Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/nigGaAp-P3DSG0toSvTol1MzDjQ.roa
File: nigGaAp-P3DSG0toSvTol1MzDjQ.roa (raw, json)
Hash identifier: tyCu1AfH0eWQXZx9C0WIw5KB4r3oKtCYb4eiw3xMvT8=
Subject key identifier: 9E:28:06:68:0A:7E:3F:70:D2:1B:4B:68:4A:F4:E8:97:53:33:0E:34
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 18DB
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/nigGaAp-P3DSG0toSvTol1MzDjQ.roa
Signing time: Tue 10 Feb 2026 05:00:45 +0000
ROA not before: Tue 10 Feb 2026 05:00:45 +0000
ROA not after: Fri 23 Oct 2026 03:01:03 +0000
asID: 55990
IP address blocks: 115.33.136.0/22 maxlen: 23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6363 (0x18db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Feb 10 05:00:45 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=9E2806680A7E3F70D21B4B684AF4E89753330E34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:eb:92:bb:f4:37:07:e8:3d:14:f9:92:5a:73:
8c:0f:bc:e3:03:e9:30:d0:a2:c3:83:4a:f7:37:2b:
8c:60:76:49:43:50:54:ab:19:82:b1:3a:ea:df:18:
1d:0d:88:6d:6e:75:c0:17:85:28:22:65:8b:83:46:
5d:bb:7c:fe:18:6c:69:ab:c7:df:30:01:50:2f:15:
a0:9d:a3:38:cd:7e:af:c1:b8:92:bd:46:a2:33:0b:
6e:95:4a:e9:9a:6e:db:0f:05:d8:89:50:7a:62:cc:
bc:47:4d:d8:dc:7c:6c:91:42:ba:6a:1f:62:1d:5e:
b7:5f:38:18:aa:c4:44:bc:0b:28:7a:f7:ae:1b:7b:
bd:18:57:db:ef:97:87:b5:b9:c1:74:fd:8b:33:ca:
9b:12:91:40:eb:c8:1c:4c:fc:92:ed:b1:a1:58:5e:
8a:9f:08:b2:11:d1:51:ba:aa:e9:6a:3e:01:80:db:
b8:d1:fe:0b:e2:3c:67:12:73:df:d4:8b:73:22:c1:
45:7c:f6:23:71:12:11:7f:59:9a:b9:a3:c7:77:5e:
c6:14:ee:33:e8:6e:a8:45:e1:6e:79:64:52:96:94:
dd:c1:f7:0f:b8:43:c1:1f:c4:0c:f7:6c:de:00:cf:
eb:6a:91:a5:e1:e9:76:c2:a0:b4:54:f6:14:06:ea:
7e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:28:06:68:0A:7E:3F:70:D2:1B:4B:68:4A:F4:E8:97:53:33:0E:34
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/nigGaAp-P3DSG0toSvTol1MzDjQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.33.136.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:ab:f7:5d:ec:c6:12:b4:a2:51:17:4b:96:50:48:27:08:15:
b5:19:46:36:1a:fd:8c:72:ea:8a:a9:3a:d5:03:9c:2f:07:4e:
96:9c:c1:0a:67:8a:b5:ee:cc:20:fb:68:b2:a8:cc:37:07:86:
d6:39:49:74:70:f7:53:39:16:30:66:55:fa:bc:a7:4c:f7:fd:
79:7e:2d:61:af:ef:88:f4:44:41:0d:b4:c7:a7:5d:b1:b9:f5:
38:b9:bb:d0:0f:cd:c7:7e:4f:1f:0d:f1:a9:14:d4:de:e9:7f:
3a:9e:3d:51:a7:04:bf:e1:6e:91:d7:f6:ae:51:7c:74:c5:61:
b9:9f:9a:c7:1c:83:db:99:81:e4:aa:91:eb:45:59:7f:68:4b:
92:1b:e3:a6:64:fb:46:d9:02:a4:cf:3d:0e:3e:47:0a:d1:c1:
96:31:fa:91:f8:0c:95:be:82:d9:e0:0e:33:59:50:ee:a4:40:
e1:26:db:00:c0:c0:bd:69:93:c3:d4:cc:55:e2:cc:ca:57:81:
e6:32:a3:c7:d6:3b:86:4f:63:cc:e2:ba:f1:e5:a9:25:53:0d:
82:68:95:56:db:c5:c3:9f:d6:b6:65:33:ab:a2:00:f7:79:3f:
b6:3b:72:17:c8:f6:b9:e6:f3:ff:ba:fa:e1:5b:77:5c:d4:bd:
8b:14:15:98
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNjAyMTAw
NTAwNDVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDlFMjgwNjY4MEE3RTNG
NzBEMjFCNEI2ODRBRjRFODk3NTMzMzBFMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh65K79DcH6D0U+ZJac4wPvOMD6TDQosODSvc3K4xgdklDUFSr
GYKxOurfGB0NiG1udcAXhSgiZYuDRl27fP4YbGmrx98wAVAvFaCdozjNfq/BuJK9
RqIzC26VSumabtsPBdiJUHpizLxHTdjcfGyRQrpqH2IdXrdfOBiqxES8Cyh6964b
e70YV9vvl4e1ucF0/YszypsSkUDryBxM/JLtsaFYXoqfCLIR0VG6qulqPgGA27jR
/gviPGcSc9/Ui3MiwUV89iNxEhF/WZq5o8d3XsYU7jPobqhF4W55ZFKWlN3B9w+4
Q8EfxAz3bN4Az+tqkaXh6XbCoLRU9hQG6n57AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUnigGaAp+P3DSG0toSvTol1MzDjQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbmlnR2FBcC1QM0RT
RzB0b1N2VG9sMU16RGpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAnMhiDANBgkqhkiG9w0BAQsFAAOCAQEAaqv3XezGErSiURdLllBIJwgVtRlG
Nhr9jHLqiqk61QOcLwdOlpzBCmeKte7MIPtosqjMNweG1jlJdHD3UzkWMGZV+ryn
TPf9eX4tYa/viPREQQ20x6ddsbn1OLm70A/Nx35PHw3xqRTU3ul/Op49UacEv+Fu
kdf2rlF8dMVhuZ+axxyD25mB5KqR60VZf2hLkhvjpmT7RtkCpM89Dj5HCtHBljH6
kfgMlb6C2eAOM1lQ7qRA4SbbAMDAvWmTw9TMVeLMyleB5jKjx9Y7hk9jzOK68eWp
JVMNgmiVVtvFw5/WtmUzq6IA93k/tjtyF8j2uebz/7r64Vt3XNS9ixQVmA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:19:00 2026 by rpki-client