3c:
8d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:50:D5:73:A9:B0:98:D6:87:FE:86:A8:70:9C:C1:A8:BF:AB:61:CF
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/TlDVc6mwmNaH_oaocJzBqL-rYc8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.232.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ac:d6:ab:fc:19:a4:1b:c1:40:00:f3:b3:3c:bb:58:b4:d4:
bb:5d:8e:de:b0:7e:6d:f2:3c:fe:58:bb:54:d1:f2:cd:67:46:
ea:77:1c:cf:30:90:d1:b7:7a:a6:35:67:2d:35:f1:d3:a9:36:
56:6e:be:e2:b4:72:75:6d:35:fb:db:f8:b5:12:3c:39:f6:36:
55:9d:23:dd:1b:10:49:b1:e0:a9:bf:ab:aa:7d:24:79:68:c3:
76:fd:65:1b:df:9f:5c:cf:45:2e:0c:a4:66:b9:9f:93:ad:be:
35:49:eb:73:a8:00:f8:51:f0:09:64:c5:07:56:45:15:fb:46:
95:dd:a0:ad:18:83:d5:4a:58:b4:f6:19:5f:c7:12:40:1d:12:
3e:31:9f:0a:35:72:e0:0d:d4:e5:3c:91:24:2b:d8:7f:5e:40:
cc:37:65:09:7e:7d:96:31:03:24:5e:c6:d3:c9:5f:83:db:4b:
c4:cb:99:3a:31:8e:09:b1:cc:9f:f8:73:2f:db:86:2d:4a:e2:
e2:fb:77:24:37:5f:b8:88:0d:17:3f:6d:d0:31:94:73:4e:f2:
03:5a:df:a0:40:7f:48:43:0c:c5:3d:73:4d:24:b2:6e:bd:35:
88:fe:92:fc:23:f1:c4:77:77:e2:11:0d:dc:33:82:e1:0d:7d:
3d:f3:5e:46
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIDswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NTE1NDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRFNTBENTczQTlCMDk4
RDY4N0ZFODZBODcwOUNDMUE4QkZBQjYxQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm4bVQvORUmtKYofxtSyrqqYClDOzaPt176aXNdZIECEuCltHl
OoIKrT2l4MQhrcPCT4rYvDw3d21XwO/g+SDdvWZEIeMcjUZuD97Win51wnnSreKr
+v97hAGKd4YQNqUgEHoaRmkXtHbJY0GBxbT317+uiKOMyjBZzzhX0+qvr14m60Xr
JFuSy2+JpFCzmbh7v5NGZwa26Tud0bhISi6AZW/ru58O781wgMkO2x3WUY3lMx2c
VCEVMepqaW9U3xpOJlCZRoc6GS4H61VFvfpnh5Hu7b5RxA4za4sUsyTfSaF1LG7F
Lg8usPaOTh1Ysu+qqhOE2P/fP4AjQDK8PI2bAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTlDVc6mwmNaH/oaocJzBqL+rYc8wHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL1RsRFZjNm13bU5hSF9v
YW9jSnpCcUwtclljOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn6+gwDQYJKoZIhvcNAQELBQADggEBADas1qv8GaQbwUAA87M8u1i01Ltdjt6w
fm3yPP5Yu1TR8s1nRup3HM8wkNG3eqY1Zy018dOpNlZuvuK0cnVtNfvb+LUSPDn2
NlWdI90bEEmx4Km/q6p9JHlow3b9ZRvfn1zPRS4MpGa5n5OtvjVJ63OoAPhR8Alk
xQdWRRX7RpXdoK0Yg9VKWLT2GV/HEkAdEj4xnwo1cuAN1OU8kSQr2H9eQMw3ZQl+
fZYxAyRextPJX4PbS8TLmToxjgmxzJ/4cy/bhi1K4uL7dyQ3X7iIDRc/bdAxlHNO
8gNa36BAf0hDDMU9c00ksm69NYj+kvwj8cR3d+IRDdwzguENfT3zXkY=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:25:49 2025 by rpki-client