Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa
File: nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa (raw, json)
Hash identifier: G76MiAdf02iqVcYlYGDT3nxyCJdad+sYBHxLpvQTzbQ=
Subject key identifier: 9C:6B:3C:14:70:3D:60:F4:13:E6:5B:75:24:C6:3A:1E:E1:33:FB:68
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 202E
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa
Signing time: Tue 26 Aug 2025 05:09:53 +0000
ROA not before: Tue 26 Aug 2025 05:09:53 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 23724
IP address blocks: 103.235.220.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8238 (0x202e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 05:09:53 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=9C6B3C14703D60F413E65B7524C63A1EE133FB68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d1:28:71:56:da:90:a9:cf:4e:26:c2:d7:6a:
62:82:13:61:c7:51:8c:55:cf:f0:a3:30:74:9e:6c:
bd:08:c6:b6:1e:6a:af:40:63:5d:0e:d9:dd:f3:48:
1d:9e:fc:60:89:99:97:6f:f8:34:9a:e5:83:99:8a:
a0:a6:d0:64:fd:fa:f9:32:79:18:35:10:e6:21:77:
0e:b0:9b:dd:b6:09:07:db:ce:9c:8e:94:4d:ba:4d:
48:f2:84:94:20:fb:6c:7e:db:68:fa:37:3c:2d:42:
f9:2b:f0:b5:cb:86:ce:1b:c1:07:52:7e:77:a1:9d:
67:50:95:45:92:d9:4b:49:ad:4e:27:f8:fb:d5:e0:
11:4c:92:da:d4:68:22:00:c2:20:f9:64:e5:bf:cb:
a0:4e:90:f2:4f:a2:4f:32:9c:8f:83:d7:ee:f7:2c:
b6:ab:10:44:65:f7:7a:82:fe:a2:70:e5:72:7f:65:
1d:fb:b6:11:ee:bc:26:b6:9a:0a:1f:59:45:cc:a9:
93:68:c3:73:d6:53:7c:6d:bd:07:8d:19:a4:5c:a1:
43:95:21:60:90:8b:9a:bd:fd:e6:99:1e:a1:ec:86:
e0:ba:fb:ba:b2:b9:d4:55:c6:3f:7e:c7:51:27:1c:
d1:11:ea:4a:4b:5b:74:96:ea:f4:2e:e1:df:12:b4:
0e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6B:3C:14:70:3D:60:F4:13:E6:5B:75:24:C6:3A:1E:E1:33:FB:68
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/nGs8FHA9YPQT5lt1JMY6HuEz-2g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.220.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:2e:58:c0:78:a4:af:a0:38:07:8d:b7:e4:74:81:98:0e:be:
80:36:10:b0:c6:52:87:3c:4f:b3:80:bf:8c:05:33:cc:71:a3:
ad:37:91:af:bd:bb:54:93:5f:a0:06:73:38:ff:22:c3:8f:51:
c2:3c:7b:9a:f7:ea:fd:b9:57:6d:c5:af:d9:bf:35:64:78:9a:
a2:21:97:a4:b9:42:fc:18:ea:33:c7:e2:46:d3:aa:eb:f6:c0:
f6:e9:26:8e:0f:6d:a3:8f:e0:02:28:0c:8f:37:37:96:ee:ed:
20:29:8a:c6:e5:a0:6b:cd:0d:6e:57:7a:0e:50:75:56:7e:a1:
85:b2:27:ed:79:4f:90:dc:fe:98:13:84:34:e2:15:50:d7:95:
8e:a4:d3:da:3a:9e:c2:25:1e:e9:30:c4:83:4c:a9:ea:b8:25:
17:db:71:50:1a:64:4b:d5:49:dd:a4:83:22:ee:dd:43:da:6a:
81:a7:c0:2c:c6:de:e3:64:42:64:0d:1c:d7:39:83:b7:d6:2d:
da:de:59:e3:66:a5:1c:79:f8:10:ad:cb:52:89:20:f2:10:ff:
5c:87:91:88:4e:ca:09:60:1d:80:93:a0:83:74:a6:60:0d:b5:
5f:d4:95:d5:24:06:bb:4c:ed:1d:4b:74:eb:e7:18:d4:20:5d:
a1:50:10:6c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NTA5NTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlDNkIzQzE0NzAzRDYw
RjQxM0U2NUI3NTI0QzYzQTFFRTEzM0ZCNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu0ShxVtqQqc9OJsLXamKCE2HHUYxVz/CjMHSebL0IxrYeaq9A
Y10O2d3zSB2e/GCJmZdv+DSa5YOZiqCm0GT9+vkyeRg1EOYhdw6wm922CQfbzpyO
lE26TUjyhJQg+2x+22j6NzwtQvkr8LXLhs4bwQdSfnehnWdQlUWS2UtJrU4n+PvV
4BFMktrUaCIAwiD5ZOW/y6BOkPJPok8ynI+D1+73LLarEERl93qC/qJw5XJ/ZR37
thHuvCa2mgofWUXMqZNow3PWU3xtvQeNGaRcoUOVIWCQi5q9/eaZHqHshuC6+7qy
udRVxj9+x1EnHNER6kpLW3SW6vQu4d8StA67AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUnGs8FHA9YPQT5lt1JMY6HuEz+2gwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL25HczhGSEE5WVBRVDVs
dDFKTVk2SHVFei0yZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn69wwDQYJKoZIhvcNAQELBQADggEBAMQuWMB4pK+gOAeNt+R0gZgOvoA2ELDG
Uoc8T7OAv4wFM8xxo603ka+9u1STX6AGczj/IsOPUcI8e5r36v25V23Fr9m/NWR4
mqIhl6S5QvwY6jPH4kbTquv2wPbpJo4PbaOP4AIoDI83N5bu7SApisbloGvNDW5X
eg5QdVZ+oYWyJ+15T5Dc/pgThDTiFVDXlY6k09o6nsIlHukwxINMqeq4JRfbcVAa
ZEvVSd2kgyLu3UPaaoGnwCzG3uNkQmQNHNc5g7fWLdreWeNmpRx5+BCty1KJIPIQ
/1yHkYhOyglgHYCToIN0pmANtV/UldUkBrtM7R1LdOvnGNQgXaFQEGw=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:27:54 2025 by rpki-client