Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa
File: UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa (raw, json)
Hash identifier: bb42Kb+u1bN3N7TOLWh7qDllFdEyc84AfXrpQUPY8QA=
Subject key identifier: 52:20:0A:94:95:99:63:AC:D5:8E:65:99:E8:C8:0C:41:4B:59:CC:86
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 202D
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa
Signing time: Tue 26 Aug 2025 05:09:52 +0000
ROA not before: Tue 26 Aug 2025 05:09:52 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 4808
IP address blocks: 103.235.220.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8237 (0x202d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 05:09:52 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=52200A94959963ACD58E6599E8C80C414B59CC86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:45:b5:0e:90:5c:94:67:55:f3:d8:5e:20:c8:
6c:f2:4f:e7:8e:fa:0c:35:d5:77:ba:71:67:ec:48:
59:3d:49:15:94:ef:2d:cd:11:e0:44:c3:13:24:2d:
e6:28:4f:2b:b8:15:1e:7c:2e:e9:3f:b8:58:03:4a:
a9:11:f6:bf:94:57:5d:fd:a2:e3:c4:16:96:b4:20:
18:8f:02:16:ee:a7:27:15:f1:00:de:dd:be:4d:1d:
b8:a1:f0:a6:27:8a:3b:98:90:b5:80:35:89:79:6f:
35:fe:ca:eb:cf:de:92:d0:3e:7b:32:92:06:d9:28:
e1:af:59:56:d8:ad:89:88:31:fa:16:6a:07:15:1d:
53:83:13:cf:cf:66:7b:c4:07:06:17:39:87:0b:1a:
4b:fd:17:f1:d4:ca:65:60:ae:8c:76:59:53:03:0a:
fa:57:af:c2:38:09:f6:53:34:0a:89:4c:64:55:e7:
b6:32:32:68:a9:fd:86:d7:b4:fd:03:13:42:01:3d:
ee:5a:1c:b7:d0:5a:0a:6b:92:55:4c:4a:6f:1d:c6:
d6:ab:dd:3f:6b:bd:a2:92:58:f0:87:d2:17:11:75:
3d:8f:f0:40:d5:d6:d9:16:09:e4:5d:c4:6f:d6:8c:
84:f7:59:17:48:12:2b:92:01:54:ec:18:77:8b:ee:
32:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:20:0A:94:95:99:63:AC:D5:8E:65:99:E8:C8:0C:41:4B:59:CC:86
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:fc:f7:0e:04:c6:20:0f:0a:66:ef:4b:f6:c7:95:10:93:02:
4d:0b:bb:74:a3:2d:28:af:fb:4b:4a:af:4a:0e:2c:af:fa:74:
bb:5c:15:33:e7:86:92:32:10:e1:71:f2:5a:4d:a8:38:ab:73:
d6:10:bc:56:e3:5a:2f:18:9e:04:56:61:09:b7:fd:c7:bb:fe:
1c:fc:5f:39:85:63:18:33:31:38:c1:b7:9c:93:30:e9:11:ae:
e9:a1:41:32:a5:b4:7c:5b:96:29:f8:67:21:9a:96:7d:44:8a:
34:15:9d:86:b5:94:ae:06:9d:e1:3a:87:28:91:0e:b4:01:3b:
e5:90:4e:62:a5:50:a6:cc:3a:0c:44:48:a7:bb:a0:07:b3:d6:
74:17:49:07:9d:3b:b9:e5:3d:bb:e9:eb:01:9c:f8:06:09:92:
fd:b0:d5:24:41:33:cc:57:fe:35:ad:38:2d:bc:f1:d1:f7:69:
43:e1:08:e2:73:f1:d2:b7:e0:a8:8e:0a:f1:a3:df:1b:00:74:
28:bf:86:7c:30:db:aa:16:9f:41:05:d8:f6:bb:0c:25:3c:e3:
50:78:43:fe:8e:00:92:d4:25:aa:d9:20:a1:0e:a8:16:14:4d:
dc:dc:d2:59:0a:28:89:e4:b3:26:1a:37:52:8c:ea:79:57:88:
d8:81:f6:64
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NTA5NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUyMjAwQTk0OTU5OTYz
QUNENThFNjU5OUU4QzgwQzQxNEI1OUNDODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCRbUOkFyUZ1Xz2F4gyGzyT+eO+gw11Xe6cWfsSFk9SRWU7y3N
EeBEwxMkLeYoTyu4FR58Luk/uFgDSqkR9r+UV139ouPEFpa0IBiPAhbupycV8QDe
3b5NHbih8KYnijuYkLWANYl5bzX+yuvP3pLQPnsykgbZKOGvWVbYrYmIMfoWagcV
HVODE8/PZnvEBwYXOYcLGkv9F/HUymVgrox2WVMDCvpXr8I4CfZTNAqJTGRV57Yy
Mmip/YbXtP0DE0IBPe5aHLfQWgprklVMSm8dxtar3T9rvaKSWPCH0hcRdT2P8EDV
1tkWCeRdxG/WjIT3WRdIEiuSAVTsGHeL7jIRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUiAKlJWZY6zVjmWZ6MgMQUtZzIYwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL1VpQUtsSldaWTZ6Vmpt
V1o2TWdNUVV0WnpJWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn69wwDQYJKoZIhvcNAQELBQADggEBAKL89w4ExiAPCmbvS/bHlRCTAk0Lu3Sj
LSiv+0tKr0oOLK/6dLtcFTPnhpIyEOFx8lpNqDirc9YQvFbjWi8YngRWYQm3/ce7
/hz8XzmFYxgzMTjBt5yTMOkRrumhQTKltHxblin4ZyGaln1EijQVnYa1lK4GneE6
hyiRDrQBO+WQTmKlUKbMOgxESKe7oAez1nQXSQedO7nlPbvp6wGc+AYJkv2w1SRB
M8xX/jWtOC288dH3aUPhCOJz8dK34KiOCvGj3xsAdCi/hnww26oWn0EF2Pa7DCU8
41B4Q/6OAJLUJarZIKEOqBYUTdzc0lkKKInksyYaN1KM6nlXiNiB9mQ=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:25:50 2025 by rpki-client