Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/142/h0P1M0Rs3axactmSCenbWibhf2c.roa
File: h0P1M0Rs3axactmSCenbWibhf2c.roa (raw, json)
Hash identifier: k3S7bQCz0Ez+1raM+vq80fL+sEU49H/tcsT2NMxGtaU=
Subject key identifier: 87:43:F5:33:44:6C:DD:AC:5A:72:D9:92:09:E9:DB:5A:26:E1:7F:67
Certificate issuer: /CN=D1BD290DA9F968E704BF240911880593E7F5AEC6
Certificate serial: 0B
Authority key identifier: D1:BD:29:0D:A9:F9:68:E7:04:BF:24:09:11:88:05:93:E7:F5:AE:C6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0b0pDan5aOcEvyQJEYgFk-f1rsY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/h0P1M0Rs3axactmSCenbWibhf2c.roa
Signing time: Fri 24 Oct 2025 01:07:01 +0000
ROA not before: Fri 24 Oct 2025 01:07:01 +0000
ROA not after: Fri 23 Oct 2026 09:04:31 +0000
asID: 17962
IP address blocks: 111.221.128.0/17 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D1BD290DA9F968E704BF240911880593E7F5AEC6
Validity
Not Before: Oct 24 01:07:01 2025 GMT
Not After : Oct 23 09:04:31 2026 GMT
Subject: CN=8743F533446CDDAC5A72D99209E9DB5A26E17F67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0e:72:ef:e9:0e:15:12:cc:1f:34:d5:a8:51:
0a:41:6a:1e:4b:2c:ae:0f:17:8f:76:2b:77:83:9b:
3c:e9:96:16:6a:ac:7c:9a:8f:9e:32:62:8a:36:ba:
e3:21:87:b4:46:63:1f:55:38:7a:ad:dc:e5:46:f2:
cf:94:9f:6b:65:ea:da:07:1a:52:73:9e:60:77:34:
1b:ce:77:9a:9b:df:5f:c4:44:22:df:9e:ac:7a:80:
89:84:7c:10:41:fc:fa:94:2b:de:0d:e8:06:de:7f:
71:cd:61:ce:24:0f:ed:9a:02:03:5a:0d:39:c6:c9:
75:6c:d4:c7:d5:ce:84:ed:de:5a:2d:82:f2:31:ee:
51:ac:c2:af:4a:62:8d:2c:e5:42:9d:97:36:f8:c6:
d4:78:aa:70:b6:9c:fc:dd:1f:01:dc:53:41:1e:a1:
54:73:7d:41:39:21:e8:32:d3:fb:58:4e:13:19:f0:
c0:ac:8b:29:dc:1f:dd:1e:39:2f:a0:ba:cf:c3:68:
15:42:bf:9d:51:f5:b3:11:c4:1a:26:a4:f1:7f:a1:
fb:b1:1b:a4:22:dc:88:a0:a2:04:6c:9c:fa:e5:34:
0b:a7:5f:b7:5c:a6:e2:d4:5c:cf:e3:3e:25:9f:df:
21:c2:d9:04:48:6d:96:73:cb:34:15:39:e4:b6:63:
06:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:43:F5:33:44:6C:DD:AC:5A:72:D9:92:09:E9:DB:5A:26:E1:7F:67
X509v3 Authority Key Identifier:
keyid:D1:BD:29:0D:A9:F9:68:E7:04:BF:24:09:11:88:05:93:E7:F5:AE:C6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/0b0pDan5aOcEvyQJEYgFk-f1rsY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0b0pDan5aOcEvyQJEYgFk-f1rsY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/h0P1M0Rs3axactmSCenbWibhf2c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.221.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c6:7d:95:5d:2e:58:5c:fa:f0:ba:74:23:0e:2c:67:8d:68:07:
9b:75:c7:5a:8f:1c:0a:92:c3:8c:da:45:21:4a:e4:16:f8:61:
a6:f0:b9:56:46:16:5c:19:c6:15:c8:fd:bf:57:02:90:94:fa:
35:58:95:da:28:4c:59:79:a0:4e:5b:69:fd:9c:c3:6f:51:5d:
b8:d5:19:52:02:5b:f9:92:e0:cd:84:b5:8c:0d:24:bc:f7:c6:
d4:62:47:ff:53:86:85:aa:bc:a3:09:68:0d:57:ec:e0:7a:e7:
35:08:e7:92:2a:0c:97:8b:b3:8d:ae:74:4a:7d:ae:09:b3:3a:
7a:a1:97:3d:9b:72:ed:26:52:c0:b0:b2:66:8d:4b:1f:82:c5:
85:67:0a:ee:0c:e5:aa:5d:cf:93:ac:38:10:4e:35:3e:08:2c:
95:e6:df:3b:fe:66:77:32:5f:07:50:dd:ec:1b:0b:45:fa:81:
6c:ff:05:f3:d9:83:94:2d:89:45:a4:a8:f9:a1:b1:72:24:12:
d0:e2:b0:9d:04:32:c7:ce:ef:94:ad:af:b9:ef:de:74:75:c7:
25:7f:82:3a:b2:24:12:a0:5f:a0:35:f0:24:c8:69:5d:d3:37:
5c:f8:ed:9e:a2:48:21:64:85:91:56:be:10:f9:37:db:47:d9:
73:ab:b3:cb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEMUJE
MjkwREE5Rjk2OEU3MDRCRjI0MDkxMTg4MDU5M0U3RjVBRUM2MB4XDTI1MTAyNDAx
MDcwMVoXDTI2MTAyMzA5MDQzMVowMzExMC8GA1UEAxMoODc0M0Y1MzM0NDZDRERB
QzVBNzJEOTkyMDlFOURCNUEyNkUxN0Y2NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANkOcu/pDhUSzB801ahRCkFqHkssrg8Xj3Yrd4ObPOmWFmqsfJqP
njJiija64yGHtEZjH1U4eq3c5Ubyz5Sfa2Xq2gcaUnOeYHc0G853mpvfX8REIt+e
rHqAiYR8EEH8+pQr3g3oBt5/cc1hziQP7ZoCA1oNOcbJdWzUx9XOhO3eWi2C8jHu
UazCr0pijSzlQp2XNvjG1HiqcLac/N0fAdxTQR6hVHN9QTkh6DLT+1hOExnwwKyL
Kdwf3R45L6C6z8NoFUK/nVH1sxHEGiak8X+h+7EbpCLciKCiBGyc+uU0C6dft1ym
4tRcz+M+JZ/fIcLZBEhtlnPLNBU55LZjBgUCAwEAAaOCAfEwggHtMB0GA1UdDgQW
BBSHQ/UzRGzdrFpy2ZIJ6dtaJuF/ZzAfBgNVHSMEGDAWgBTRvSkNqflo5wS/JAkR
iAWT5/WuxjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNDIv
MGIwcERhbjVhT2NFdnlRSkVZZ0ZrLWYxcnNZLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8wYjBwRGFuNWFPY0V2eVFKRVlnRmstZjFyc1kuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNDIvaDBQMU0wUnMzYXhhY3Rt
U0NlbmJXaWJoZjJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
B2/dgDANBgkqhkiG9w0BAQsFAAOCAQEAxn2VXS5YXPrwunQjDixnjWgHm3XHWo8c
CpLDjNpFIUrkFvhhpvC5VkYWXBnGFcj9v1cCkJT6NViV2ihMWXmgTltp/ZzDb1Fd
uNUZUgJb+ZLgzYS1jA0kvPfG1GJH/1OGhaq8owloDVfs4HrnNQjnkioMl4uzja50
Sn2uCbM6eqGXPZty7SZSwLCyZo1LH4LFhWcK7gzlql3Pk6w4EE41PggslebfO/5m
dzJfB1Dd7BsLRfqBbP8F89mDlC2JRaSo+aGxciQS0OKwnQQyx87vlK2vue/edHXH
JX+COrIkEqBfoDXwJMhpXdM3XPjtnqJIIWSFkVa+EPk320fZc6uzyw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:26:15 2025 by rpki-client