Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/DBkGffNMWR3382PMF3RwUCWxlyw.roa
File: DBkGffNMWR3382PMF3RwUCWxlyw.roa (raw, json)
Hash identifier: r0Kkl/ztnn7ND/PoBkeyI5UcaFRdwAXwuo1RNn2mfak=
Subject key identifier: 0C:19:06:7D:F3:4C:59:1D:F7:F3:63:CC:17:74:70:50:25:B1:97:2C
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 219F
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/DBkGffNMWR3382PMF3RwUCWxlyw.roa
Signing time: Fri 29 Aug 2025 09:05:32 +0000
ROA not before: Fri 29 Aug 2025 09:05:32 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 4808
IP address blocks: 106.75.0.0/19 maxlen: 19
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8607 (0x219f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Aug 29 09:05:32 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=0C19067DF34C591DF7F363CC1774705025B1972C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8d:69:ee:56:8f:ca:04:36:7f:aa:a7:1c:69:
34:b1:0d:95:f5:75:43:e2:da:5e:da:49:b7:19:d5:
94:a0:5d:7a:68:8f:20:dc:aa:1c:ad:c9:34:66:16:
12:8e:f8:4b:12:3e:67:03:5b:b6:16:8a:af:48:01:
b6:7b:ca:a5:66:45:b6:e8:41:8c:c3:f9:3a:44:28:
e5:5f:7c:4e:d3:05:07:e1:cf:c6:9b:e0:cc:da:b9:
bf:3e:44:05:4c:c7:cf:66:ef:54:ad:8f:4d:28:fe:
d5:e4:19:65:9a:64:e6:13:66:86:7a:de:da:09:ff:
8a:ad:e8:ce:3a:7e:bd:51:21:5d:9c:1a:42:e8:3a:
47:7c:f0:f7:6b:7f:1f:b4:78:85:31:8b:9a:9d:2e:
f8:7a:0f:96:91:b2:21:82:0d:34:82:35:44:12:fe:
f5:d4:88:4e:3e:45:80:5a:e5:86:45:b8:27:26:b1:
09:7c:79:89:c4:80:67:44:08:09:f0:82:b0:84:45:
5c:b0:1d:96:f8:d5:73:33:bf:1c:da:81:ae:d4:27:
fe:89:3e:fc:5f:3a:68:a3:83:56:28:4c:87:06:07:
67:eb:a2:ca:22:67:30:c4:13:cf:d8:5d:0a:17:ff:
81:6f:3b:12:70:6e:9a:1f:d7:d6:29:cc:d0:9e:7c:
ab:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:19:06:7D:F3:4C:59:1D:F7:F3:63:CC:17:74:70:50:25:B1:97:2C
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/DBkGffNMWR3382PMF3RwUCWxlyw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.0.0/19
Signature Algorithm: sha256WithRSAEncryption
23:06:1e:98:6c:20:c1:6d:0f:b3:b8:c0:f4:73:72:13:9c:0e:
7c:bd:0f:14:7f:81:e4:f9:f9:ec:f9:b8:24:de:eb:55:80:66:
45:d7:d8:aa:39:a4:88:94:7a:3c:d5:71:15:25:7a:08:5a:d5:
31:6a:ec:57:83:16:30:92:7e:ca:19:88:3a:fe:06:35:46:51:
b5:e8:90:6f:f2:fd:54:b7:9b:26:5f:c1:a5:7f:05:90:2d:5d:
b0:24:3a:b4:e4:25:ab:88:02:5b:8e:fa:6e:f4:c0:09:c1:2b:
a5:61:95:86:2a:76:23:c9:2a:c1:f0:a8:ed:3d:58:96:2f:28:
09:2e:9c:43:9f:a3:20:83:06:06:68:5a:74:1e:c8:4e:74:cc:
42:8e:74:b6:b8:ee:e7:25:0f:16:81:7e:b6:5a:54:d9:ad:a5:
3d:13:e9:6d:6c:b7:18:91:19:d8:16:cf:8e:31:3c:be:c8:e5:
ef:dc:19:30:e4:a4:64:32:2a:17:e2:b7:1f:69:54:2a:78:48:
90:bb:81:40:fd:77:80:c5:61:7b:04:9b:a3:cb:43:b8:08:92:
6f:81:92:db:ff:2b:be:79:b8:41:11:26:67:f5:1e:f5:96:c3:
20:b3:95:37:75:9f:40:58:a2:0f:27:6d:4a:b9:74:03:0a:61:
53:cb:55:61
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw
OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBDMTkwNjdERjM0QzU5
MURGN0YzNjNDQzE3NzQ3MDUwMjVCMTk3MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdjWnuVo/KBDZ/qqccaTSxDZX1dUPi2l7aSbcZ1ZSgXXpojyDc
qhytyTRmFhKO+EsSPmcDW7YWiq9IAbZ7yqVmRbboQYzD+TpEKOVffE7TBQfhz8ab
4Mzaub8+RAVMx89m71Stj00o/tXkGWWaZOYTZoZ63toJ/4qt6M46fr1RIV2cGkLo
Okd88Pdrfx+0eIUxi5qdLvh6D5aRsiGCDTSCNUQS/vXUiE4+RYBa5YZFuCcmsQl8
eYnEgGdECAnwgrCERVywHZb41XMzvxzaga7UJ/6JPvxfOmijg1YoTIcGB2frosoi
ZzDEE8/YXQoX/4FvOxJwbpof19YpzNCefKvJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDBkGffNMWR3382PMF3RwUCWxlywwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0RCa0dmZk5NV1IzMzgy
UE1GM1J3VUNXeGx5dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVqSwAwDQYJKoZIhvcNAQELBQADggEBACMGHphsIMFtD7O4wPRzchOcDny9DxR/
geT5+ez5uCTe61WAZkXX2Ko5pIiUejzVcRUlegha1TFq7FeDFjCSfsoZiDr+BjVG
UbXokG/y/VS3myZfwaV/BZAtXbAkOrTkJauIAluO+m70wAnBK6VhlYYqdiPJKsHw
qO09WJYvKAkunEOfoyCDBgZoWnQeyE50zEKOdLa47uclDxaBfrZaVNmtpT0T6W1s
txiRGdgWz44xPL7I5e/cGTDkpGQyKhfitx9pVCp4SJC7gUD9d4DFYXsEm6PLQ7gI
km+Bktv/K755uEERJmf1HvWWwyCzlTd1n0BYog8nbUq5dAMKYVPLVWE=
-----END CERTIFICATE-----
Generated at Thu Oct 23 09:27:55 2025 by rpki-client