Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2776/7EXoG38JNt0cC57P_bBOhzyu5XA.roa
File: 7EXoG38JNt0cC57P_bBOhzyu5XA.roa (raw, json)
Hash identifier: AfwmBToo6cuEKA0JdqrhEK62oy4E85exix+WPw/ZzdA=
Subject key identifier: EC:45:E8:1B:7F:09:36:DD:1C:0B:9E:CF:FD:B0:4E:87:3C:AE:E5:70
Certificate issuer: /CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Certificate serial: 1312
Authority key identifier: 86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/7EXoG38JNt0cC57P_bBOhzyu5XA.roa
Signing time: Fri 07 Feb 2025 09:28:05 +0000
ROA not before: Fri 07 Feb 2025 09:28:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63566
IP address blocks: 122.11.0.0/19 maxlen: 19
Validation: Failed, certificate revoked on Fri 07 Feb 2025 09:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4882 (0x1312)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Validity
Not Before: Feb 7 09:28:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=EC45E81B7F0936DD1C0B9ECFFDB04E873CAEE570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:af:b4:01:82:d2:a5:bc:36:e6:10:3e:a1:90:
17:e0:29:d7:85:94:9f:f0:43:28:18:1b:c2:e9:08:
89:3a:9c:88:00:e4:4d:9e:be:09:9d:2d:c5:de:ac:
c4:d6:c4:a3:2e:4c:00:ea:ca:36:11:cf:90:e6:2a:
82:61:bd:e0:fe:42:75:39:24:2c:62:9a:cf:b1:de:
06:3d:bc:b3:98:22:4d:87:86:3e:8f:e9:e9:e4:83:
a1:6a:02:15:e4:63:8a:64:d8:79:c0:2f:a8:4b:2d:
8f:12:65:2d:2a:18:f6:5b:97:44:79:59:3d:92:30:
2b:df:91:9f:fa:b1:04:51:13:15:4f:2f:82:d2:02:
1b:5b:f9:5f:f5:78:b2:4a:46:a2:3b:65:39:8f:dd:
85:2f:20:81:05:10:7a:fc:78:12:09:e0:58:69:54:
b6:fc:7c:ff:1d:95:f6:8f:23:01:f8:41:eb:9e:d4:
67:79:db:3c:6a:76:5f:22:bb:c1:b7:b3:68:98:44:
25:eb:d8:33:e9:c7:c4:ef:ae:c3:72:cf:a6:b5:71:
6a:b0:b4:68:50:26:af:42:90:c0:2c:d3:05:88:08:
dd:23:ee:ed:47:ff:c8:5a:3f:58:44:6d:98:a6:00:
d2:84:f8:1a:57:f1:aa:76:37:f0:02:88:89:f6:c3:
1c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:45:E8:1B:7F:09:36:DD:1C:0B:9E:CF:FD:B0:4E:87:3C:AE:E5:70
X509v3 Authority Key Identifier:
keyid:86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/7EXoG38JNt0cC57P_bBOhzyu5XA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.11.0.0/19
Signature Algorithm: sha256WithRSAEncryption
86:61:80:3d:19:14:09:b3:d2:69:41:ac:4d:e6:a3:9b:12:10:
b1:07:b9:e7:74:2a:5d:b8:a1:57:fa:20:2b:6f:f7:f0:5b:d1:
38:9d:59:77:12:c2:29:09:2e:15:28:d2:f6:22:3e:98:a8:89:
ad:db:9e:5f:19:3d:3b:98:49:b9:c4:f0:5e:d9:9c:f6:34:b6:
77:e3:d2:64:e6:21:5b:a5:f5:48:06:13:42:7d:24:fa:ee:a6:
da:96:ed:7d:a3:ab:43:ad:25:55:0b:c9:fd:bb:44:41:0e:3d:
3c:ee:1c:f2:e7:40:b6:8d:71:03:85:d4:29:1f:86:37:b5:bf:
c0:e9:e7:71:3c:d2:83:72:9f:c8:47:a1:76:ae:9c:8e:2a:5e:
1b:e6:a1:5e:be:3c:47:ae:35:8b:3e:6b:cc:97:78:66:cc:37:
bf:91:d7:4d:8f:84:71:12:ff:bc:da:f8:d4:eb:85:0e:a1:45:
d3:00:94:60:2d:e5:f3:1e:88:5c:e8:3d:ed:ca:86:50:44:bf:
f5:07:53:63:fb:64:50:e6:92:f0:a9:55:c5:68:86:ca:81:23:
68:57:d5:a2:90:4f:ad:b2:5d:27:06:1b:f0:4c:eb:bf:63:0f:
7a:80:0f:33:9b:01:79:1f:16:48:bf:32:ad:5c:f4:e5:f2:6a:
29:a0:ca:eb
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICExIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZE
QjBEODg3NDZGRkMwODE0RTU4OUExMzkyNDBGMkY3NDJEMEM1NjAeFw0yNTAyMDcw
OTI4MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVDNDVFODFCN0YwOTM2
REQxQzBCOUVDRkZEQjA0RTg3M0NBRUU1NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkr7QBgtKlvDbmED6hkBfgKdeFlJ/wQygYG8LpCIk6nIgA5E2e
vgmdLcXerMTWxKMuTADqyjYRz5DmKoJhveD+QnU5JCxims+x3gY9vLOYIk2Hhj6P
6enkg6FqAhXkY4pk2HnAL6hLLY8SZS0qGPZbl0R5WT2SMCvfkZ/6sQRRExVPL4LS
Ahtb+V/1eLJKRqI7ZTmP3YUvIIEFEHr8eBIJ4FhpVLb8fP8dlfaPIwH4Qeue1Gd5
2zxqdl8iu8G3s2iYRCXr2DPpx8TvrsNyz6a1cWqwtGhQJq9CkMAs0wWICN0j7u1H
/8haP1hEbZimANKE+BpX8ap2N/ACiIn2wxwLAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU7EXoG38JNt0cC57P/bBOhzyu5XAwHwYDVR0jBBgwFoAUhtsNiHRv/AgU5Ymh
OSQPL3QtDFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc3
Ni9odHNOaUhSdl9BZ1U1WW1oT1NRUEwzUXRERlkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2h0c05pSFJ2X0FnVTVZbWhPU1FQTDNRdERGWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NzYvN0VYb0czOEpOdDBj
QzU3UF9iQk9oenl1NVhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBXoLADANBgkqhkiG9w0BAQsFAAOCAQEAhmGAPRkUCbPSaUGsTeajmxIQsQe5
53QqXbihV/ogK2/38FvROJ1ZdxLCKQkuFSjS9iI+mKiJrdueXxk9O5hJucTwXtmc
9jS2d+PSZOYhW6X1SAYTQn0k+u6m2pbtfaOrQ60lVQvJ/btEQQ49PO4c8udAto1x
A4XUKR+GN7W/wOnncTzSg3KfyEehdq6cjipeG+ahXr48R641iz5rzJd4Zsw3v5HX
TY+EcRL/vNr41OuFDqFF0wCUYC3l8x6IXOg97cqGUES/9QdTY/tkUOaS8KlVxWiG
yoEjaFfVopBPrbJdJwYb8Ezrv2MPeoAPM5sBeR8WSL8yrVz05fJqKaDK6w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:48 2025 by rpki-client