Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/uhVLjdBumsHsv-AeLSnwm1WZYFk.roa
File: uhVLjdBumsHsv-AeLSnwm1WZYFk.roa (raw, json)
Hash identifier: kT8yn5kK4wLC0c9OnXI388BtQg8faVcD+wdEE57aIXg=
Subject key identifier: BA:15:4B:8D:D0:6E:9A:C1:EC:BF:E0:1E:2D:29:F0:9B:55:99:60:59
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 201A
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/uhVLjdBumsHsv-AeLSnwm1WZYFk.roa
Signing time: Tue 26 Aug 2025 04:55:24 +0000
ROA not before: Tue 26 Aug 2025 04:55:24 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 23724
IP address blocks: 103.249.252.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8218 (0x201a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 04:55:24 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=BA154B8DD06E9AC1ECBFE01E2D29F09B55996059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:15:ec:2f:ca:f4:54:e6:88:b4:38:0f:09:
cf:e6:15:6b:2d:fe:37:24:df:28:9a:fc:ae:20:d5:
86:37:67:f4:50:5d:10:13:62:9a:cd:13:e9:0a:f3:
1c:0c:f2:49:b4:93:58:97:28:f0:e3:70:f8:4c:f8:
d6:d8:aa:26:11:26:4d:bb:fa:db:67:37:ee:73:59:
6a:67:b9:ee:fc:99:af:8a:9a:c5:8c:d9:d3:dd:37:
05:64:a4:4f:48:76:dc:74:46:49:1a:b4:57:3f:77:
b9:48:4a:c2:2b:26:b7:a5:0c:6b:9c:a6:dd:69:67:
9c:ad:7c:a9:5b:84:f1:79:41:cd:59:13:3f:40:3e:
52:58:df:9d:d0:66:77:43:2d:48:e1:f7:fc:61:74:
ea:d3:cd:3d:91:e3:c5:80:fe:8c:66:3a:b0:6f:52:
f5:f0:2c:de:13:62:29:77:51:7c:89:b4:31:88:3d:
18:c7:ba:5f:0d:18:f3:b6:cb:91:84:dc:c2:8d:8d:
52:96:67:c2:79:a3:86:21:19:23:a9:cf:15:89:53:
35:30:0a:d6:65:53:2f:dc:dc:66:aa:7f:12:9d:f1:
26:54:03:03:d2:16:30:22:fc:5e:b2:63:62:cd:0d:
58:94:20:62:92:4e:06:bd:ce:78:cf:d4:74:ca:8d:
ba:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:15:4B:8D:D0:6E:9A:C1:EC:BF:E0:1E:2D:29:F0:9B:55:99:60:59
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/uhVLjdBumsHsv-AeLSnwm1WZYFk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.249.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:07:3f:5b:09:d2:00:cd:0e:e5:9e:33:4a:df:88:6b:a0:10:
1e:10:b0:cc:6c:ad:9e:80:10:57:93:62:6d:01:52:82:3c:f5:
6f:27:ee:ed:e7:ef:c5:c2:d2:fc:50:cd:25:c0:e4:27:4c:f9:
05:16:1f:36:00:8a:b5:75:b1:a3:b9:9a:ff:33:31:f3:3f:c4:
9e:75:8e:01:c8:70:f7:d9:bb:e0:38:15:ef:25:74:7a:6c:a0:
20:32:46:74:cf:07:0d:95:d6:65:99:99:b3:4e:12:0b:93:bd:
79:ff:87:d6:68:ec:61:31:f9:85:d0:b3:e8:26:55:c5:28:8e:
98:e7:1d:34:b9:34:d9:d5:fa:6d:ed:6e:fa:0d:a3:3e:1f:55:
16:19:ff:fb:a5:90:ce:d8:80:12:56:d2:35:5e:25:e8:86:6f:
49:1f:c7:32:46:ab:f4:04:e0:64:05:e6:c6:43:ac:7c:ca:c1:
09:c2:d9:ab:da:38:39:75:ef:1b:2f:31:e8:cf:1e:71:96:c9:
67:75:80:8b:5f:95:30:a0:5b:10:f4:9b:74:29:87:4d:63:ba:
f3:46:38:a4:ad:16:c0:52:15:84:97:5d:a2:10:55:28:66:c0:
f6:c6:da:84:3f:d4:53:4d:7d:b6:5a:e3:99:9d:10:6f:07:31:
29:44:c1:9b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NDU1MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJBMTU0QjhERDA2RTlB
QzFFQ0JGRTAxRTJEMjlGMDlCNTU5OTYwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4jxXsL8r0VOaItDgPCc/mFWst/jck3yia/K4g1YY3Z/RQXRAT
YprNE+kK8xwM8km0k1iXKPDjcPhM+NbYqiYRJk27+ttnN+5zWWpnue78ma+KmsWM
2dPdNwVkpE9Idtx0RkkatFc/d7lISsIrJrelDGucpt1pZ5ytfKlbhPF5Qc1ZEz9A
PlJY353QZndDLUjh9/xhdOrTzT2R48WA/oxmOrBvUvXwLN4TYil3UXyJtDGIPRjH
ul8NGPO2y5GE3MKNjVKWZ8J5o4YhGSOpzxWJUzUwCtZlUy/c3GaqfxKd8SZUAwPS
FjAi/F6yY2LNDViUIGKSTga9znjP1HTKjbrvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuhVLjdBumsHsv+AeLSnwm1WZYFkwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3VoVkxqZEJ1bXNIc3Yt
QWVMU253bTFXWllGay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn+fwwDQYJKoZIhvcNAQELBQADggEBAIwHP1sJ0gDNDuWeM0rfiGugEB4QsMxs
rZ6AEFeTYm0BUoI89W8n7u3n78XC0vxQzSXA5CdM+QUWHzYAirV1saO5mv8zMfM/
xJ51jgHIcPfZu+A4Fe8ldHpsoCAyRnTPBw2V1mWZmbNOEguTvXn/h9Zo7GEx+YXQ
s+gmVcUojpjnHTS5NNnV+m3tbvoNoz4fVRYZ//ulkM7YgBJW0jVeJeiGb0kfxzJG
q/QE4GQF5sZDrHzKwQnC2avaODl17xsvMejPHnGWyWd1gItflTCgWxD0m3Qph01j
uvNGOKStFsBSFYSXXaIQVShmwPbG2oQ/1FNNfbZa45mdEG8HMSlEwZs=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:27:56 2025 by rpki-client