Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/uBHnfFtZOhf9C-Sjqw1Nr7ZP-vU.roa
File: uBHnfFtZOhf9C-Sjqw1Nr7ZP-vU.roa (raw, json)
Hash identifier: vbF20h35l8mQD4MKL+vQ3d1CrKndAua511ZZxEfXxW0=
Subject key identifier: B8:11:E7:7C:5B:59:3A:17:FD:0B:E4:A3:AB:0D:4D:AF:B6:4F:FA:F5
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 18DC
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/uBHnfFtZOhf9C-Sjqw1Nr7ZP-vU.roa
Signing time: Tue 10 Feb 2026 05:00:45 +0000
ROA not before: Tue 10 Feb 2026 05:00:45 +0000
ROA not after: Fri 23 Oct 2026 03:01:03 +0000
asID: 55990
IP address blocks: 115.32.224.0/19 maxlen: 23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6364 (0x18dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Feb 10 05:00:45 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=B811E77C5B593A17FD0BE4A3AB0D4DAFB64FFAF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:23:75:7e:12:e5:08:21:b6:5c:a0:c3:17:12:
28:11:b9:91:61:02:b3:af:36:03:7f:95:4a:c2:46:
f6:5b:0f:0b:07:00:50:32:77:dc:8e:33:11:88:87:
9e:66:f4:32:47:31:01:c5:c3:28:10:07:cc:14:85:
7c:99:d8:6e:ba:ed:26:9c:d3:bc:5c:79:ae:5f:f8:
ed:31:ab:91:be:e8:ec:f0:ad:46:0b:76:c5:43:a9:
2a:3d:d4:2a:df:db:99:ff:31:78:4f:ae:1c:fc:5e:
4e:42:7f:d1:fb:12:a7:70:7b:25:25:91:56:81:f4:
f8:51:67:56:5e:ca:4d:25:0c:f8:55:d1:5a:37:2c:
ec:9b:dd:b9:f1:40:fe:e2:b4:93:c3:35:2d:c1:92:
d7:32:4b:59:77:98:02:15:8b:f2:1d:c0:9c:ed:9f:
01:1f:52:4b:29:89:23:5b:eb:ce:44:f2:ca:0c:08:
0a:0a:fd:4c:c0:1b:29:cf:fe:a8:6f:d8:a4:75:a9:
a4:74:98:67:8d:c6:44:77:86:f0:fb:3a:e3:42:51:
c3:44:83:77:1a:7c:ae:22:d5:e9:d4:69:36:ee:75:
ac:54:5b:d1:db:a5:e8:ac:ae:18:ee:b0:4d:44:83:
1f:32:57:f4:e2:fd:25:31:07:58:3f:79:6c:9b:ba:
0a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:11:E7:7C:5B:59:3A:17:FD:0B:E4:A3:AB:0D:4D:AF:B6:4F:FA:F5
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/uBHnfFtZOhf9C-Sjqw1Nr7ZP-vU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.32.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:e9:02:ae:35:29:9d:30:72:9a:a4:3f:b9:0f:14:62:bb:ba:
54:5d:ed:2c:b1:95:26:ad:c6:63:e6:e4:76:a5:97:8c:35:5a:
52:df:6d:81:ad:ae:8d:5f:2c:27:e6:bc:67:61:fb:3e:ba:d7:
4f:1c:8c:61:78:c2:4d:85:3c:7e:a8:03:73:29:23:07:86:a1:
fb:ca:3a:9d:3c:0e:9d:55:5e:cc:f9:7d:18:22:bb:93:3d:b4:
fc:fb:96:2a:9c:8f:fe:9c:53:17:5f:99:e1:82:51:8f:f7:35:
7c:c8:11:6f:0c:b4:5d:06:d9:92:64:fc:5d:75:8f:f5:07:ee:
6f:74:51:d5:08:10:d8:e0:1a:62:3a:3f:08:08:89:4e:0b:da:
3f:a5:b7:b1:4f:e0:8b:88:81:39:f8:c0:b1:e8:ad:af:b8:a5:
30:56:78:ed:18:ac:25:55:26:cc:69:3b:54:c6:ee:3e:5c:3d:
88:df:ef:06:30:8b:43:34:fe:f5:38:92:cb:0c:2d:98:a1:12:
e5:e3:d2:3b:a0:f4:6d:12:53:a5:66:7c:ed:e8:1a:af:b1:a3:
49:b5:96:26:8c:1b:d4:76:77:7d:4f:ba:ee:c2:67:78:ba:88:
e8:33:80:e1:39:1e:fe:8b:e3:2c:94:3b:d0:0f:3b:d6:d3:04:
49:97:73:3c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNjAyMTAw
NTAwNDVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEI4MTFFNzdDNUI1OTNB
MTdGRDBCRTRBM0FCMEQ0REFGQjY0RkZBRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwI3V+EuUIIbZcoMMXEigRuZFhArOvNgN/lUrCRvZbDwsHAFAy
d9yOMxGIh55m9DJHMQHFwygQB8wUhXyZ2G667Sac07xcea5f+O0xq5G+6OzwrUYL
dsVDqSo91Crf25n/MXhPrhz8Xk5Cf9H7EqdweyUlkVaB9PhRZ1Zeyk0lDPhV0Vo3
LOyb3bnxQP7itJPDNS3BktcyS1l3mAIVi/IdwJztnwEfUkspiSNb685E8soMCAoK
/UzAGynP/qhv2KR1qaR0mGeNxkR3hvD7OuNCUcNEg3cafK4i1enUaTbudaxUW9Hb
peisrhjusE1Egx8yV/Ti/SUxB1g/eWybugr5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUuBHnfFtZOhf9C+Sjqw1Nr7ZP+vUwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvdUJIbmZGdFpPaGY5
Qy1TanF3MU5yN1pQLXZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBXMg4DANBgkqhkiG9w0BAQsFAAOCAQEAT+kCrjUpnTBymqQ/uQ8UYru6VF3t
LLGVJq3GY+bkdqWXjDVaUt9tga2ujV8sJ+a8Z2H7PrrXTxyMYXjCTYU8fqgDcykj
B4ah+8o6nTwOnVVezPl9GCK7kz20/PuWKpyP/pxTF1+Z4YJRj/c1fMgRbwy0XQbZ
kmT8XXWP9Qfub3RR1QgQ2OAaYjo/CAiJTgvaP6W3sU/gi4iBOfjAseitr7ilMFZ4
7RisJVUmzGk7VMbuPlw9iN/vBjCLQzT+9TiSywwtmKES5ePSO6D0bRJTpWZ87ega
r7GjSbWWJowb1HZ3fU+67sJneLqI6DOA4Tke/ovjLJQ70A871tMESZdzPA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:53:59 2026 by rpki-client