Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/Zf1cC9QlGovojNycK5tLkrdtXD0.roa
File: Zf1cC9QlGovojNycK5tLkrdtXD0.roa (raw, json)
Hash identifier: X+7sUAwoVHpjJpdMBzXGwSfPyKx0PzrOTrt1bovpuZg=
Subject key identifier: 65:FD:5C:0B:D4:25:1A:8B:E8:8C:DC:9C:2B:9B:4B:92:B7:6D:5C:3D
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 202A
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/Zf1cC9QlGovojNycK5tLkrdtXD0.roa
Signing time: Tue 26 Aug 2025 05:09:52 +0000
ROA not before: Tue 26 Aug 2025 05:09:52 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 4808
IP address blocks: 103.231.64.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8234 (0x202a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 05:09:52 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=65FD5C0BD4251A8BE88CDC9C2B9B4B92B76D5C3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:3e:49:01:b3:70:3d:ad:e6:81:88:99:9b:
05:2a:20:96:8a:98:f6:8e:a4:6e:0b:8f:bc:b8:58:
f0:ce:17:fa:92:9b:a3:7e:00:59:df:50:e5:2e:79:
9e:2b:b4:39:ea:6c:54:3b:3e:01:0e:50:80:51:ca:
4c:a0:85:68:4d:17:b0:86:17:fd:50:ac:8e:d7:a1:
9e:7f:1d:14:d8:e4:5f:1c:07:3a:93:dd:80:a6:6b:
1f:18:63:9f:6e:2a:d9:62:04:8a:4f:9c:7c:15:bc:
24:4f:56:27:04:dc:e6:73:41:dc:71:fe:43:dc:29:
1e:37:16:59:0b:ce:90:20:c5:fa:fb:05:e8:77:ed:
dc:2b:72:b5:a5:7f:6d:fd:41:bb:0d:68:92:86:6b:
0d:e0:cc:8b:ad:44:f3:80:b1:59:75:b9:2e:94:72:
a8:41:61:e7:c8:ba:41:33:32:8b:98:99:f6:da:52:
6e:0f:cd:f5:4e:ac:5c:ba:8c:32:fc:b9:96:1d:0d:
22:fa:4f:bc:44:7a:3f:46:df:2e:64:29:b8:ac:6c:
43:d9:0d:ff:ba:93:bc:54:20:c7:42:a4:e2:d7:eb:
7f:03:4e:ec:50:a6:b1:43:c0:bc:4f:1e:8d:14:20:
33:50:72:ff:ab:b7:66:c7:09:f0:78:65:a7:a9:b1:
80:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FD:5C:0B:D4:25:1A:8B:E8:8C:DC:9C:2B:9B:4B:92:B7:6D:5C:3D
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/Zf1cC9QlGovojNycK5tLkrdtXD0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.231.64.0/22
Signature Algorithm: sha256WithRSAEncryption
74:f8:94:38:9c:4e:18:3e:7f:6d:45:cd:83:ba:2c:dc:2c:87:
ed:1b:39:74:5c:f3:ad:0f:cd:ac:d0:92:93:57:b5:2a:07:68:
b0:36:ef:f3:ef:54:b6:31:db:02:b2:38:c7:9a:01:e6:0e:be:
ca:fe:17:41:53:93:f8:61:61:5c:00:ca:09:7d:62:50:3a:0b:
cb:61:48:ea:5e:99:91:d2:0d:cd:94:67:64:3f:88:6a:73:fc:
51:ee:2f:73:1d:f8:1a:5f:e4:27:aa:ba:89:88:7f:e8:ba:59:
ef:c3:fa:3f:23:8f:11:1e:0d:21:cb:1f:5f:2f:dd:65:1d:3f:
2e:a7:ca:8b:a3:90:54:5e:5e:54:84:bd:36:00:f9:ed:cb:16:
5a:ce:fc:ed:cf:96:87:53:63:53:9a:70:8a:48:39:9d:6c:d0:
5d:1b:10:41:0e:db:4e:15:7c:ff:23:dd:41:2f:e2:30:dd:d7:
69:8c:07:b6:ab:e5:ff:00:33:d8:37:75:d0:e5:51:e8:30:03:
0d:25:8f:27:9e:23:ca:aa:b5:65:42:d4:3d:a7:8f:48:f4:15:
03:4c:24:8d:45:71:e5:36:89:d9:a5:8a:4d:58:29:7f:bb:0c:
bf:a2:c8:8d:d5:8b:c1:e9:84:d6:2a:43:02:bd:05:ed:61:7e:
07:54:4f:b4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICICowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NTA5NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY1RkQ1QzBCRDQyNTFB
OEJFODhDREM5QzJCOUI0QjkyQjc2RDVDM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvrj5JAbNwPa3mgYiZmwUqIJaKmPaOpG4Lj7y4WPDOF/qSm6N+
AFnfUOUueZ4rtDnqbFQ7PgEOUIBRykyghWhNF7CGF/1QrI7XoZ5/HRTY5F8cBzqT
3YCmax8YY59uKtliBIpPnHwVvCRPVicE3OZzQdxx/kPcKR43FlkLzpAgxfr7Beh3
7dwrcrWlf239QbsNaJKGaw3gzIutRPOAsVl1uS6UcqhBYefIukEzMouYmfbaUm4P
zfVOrFy6jDL8uZYdDSL6T7xEej9G3y5kKbisbEPZDf+6k7xUIMdCpOLX638DTuxQ
prFDwLxPHo0UIDNQcv+rt2bHCfB4ZaepsYCjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZf1cC9QlGovojNycK5tLkrdtXD0wHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL1pmMWNDOVFsR292b2pO
eWNLNXRMa3JkdFhEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn50AwDQYJKoZIhvcNAQELBQADggEBAHT4lDicThg+f21FzYO6LNwsh+0bOXRc
860PzazQkpNXtSoHaLA27/PvVLYx2wKyOMeaAeYOvsr+F0FTk/hhYVwAygl9YlA6
C8thSOpemZHSDc2UZ2Q/iGpz/FHuL3Md+Bpf5CequomIf+i6We/D+j8jjxEeDSHL
H18v3WUdPy6nyoujkFReXlSEvTYA+e3LFlrO/O3PlodTY1OacIpIOZ1s0F0bEEEO
204VfP8j3UEv4jDd12mMB7ar5f8AM9g3ddDlUegwAw0ljyeeI8qqtWVC1D2nj0j0
FQNMJI1FceU2idmlik1YKX+7DL+iyI3Vi8HphNYqQwK9Be1hfgdUT7Q=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:27:54 2025 by rpki-client