Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/zucOI-NxkJhtQOedm3y2CNv2-go.roa
File: zucOI-NxkJhtQOedm3y2CNv2-go.roa (raw, json)
Hash identifier: ylf7lIuB2g2ZB6XV1KWIMkuJnNAVqPjCIr/tLism3/M=
Subject key identifier: CE:E7:0E:23:E3:71:90:98:6D:40:E7:9D:9B:7C:B6:08:DB:F6:FA:0A
Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Certificate serial: 0B13
Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/zucOI-NxkJhtQOedm3y2CNv2-go.roa
Signing time: Mon 27 Oct 2025 02:39:25 +0000
ROA not before: Mon 27 Oct 2025 02:39:25 +0000
ROA not after: Fri 23 Oct 2026 03:01:03 +0000
asID: 58834
IP address blocks: 203.132.32.0/20 maxlen: 20
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2835 (0xb13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Validity
Not Before: Oct 27 02:39:25 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=CEE70E23E37190986D40E79D9B7CB608DBF6FA0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b7:05:0e:1a:a0:27:6f:8e:62:c0:ca:7b:f3:
24:ea:1c:52:e9:5a:31:d8:e1:98:38:cc:58:9e:95:
bd:65:87:a0:a5:ce:77:b9:f1:d5:57:b9:c5:47:75:
36:ac:11:9b:e0:9f:a7:6f:84:7f:e3:df:20:6c:1d:
41:ba:ce:4f:0a:d2:ff:62:fa:5e:76:54:37:66:93:
b9:10:a0:9a:41:35:5e:53:07:96:63:96:8c:34:48:
e5:19:ad:d0:c1:ac:9f:e3:29:ce:59:3b:e9:75:9f:
09:e6:52:f1:35:e7:4a:a2:47:eb:f3:12:e5:e9:6f:
25:50:f8:ea:73:85:cc:17:6d:a0:5f:da:d6:2c:d3:
68:13:fc:4c:35:e1:ff:17:10:b1:5b:91:e3:4c:00:
fa:90:ee:ec:92:fe:ed:7a:88:df:7f:21:20:65:1f:
4f:af:67:17:ce:aa:79:7d:8e:4f:d5:3b:86:00:23:
64:e0:59:29:15:97:22:a5:61:11:76:f2:b4:d0:0c:
10:35:04:d9:31:f4:82:ab:c1:f3:70:13:5b:28:5f:
e7:eb:40:4e:b6:bd:0a:32:17:75:97:27:07:f7:f6:
a3:93:e8:65:67:58:f4:c8:bb:d0:73:e1:f7:09:5b:
96:2e:b8:93:b7:3d:23:cd:44:d7:83:50:8e:66:07:
05:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E7:0E:23:E3:71:90:98:6D:40:E7:9D:9B:7C:B6:08:DB:F6:FA:0A
X509v3 Authority Key Identifier:
keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/zucOI-NxkJhtQOedm3y2CNv2-go.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.132.32.0/20
Signature Algorithm: sha256WithRSAEncryption
31:06:5a:2d:10:99:45:34:88:5d:47:f2:df:2e:a4:c4:18:9c:
d7:4f:cd:05:fd:b3:b2:39:64:d4:db:2d:6e:32:b4:17:5f:e3:
b4:d4:29:e2:51:2f:7a:a1:9c:24:61:1f:36:9c:f8:0e:85:be:
64:5a:94:a3:9b:f2:dd:3f:ef:89:26:68:5b:79:2a:e7:6e:69:
62:0f:db:c5:3a:85:96:84:8f:4b:f2:8a:17:5e:f0:71:81:48:
02:28:4c:c6:48:ef:1d:7a:d7:53:04:58:35:09:5c:34:aa:64:
7f:52:d2:c3:a5:89:b5:be:a3:79:af:68:32:c3:0e:f9:42:57:
30:d8:7e:e0:4d:ff:d6:c7:4a:9d:18:8c:1d:7f:53:9c:25:c0:
b8:10:9e:c3:64:2a:16:14:57:1e:94:5e:1e:3a:d2:5f:42:64:
a0:10:a8:60:82:7f:15:e3:e3:c8:16:95:4b:1b:b2:85:f9:8a:
4d:73:f4:06:a6:0f:cb:82:69:7b:6b:8d:be:e6:5a:9e:a7:b6:
84:31:3b:b6:3f:61:c8:ac:f8:1e:59:01:73:40:bd:c5:45:06:
5e:85:ea:8d:99:de:57:c0:0e:b0:49:f3:02:d9:59:c5:7d:2b:
2a:dd:ad:47:81:fa:02:a1:5f:dd:97:6e:5e:95:eb:c5:e1:ac:
c3:8a:b0:c7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICCxMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC
RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw
MjM5MjVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKENFRTcwRTIzRTM3MTkw
OTg2RDQwRTc5RDlCN0NCNjA4REJGNkZBMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNtwUOGqAnb45iwMp78yTqHFLpWjHY4Zg4zFielb1lh6Clzne5
8dVXucVHdTasEZvgn6dvhH/j3yBsHUG6zk8K0v9i+l52VDdmk7kQoJpBNV5TB5Zj
low0SOUZrdDBrJ/jKc5ZO+l1nwnmUvE150qiR+vzEuXpbyVQ+OpzhcwXbaBf2tYs
02gT/Ew14f8XELFbkeNMAPqQ7uyS/u16iN9/ISBlH0+vZxfOqnl9jk/VO4YAI2Tg
WSkVlyKlYRF28rTQDBA1BNkx9IKrwfNwE1soX+frQE62vQoyF3WXJwf39qOT6GVn
WPTIu9Bz4fcJW5YuuJO3PSPNRNeDUI5mBwX7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUzucOI+NxkJhtQOedm3y2CNv2+gowHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx
+fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz
LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL3p1Y09JLU54a0podFFP
ZWRtM3kyQ052Mi1nby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BATLhCAwDQYJKoZIhvcNAQELBQADggEBADEGWi0QmUU0iF1H8t8upMQYnNdPzQX9
s7I5ZNTbLW4ytBdf47TUKeJRL3qhnCRhHzac+A6FvmRalKOb8t0/74kmaFt5Kudu
aWIP28U6hZaEj0vyihde8HGBSAIoTMZI7x1611MEWDUJXDSqZH9S0sOlibW+o3mv
aDLDDvlCVzDYfuBN/9bHSp0YjB1/U5wlwLgQnsNkKhYUVx6UXh460l9CZKAQqGCC
fxXj48gWlUsbsoX5ik1z9AamD8uCaXtrjb7mWp6ntoQxO7Y/Ycis+B5ZAXNAvcVF
Bl6F6o2Z3lfADrBJ8wLZWcV9KyrdrUeB+gKhX92Xbl6V68XhrMOKsMc=
-----END CERTIFICATE-----
Generated at Thu Nov 6 01:30:21 2025 by rpki-client