Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/DKOVFRvr4JVI9fvsPOjSqP1QgZc.roa
File: DKOVFRvr4JVI9fvsPOjSqP1QgZc.roa (raw, json)
Hash identifier: QHteCIReMB0y+8VYHHaJGLpZg/KydkuT8bWg/zzfV5U=
Subject key identifier: 0C:A3:95:15:1B:EB:E0:95:48:F5:FB:EC:3C:E8:D2:A8:FD:50:81:97
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1C61
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/DKOVFRvr4JVI9fvsPOjSqP1QgZc.roa
Signing time: Wed 05 Feb 2025 02:41:09 +0000
ROA not before: Wed 05 Feb 2025 02:41:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 132168
IP address blocks: 202.160.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 08:53:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7265 (0x1c61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Feb 5 02:41:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0CA395151BEBE09548F5FBEC3CE8D2A8FD508197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:0b:bf:df:18:5a:58:9a:4f:68:9e:e2:57:
61:7d:93:46:5e:f1:cb:c7:3c:58:52:01:da:8e:d9:
53:7b:ed:0d:32:7b:96:1e:d6:4c:09:3a:7c:7b:6e:
f8:55:42:a5:3a:42:c7:a6:f0:3f:15:1b:65:7a:76:
a2:97:70:18:a9:c6:06:63:70:db:77:bf:3b:82:ba:
27:21:17:24:9a:86:f6:62:e7:76:7c:82:84:8c:05:
d1:9d:c4:c8:89:ff:82:1f:e1:c1:6b:91:59:9f:07:
23:ff:d9:e1:c5:31:9a:ce:4c:e1:58:1d:2a:01:c8:
b1:18:36:2a:e3:f2:13:99:34:07:e6:a4:9a:bf:32:
15:47:fe:a2:f4:32:a2:ae:03:f1:8a:1b:e2:c0:27:
41:1d:09:f7:72:d9:cc:77:d5:33:8d:10:c6:2e:15:
26:4f:71:dd:79:7b:20:70:f7:bb:68:67:e9:d9:32:
f6:b1:5d:df:44:0e:bf:92:2e:fe:2f:ea:93:f7:3b:
75:c1:ef:e1:28:0c:f6:9d:a2:09:db:ed:c7:2c:fe:
cb:2c:56:e9:17:93:98:8c:c1:b2:24:f8:ec:3e:26:
ee:8b:fa:9c:5a:85:b4:79:9b:8a:b3:35:66:42:f3:
09:5d:ca:de:7b:c6:47:21:a6:61:b7:8a:15:96:e1:
73:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A3:95:15:1B:EB:E0:95:48:F5:FB:EC:3C:E8:D2:A8:FD:50:81:97
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/DKOVFRvr4JVI9fvsPOjSqP1QgZc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.160.140.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:24:19:f6:15:fe:e3:ab:77:80:62:d7:4b:ab:f6:be:04:69:
24:be:cf:92:72:b1:fb:8f:b7:a0:23:3e:c6:73:8a:56:bd:b3:
0b:6a:05:c9:56:4a:7d:22:f1:80:48:6c:93:73:c3:60:82:c9:
43:2a:79:3c:62:8e:32:f5:c3:52:f0:24:ec:a1:c0:ba:25:9d:
0c:42:32:ce:cd:15:10:5a:f2:c6:cc:d2:2a:40:57:e2:68:2d:
b0:8a:38:79:84:19:f5:e6:5f:39:45:bf:af:fa:34:2e:48:ab:
66:7d:30:3b:6b:96:54:23:4f:5d:21:5b:19:1e:e7:2d:c4:c9:
33:ec:be:13:ff:8a:2d:4a:d5:0f:10:64:36:cd:c4:e2:21:f0:
b8:a1:18:9a:f6:5c:ac:61:54:0a:34:e1:d4:60:26:0e:7c:b3:
da:e1:f4:18:b4:7a:39:c8:57:95:65:f4:d0:0f:91:3c:b5:a0:
df:9c:21:e3:94:94:6d:93:6d:ee:58:c0:37:1c:2e:d9:fb:d9:
70:a8:8c:da:e8:00:9e:46:4e:47:5c:d3:f1:6b:80:fb:1d:08:
5c:4e:d1:31:73:7d:eb:35:2d:8f:f5:3a:7f:b4:e3:eb:b5:a5:
4e:c0:87:5b:a1:0a:8e:c8:a4:1d:86:d1:bd:70:f3:82:3a:b7:
99:58:24:4f
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTAyMDUw
MjQxMDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBDQTM5NTE1MUJFQkUw
OTU0OEY1RkJFQzNDRThEMkE4RkQ1MDgxOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBigu/3xhaWJpPaJ7iV2F9k0Ze8cvHPFhSAdqO2VN77Q0ye5Ye
1kwJOnx7bvhVQqU6Qsem8D8VG2V6dqKXcBipxgZjcNt3vzuCuichFySahvZi53Z8
goSMBdGdxMiJ/4If4cFrkVmfByP/2eHFMZrOTOFYHSoByLEYNirj8hOZNAfmpJq/
MhVH/qL0MqKuA/GKG+LAJ0EdCfdy2cx31TONEMYuFSZPcd15eyBw97toZ+nZMvax
Xd9EDr+SLv4v6pP3O3XB7+EoDPadognb7ccs/sssVukXk5iMwbIk+Ow+Ju6L+pxa
hbR5m4qzNWZC8wldyt57xkchpmG3ihWW4XM9AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUDKOVFRvr4JVI9fvsPOjSqP1QgZcwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvREtPVkZSdnI0SlZJ
OWZ2c1BPalNxUDFRZ1pjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsqgjDANBgkqhkiG9w0BAQsFAAOCAQEAtiQZ9hX+46t3gGLXS6v2vgRpJL7P
knKx+4+3oCM+xnOKVr2zC2oFyVZKfSLxgEhsk3PDYILJQyp5PGKOMvXDUvAk7KHA
uiWdDEIyzs0VEFryxszSKkBX4mgtsIo4eYQZ9eZfOUW/r/o0LkirZn0wO2uWVCNP
XSFbGR7nLcTJM+y+E/+KLUrVDxBkNs3E4iHwuKEYmvZcrGFUCjTh1GAmDnyz2uH0
GLR6OchXlWX00A+RPLWg35wh45SUbZNt7ljANxwu2fvZcKiM2ugAnkZOR1zT8WuA
+x0IXE7RMXN96zUtj/U6f7Tj67WlTsCHW6EKjsikHYbRvXDzgjq3mVgkTw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:53 2025 by rpki-client