Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/UUR8NVd5Jbu8k3DJoZGBvvmppvA.roa
File: UUR8NVd5Jbu8k3DJoZGBvvmppvA.roa (raw, json)
Hash identifier: wyOZn3IHEVHL8knCg2EB6Lk39j48wTdG7CluLBcWDBI=
Subject key identifier: 51:44:7C:35:57:79:25:BB:BC:93:70:C9:A1:91:81:BE:F9:A9:A6:F0
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 2037
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/UUR8NVd5Jbu8k3DJoZGBvvmppvA.roa
Signing time: Tue 26 Aug 2025 05:15:37 +0000
ROA not before: Tue 26 Aug 2025 05:15:37 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 23724
IP address blocks: 103.235.236.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8247 (0x2037)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 05:15:37 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=51447C35577925BBBC9370C9A19181BEF9A9A6F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:db:54:20:6a:c0:d8:e4:a6:2e:24:1b:59:6e:
47:ce:5c:5b:06:73:eb:84:eb:08:1c:8e:3f:4b:45:
d1:0d:24:e7:d6:28:2c:ac:99:1e:a6:29:9d:65:22:
0f:93:34:eb:85:fe:be:a6:b6:7f:85:98:4c:73:b2:
1d:0e:31:0d:c8:23:66:3f:c7:2f:a4:9f:80:96:50:
66:26:d1:d6:61:05:4d:ea:40:e6:7b:56:b0:50:68:
8f:52:3e:70:6f:23:99:27:be:bb:b3:37:72:9a:1a:
bb:73:aa:24:e5:03:e2:17:04:96:5b:e4:8a:be:93:
e8:ab:23:9f:c7:af:25:61:ed:ee:8b:9e:21:36:b4:
fa:c0:5b:37:a4:f7:e3:ed:4c:05:4e:3e:3f:4f:2d:
85:72:e8:bf:4e:8a:bc:43:bf:96:0c:4f:f3:f2:4e:
60:ad:06:c8:09:85:b8:f9:6f:c2:c4:60:5e:34:e3:
9e:ab:a5:be:1e:72:52:ea:53:ff:22:e0:32:04:87:
75:53:59:ed:c5:74:13:ca:d8:de:b4:af:04:15:cd:
2e:a5:e9:94:9c:27:c7:ce:e7:dd:90:a2:1c:d1:10:
0f:bc:35:9e:c7:28:d5:fb:b2:78:d8:5b:36:77:24:
4f:38:0f:77:99:cc:0d:81:49:94:b4:75:67:74:8b:
0a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:44:7C:35:57:79:25:BB:BC:93:70:C9:A1:91:81:BE:F9:A9:A6:F0
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/UUR8NVd5Jbu8k3DJoZGBvvmppvA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.236.0/22
Signature Algorithm: sha256WithRSAEncryption
97:2a:22:65:90:da:b5:e6:c8:b7:68:64:b8:a1:de:21:60:ca:
f0:2b:10:70:9e:f9:c4:b5:a7:f2:37:03:27:51:81:c4:e7:61:
5d:e4:b4:9e:ef:32:12:ef:19:d8:4d:0c:0c:58:eb:58:43:58:
6c:c3:ce:98:a2:68:8c:10:8f:ef:4f:87:9c:13:59:f0:89:93:
48:e8:6d:cd:d5:bf:b1:9f:bc:88:d1:6e:ac:44:70:94:30:ac:
d2:e1:03:ac:4e:fb:18:16:c8:ad:21:0b:64:f1:e7:ba:a2:86:
73:68:f8:05:a8:10:69:a3:16:8c:4d:b8:74:cd:a6:c1:07:8d:
f1:8d:b7:0c:4e:39:ab:1d:4d:48:21:bb:47:51:e7:dc:68:3d:
d9:b5:5e:73:ef:96:30:a3:26:64:b3:a2:b6:e2:01:35:9a:70:
7f:28:95:b8:68:6a:06:db:41:73:77:2c:99:25:4f:4d:5c:3e:
09:c2:fd:a5:f9:22:a6:a7:b3:66:02:b4:7f:be:6e:a7:f4:0c:
9c:26:79:3c:2e:55:a1:00:9c:db:07:38:0a:10:55:d3:43:08:
58:e3:b5:49:c0:19:3d:00:d7:55:aa:7a:0b:05:38:50:1d:1f:
47:11:ec:64:4f:b0:4c:99:f7:9f:41:66:30:5e:cf:85:de:69:
a7:90:64:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIDcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NTE1MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUxNDQ3QzM1NTc3OTI1
QkJCQzkzNzBDOUExOTE4MUJFRjlBOUE2RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM21QgasDY5KYuJBtZbkfOXFsGc+uE6wgcjj9LRdENJOfWKCys
mR6mKZ1lIg+TNOuF/r6mtn+FmExzsh0OMQ3II2Y/xy+kn4CWUGYm0dZhBU3qQOZ7
VrBQaI9SPnBvI5knvruzN3KaGrtzqiTlA+IXBJZb5Iq+k+irI5/HryVh7e6LniE2
tPrAWzek9+PtTAVOPj9PLYVy6L9OirxDv5YMT/PyTmCtBsgJhbj5b8LEYF40456r
pb4eclLqU/8i4DIEh3VTWe3FdBPK2N60rwQVzS6l6ZScJ8fO592QohzREA+8NZ7H
KNX7snjYWzZ3JE84D3eZzA2BSZS0dWd0iwoRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUUR8NVd5Jbu8k3DJoZGBvvmppvAwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL1VVUjhOVmQ1SmJ1OGsz
REpvWkdCdnZtcHB2QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn6+wwDQYJKoZIhvcNAQELBQADggEBAJcqImWQ2rXmyLdoZLih3iFgyvArEHCe
+cS1p/I3AydRgcTnYV3ktJ7vMhLvGdhNDAxY61hDWGzDzpiiaIwQj+9Ph5wTWfCJ
k0jobc3Vv7GfvIjRbqxEcJQwrNLhA6xO+xgWyK0hC2Tx57qihnNo+AWoEGmjFoxN
uHTNpsEHjfGNtwxOOasdTUghu0dR59xoPdm1XnPvljCjJmSzorbiATWacH8olbho
agbbQXN3LJklT01cPgnC/aX5Iqans2YCtH++bqf0DJwmeTwuVaEAnNsHOAoQVdND
CFjjtUnAGT0A11WqegsFOFAdH0cR7GRPsEyZ959BZjBez4XeaaeQZAs=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:25:48 2025 by rpki-client