Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/yJkdqV4x_br63OEb6iTa4wbddpk.roa
File: yJkdqV4x_br63OEb6iTa4wbddpk.roa (raw, json)
Hash identifier: 2zxCwWSRnbEv9aiwQc0ehVDbox1n5X7vLejzeXie0mo=
Subject key identifier: C8:99:1D:A9:5E:31:FD:BA:FA:DC:E1:1B:EA:24:DA:E3:06:DD:76:99
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 2031
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/yJkdqV4x_br63OEb6iTa4wbddpk.roa
Signing time: Tue 26 Aug 2025 05:12:01 +0000
ROA not before: Tue 26 Aug 2025 05:12:01 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 4808
IP address blocks: 103.235.224.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8241 (0x2031)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Aug 26 05:12:01 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=C8991DA95E31FDBAFADCE11BEA24DAE306DD7699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e2:45:90:fe:ec:60:31:06:85:ec:19:5a:9a:
f5:19:10:d2:0f:6f:b1:39:89:23:86:95:af:19:a7:
11:24:8a:f8:07:14:dc:d2:32:dd:e5:c4:69:9f:b8:
63:de:ad:79:be:7e:b1:2f:21:69:2f:3e:74:d6:46:
35:f6:89:31:c8:c5:99:8f:5a:6e:fb:f2:76:71:2b:
8c:a5:5d:46:77:e6:34:76:cf:d2:02:c6:61:32:d8:
ca:32:2d:3c:61:bf:a4:9c:83:18:cf:04:19:dd:9f:
f8:12:0e:3f:f8:d0:8b:10:82:04:a6:bd:30:27:f9:
67:c2:ae:e6:cb:c8:15:bd:0c:52:a1:50:6c:cb:64:
f5:dd:07:08:68:4d:a3:7b:e7:87:1f:fb:bf:ea:40:
ab:50:dc:dc:94:d8:65:bc:9d:6a:0a:b6:e2:f5:1a:
77:6d:25:49:8d:29:7f:99:4f:d5:c6:3a:d3:22:1f:
d5:0c:e0:88:3a:bb:87:fc:76:47:0d:21:fc:9b:b5:
d3:04:63:a2:ca:db:b9:a8:cc:49:77:91:4f:03:f6:
85:45:02:1d:48:d5:96:c2:74:eb:98:c3:da:c2:9f:
1b:76:36:27:7e:aa:9d:eb:2f:65:34:69:49:59:4e:
b4:32:eb:20:a7:51:55:26:83:cc:97:a2:30:7c:cd:
91:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:99:1D:A9:5E:31:FD:BA:FA:DC:E1:1B:EA:24:DA:E3:06:DD:76:99
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/yJkdqV4x_br63OEb6iTa4wbddpk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.224.0/22
Signature Algorithm: sha256WithRSAEncryption
17:f7:2d:0a:60:84:91:8c:46:72:d5:7a:fd:45:80:2d:6c:2c:
d3:ab:b1:30:69:b6:5b:f9:6e:9c:fc:52:ea:44:44:83:c2:21:
99:ae:eb:4a:55:e0:86:93:90:ab:26:5e:6f:f7:24:5b:f3:03:
e0:d2:1f:2b:67:02:e6:50:5c:12:47:dd:ff:db:1a:76:49:6b:
bb:c5:02:f7:89:45:6c:e0:a9:73:6a:99:a3:87:f4:d1:67:d0:
7e:1a:fa:04:5a:f8:8c:90:e4:56:43:e3:19:23:88:fd:a2:cc:
cf:98:3c:26:c6:a5:dd:c3:55:8f:36:1c:9b:d8:3b:0a:fb:0a:
e6:fb:fa:04:44:9b:87:24:c9:4e:e3:ec:cd:3b:11:1a:89:d1:
b1:95:e0:af:6f:54:46:c2:9e:2c:69:05:3c:dd:0c:a3:67:36:
68:c2:12:6e:e0:70:17:09:c7:a6:a8:3f:85:2c:60:b1:57:41:
ca:db:e2:1d:2b:69:d4:3c:99:d9:f5:be:bb:44:10:0d:06:18:
ad:0c:64:84:ef:18:ee:0d:37:7c:13:13:25:4b:62:da:68:57:
e5:f3:94:06:3f:ce:d3:fa:38:73:ab:32:9f:c1:0a:d9:cc:e4:
ff:67:74:9f:ba:76:2b:83:5c:4c:32:da:22:8a:b8:e3:d0:39:
99:39:44:21
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw
NTEyMDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM4OTkxREE5NUUzMUZE
QkFGQURDRTExQkVBMjREQUUzMDZERDc2OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo4kWQ/uxgMQaF7BlamvUZENIPb7E5iSOGla8ZpxEkivgHFNzS
Mt3lxGmfuGPerXm+frEvIWkvPnTWRjX2iTHIxZmPWm778nZxK4ylXUZ35jR2z9IC
xmEy2MoyLTxhv6ScgxjPBBndn/gSDj/40IsQggSmvTAn+WfCrubLyBW9DFKhUGzL
ZPXdBwhoTaN754cf+7/qQKtQ3NyU2GW8nWoKtuL1GndtJUmNKX+ZT9XGOtMiH9UM
4Ig6u4f8dkcNIfybtdMEY6LK27mozEl3kU8D9oVFAh1I1ZbCdOuYw9rCnxt2Nid+
qp3rL2U0aUlZTrQy6yCnUVUmg8yXojB8zZGJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUyJkdqV4x/br63OEb6iTa4wbddpkwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3lKa2RxVjR4X2JyNjNP
RWI2aVRhNHdiZGRway5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn6+AwDQYJKoZIhvcNAQELBQADggEBABf3LQpghJGMRnLVev1FgC1sLNOrsTBp
tlv5bpz8UupERIPCIZmu60pV4IaTkKsmXm/3JFvzA+DSHytnAuZQXBJH3f/bGnZJ
a7vFAveJRWzgqXNqmaOH9NFn0H4a+gRa+IyQ5FZD4xkjiP2izM+YPCbGpd3DVY82
HJvYOwr7Cub7+gREm4ckyU7j7M07ERqJ0bGV4K9vVEbCnixpBTzdDKNnNmjCEm7g
cBcJx6aoP4UsYLFXQcrb4h0radQ8mdn1vrtEEA0GGK0MZITvGO4NN3wTEyVLYtpo
V+XzlAY/ztP6OHOrMp/BCtnM5P9ndJ+6diuDXEwy2iKKuOPQOZk5RCE=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:27:54 2025 by rpki-client