Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/142/mdWkenbba6s37HdPrC9fXrswsHk.roa
File: mdWkenbba6s37HdPrC9fXrswsHk.roa (raw, json)
Hash identifier: TQLo9txIGwdMyJGlgTYgYQ74cnDVRlY1/PmOQpA9bEw=
Subject key identifier: 99:D5:A4:7A:76:DB:6B:AB:37:EC:77:4F:AC:2F:5F:5E:BB:30:B0:79
Certificate issuer: /CN=D1BD290DA9F968E704BF240911880593E7F5AEC6
Certificate serial: 03
Authority key identifier: D1:BD:29:0D:A9:F9:68:E7:04:BF:24:09:11:88:05:93:E7:F5:AE:C6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0b0pDan5aOcEvyQJEYgFk-f1rsY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/mdWkenbba6s37HdPrC9fXrswsHk.roa
Signing time: Thu 23 Oct 2025 09:11:22 +0000
ROA not before: Thu 23 Oct 2025 09:11:22 +0000
ROA not after: Fri 23 Oct 2026 09:04:31 +0000
asID: 17962
IP address blocks: 203.88.32.0/19 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D1BD290DA9F968E704BF240911880593E7F5AEC6
Validity
Not Before: Oct 23 09:11:22 2025 GMT
Not After : Oct 23 09:04:31 2026 GMT
Subject: CN=99D5A47A76DB6BAB37EC774FAC2F5F5EBB30B079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3d:60:69:c5:8d:63:45:0a:4c:61:b7:d8:d2:
55:d7:cb:84:11:4d:19:b7:2e:be:89:3d:c8:56:3d:
f2:63:cb:73:f5:43:fb:89:e9:ca:3c:18:e7:56:db:
a4:f1:2a:69:87:a5:d8:d8:b9:b7:13:d8:05:79:2c:
69:92:12:d0:3a:ee:a9:30:30:db:cc:e2:d5:32:7a:
95:a5:be:91:2f:a4:65:32:94:1d:e0:76:a7:5b:fb:
73:3e:f6:9f:7e:09:14:17:36:48:83:96:5d:b9:3d:
36:a9:3c:ca:89:e7:b4:64:85:d9:75:44:b8:97:f0:
6b:87:5c:2c:ef:0c:35:89:d5:b9:a6:82:da:19:a8:
e9:bb:c6:f1:64:36:ce:d8:f0:ef:da:8d:50:ed:89:
7d:82:ee:94:11:7b:dd:53:21:85:1d:dd:bf:c7:08:
2c:c8:81:f7:1a:56:76:1c:0e:d6:ab:14:3f:ad:92:
21:eb:b4:91:49:be:c5:96:27:a5:70:2d:c3:eb:e2:
90:26:e1:7f:ca:ab:31:89:9e:c8:66:a0:d3:16:c7:
f8:67:1f:b6:da:bc:1d:d8:75:37:27:81:c7:84:38:
4b:71:56:4a:84:85:c3:c3:2a:84:76:49:24:f7:ec:
d9:92:2a:d1:41:4e:43:e7:05:61:30:df:c9:e8:f1:
45:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D5:A4:7A:76:DB:6B:AB:37:EC:77:4F:AC:2F:5F:5E:BB:30:B0:79
X509v3 Authority Key Identifier:
keyid:D1:BD:29:0D:A9:F9:68:E7:04:BF:24:09:11:88:05:93:E7:F5:AE:C6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/0b0pDan5aOcEvyQJEYgFk-f1rsY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0b0pDan5aOcEvyQJEYgFk-f1rsY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/142/mdWkenbba6s37HdPrC9fXrswsHk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.88.32.0/19
Signature Algorithm: sha256WithRSAEncryption
70:87:10:96:19:8f:fe:f1:b5:a0:ad:c0:41:61:31:6b:52:ac:
67:f8:24:0c:ce:30:a7:2f:8b:86:23:db:32:37:5f:43:09:a9:
24:e2:1c:89:c3:35:8d:8d:e0:51:ec:bc:26:e3:bd:b7:eb:16:
7e:80:b0:d8:4a:11:bd:57:6a:7a:0f:d4:5a:48:1d:19:e9:d1:
74:ad:00:e9:05:6d:70:c9:c0:c9:b1:5f:0b:54:66:aa:02:3c:
f7:47:18:43:1a:f9:34:4f:10:46:2e:eb:70:40:f0:b0:c7:51:
a2:22:27:20:40:18:d8:09:d0:de:40:10:59:51:a9:d7:8a:f4:
39:ed:df:46:f1:08:8f:a4:ec:1f:4b:9b:7f:23:c1:17:ce:7b:
6c:0a:26:1b:e9:57:d1:a2:17:22:de:c8:ee:cd:10:40:49:8b:
2e:5b:2c:57:d3:f7:1f:03:e5:8e:81:fa:35:95:a8:e3:33:6f:
32:51:ef:03:a4:22:d1:f5:7b:4b:54:62:6b:ce:4c:55:af:34:
a7:97:5d:48:11:97:a9:a1:60:4c:9c:fc:48:ef:f8:bb:ad:29:
ec:df:2e:55:43:42:59:3a:4e:bb:d3:78:7c:0a:9f:88:37:a1:
db:ab:7f:29:1f:ed:06:c1:1b:f9:04:c8:b8:28:84:0a:7a:97:
e0:74:9c:96
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEMUJE
MjkwREE5Rjk2OEU3MDRCRjI0MDkxMTg4MDU5M0U3RjVBRUM2MB4XDTI1MTAyMzA5
MTEyMloXDTI2MTAyMzA5MDQzMVowMzExMC8GA1UEAxMoOTlENUE0N0E3NkRCNkJB
QjM3RUM3NzRGQUMyRjVGNUVCQjMwQjA3OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANg9YGnFjWNFCkxht9jSVdfLhBFNGbcuvok9yFY98mPLc/VD+4np
yjwY51bbpPEqaYel2Ni5txPYBXksaZIS0DruqTAw28zi1TJ6laW+kS+kZTKUHeB2
p1v7cz72n34JFBc2SIOWXbk9Nqk8yonntGSF2XVEuJfwa4dcLO8MNYnVuaaC2hmo
6bvG8WQ2ztjw79qNUO2JfYLulBF73VMhhR3dv8cILMiB9xpWdhwO1qsUP62SIeu0
kUm+xZYnpXAtw+vikCbhf8qrMYmeyGag0xbH+Gcfttq8Hdh1NyeBx4Q4S3FWSoSF
w8MqhHZJJPfs2ZIq0UFOQ+cFYTDfyejxRTECAwEAAaOCAfEwggHtMB0GA1UdDgQW
BBSZ1aR6dttrqzfsd0+sL19euzCweTAfBgNVHSMEGDAWgBTRvSkNqflo5wS/JAkR
iAWT5/WuxjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNDIv
MGIwcERhbjVhT2NFdnlRSkVZZ0ZrLWYxcnNZLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8wYjBwRGFuNWFPY0V2eVFKRVlnRmstZjFyc1kuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNDIvbWRXa2VuYmJhNnMzN0hk
UHJDOWZYcnN3c0hrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BctYIDANBgkqhkiG9w0BAQsFAAOCAQEAcIcQlhmP/vG1oK3AQWExa1KsZ/gkDM4w
py+LhiPbMjdfQwmpJOIcicM1jY3gUey8JuO9t+sWfoCw2EoRvVdqeg/UWkgdGenR
dK0A6QVtcMnAybFfC1RmqgI890cYQxr5NE8QRi7rcEDwsMdRoiInIEAY2AnQ3kAQ
WVGp14r0Oe3fRvEIj6TsH0ubfyPBF857bAomG+lX0aIXIt7I7s0QQEmLLlssV9P3
HwPljoH6NZWo4zNvMlHvA6Qi0fV7S1Ria85MVa80p5ddSBGXqaFgTJz8SO/4u60p
7N8uVUNCWTpOu9N4fAqfiDeh26t/KR/tBsEb+QTIuCiECnqX4HSclg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:25:30 2025 by rpki-client