Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2776/XbrYcpthkoOZnwTCYy56XNjvDu4.roa
File: XbrYcpthkoOZnwTCYy56XNjvDu4.roa (raw, json)
Hash identifier: jJRg0IyhABsZ+0K+g/KPqDXYIDxMyGodGZEzjP7k+QI=
Subject key identifier: 5D:BA:D8:72:9B:61:92:83:99:9F:04:C2:63:2E:7A:5C:D8:EF:0E:EE
Certificate issuer: /CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Certificate serial: 129E
Authority key identifier: 86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/XbrYcpthkoOZnwTCYy56XNjvDu4.roa
Signing time: Fri 17 Jan 2025 01:29:58 +0000
ROA not before: Fri 17 Jan 2025 01:29:58 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63566
IP address blocks: 103.252.248.0/24 maxlen: 24
118.194.59.0/24 maxlen: 24
122.11.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 03:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4766 (0x129e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Validity
Not Before: Jan 17 01:29:58 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5DBAD8729B619283999F04C2632E7A5CD8EF0EEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:85:ce:29:29:50:72:5b:7c:c5:b8:54:d3:61:
c4:cf:2b:39:16:36:ee:1a:0e:ed:29:51:bd:79:7a:
6f:b5:07:6f:ad:31:bc:b6:c2:aa:91:c3:b7:bf:43:
22:67:5b:a5:d1:92:a9:c0:bc:b6:1c:90:6c:00:0c:
8f:62:bd:58:83:be:6a:05:c3:da:08:56:17:b2:72:
a6:35:b0:32:e8:a1:41:37:67:4d:56:18:a0:c6:b8:
01:68:c8:f9:93:82:95:58:1c:82:95:4b:71:14:23:
30:9e:40:32:37:c4:90:88:de:8f:84:38:9b:66:c5:
0b:65:67:09:cb:f2:6f:2a:0b:99:6d:3f:be:d3:e3:
a4:a3:36:8c:63:de:d7:9f:57:c2:af:45:1f:70:b9:
b7:07:db:13:db:4a:f5:af:15:0e:45:20:41:6a:30:
b3:97:82:5f:b1:6d:c2:37:a4:bb:26:28:90:f9:fd:
e7:c8:e3:22:76:aa:a8:d0:cb:0b:a8:38:2f:4f:56:
26:ac:90:bf:bd:32:2a:7a:54:81:f0:e7:69:93:d7:
ed:69:0d:a1:35:0d:09:e4:2f:ff:fe:f4:3c:4b:a3:
27:b2:e6:34:ac:70:1c:16:cb:85:d1:a2:36:11:65:
36:0e:b5:fc:65:5d:9b:e1:bd:24:00:68:92:0e:27:
11:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BA:D8:72:9B:61:92:83:99:9F:04:C2:63:2E:7A:5C:D8:EF:0E:EE
X509v3 Authority Key Identifier:
keyid:86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/XbrYcpthkoOZnwTCYy56XNjvDu4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.248.0/24
118.194.59.0/24
122.11.0.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:c9:41:cd:af:2b:d5:b5:f1:fd:76:a2:56:33:cb:94:d3:17:
87:33:7a:d7:5a:25:93:f6:4a:40:c7:39:67:f5:23:0e:ec:66:
b6:0f:74:76:d5:a5:55:9b:04:ef:67:31:cc:6e:0d:06:1e:89:
29:dc:1c:76:09:03:9d:31:0c:9e:3d:a5:fa:22:69:c9:c6:ee:
5a:9f:ea:04:ba:6f:6e:39:0f:6e:ad:24:37:d6:63:89:1c:7c:
bb:58:cd:2a:e2:bb:ba:3d:a5:e9:d9:00:90:c8:16:3c:5a:b6:
50:d3:e2:b2:03:78:ae:28:96:21:b9:fb:e3:ea:f8:74:44:f8:
77:80:99:46:d0:9c:1d:34:61:0f:c1:37:a6:23:0d:31:9c:b6:
6c:91:93:e2:30:e1:6f:18:88:e0:90:95:79:1b:ff:3a:f1:fc:
90:71:57:01:a3:2e:02:aa:ca:5d:2d:3d:4e:99:5a:f1:e1:d9:
0e:1c:c8:aa:ba:3a:74:13:c7:a2:3f:2a:a1:a4:16:9a:da:a2:
b0:61:0d:d7:41:22:e4:de:1b:45:62:2d:ba:1f:c0:cc:b8:0d:
05:5c:df:28:f8:7d:df:ea:33:df:1c:56:38:cb:0a:89:60:ca:
69:6b:f1:68:20:6d:25:63:19:8b:23:02:29:fe:49:20:b1:67:
fc:d2:b7:4d
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICEp4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZE
QjBEODg3NDZGRkMwODE0RTU4OUExMzkyNDBGMkY3NDJEMEM1NjAeFw0yNTAxMTcw
MTI5NThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVEQkFEODcyOUI2MTky
ODM5OTlGMDRDMjYzMkU3QTVDRDhFRjBFRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6hc4pKVByW3zFuFTTYcTPKzkWNu4aDu0pUb15em+1B2+tMby2
wqqRw7e/QyJnW6XRkqnAvLYckGwADI9ivViDvmoFw9oIVheycqY1sDLooUE3Z01W
GKDGuAFoyPmTgpVYHIKVS3EUIzCeQDI3xJCI3o+EOJtmxQtlZwnL8m8qC5ltP77T
46SjNoxj3tefV8KvRR9wubcH2xPbSvWvFQ5FIEFqMLOXgl+xbcI3pLsmKJD5/efI
4yJ2qqjQywuoOC9PViaskL+9Mip6VIHw52mT1+1pDaE1DQnkL//+9DxLoyey5jSs
cBwWy4XRojYRZTYOtfxlXZvhvSQAaJIOJxFvAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUXbrYcpthkoOZnwTCYy56XNjvDu4wHwYDVR0jBBgwFoAUhtsNiHRv/AgU5Ymh
OSQPL3QtDFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc3
Ni9odHNOaUhSdl9BZ1U1WW1oT1NRUEwzUXRERlkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2h0c05pSFJ2X0FnVTVZbWhPU1FQTDNRdERGWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NzYvWGJyWWNwdGhrb09a
bndUQ1l5NTZYTmp2RHU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw
EgMEAGf8+AMEAHbCOwMEAHoLADANBgkqhkiG9w0BAQsFAAOCAQEA1slBza8r1bXx
/XaiVjPLlNMXhzN611olk/ZKQMc5Z/UjDuxmtg90dtWlVZsE72cxzG4NBh6JKdwc
dgkDnTEMnj2l+iJpycbuWp/qBLpvbjkPbq0kN9ZjiRx8u1jNKuK7uj2l6dkAkMgW
PFq2UNPisgN4riiWIbn74+r4dET4d4CZRtCcHTRhD8E3piMNMZy2bJGT4jDhbxiI
4JCVeRv/OvH8kHFXAaMuAqrKXS09Tpla8eHZDhzIqro6dBPHoj8qoaQWmtqisGEN
10Ei5N4bRWItuh/AzLgNBVzfKPh93+oz3xxWOMsKiWDKaWvxaCBtJWMZiyMCKf5J
ILFn/NK3TQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:45 2025 by rpki-client