Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3078/zKdAO3qPivurZcOcQUNHkMtE2lM.roa
File: zKdAO3qPivurZcOcQUNHkMtE2lM.roa (raw, json)
Hash identifier: zFmNuE/2s1MirPmTRhFoo2pX3w29DXFDIO1CwUl5Ne4=
Subject key identifier: CC:A7:40:3B:7A:8F:8A:FB:AB:65:C3:9C:41:43:47:90:CB:44:DA:53
Certificate issuer: /CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785
Certificate serial: 17
Authority key identifier: F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/zKdAO3qPivurZcOcQUNHkMtE2lM.roa
Signing time: Tue 13 May 2025 11:02:16 +0000
ROA not before: Tue 13 May 2025 11:02:16 +0000
ROA not after: Sun 10 May 2026 04:51:55 +0000
asID: 151270
IP address blocks: 110.40.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 May 2025 06:24:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785
Validity
Not Before: May 13 11:02:16 2025 GMT
Not After : May 10 04:51:55 2026 GMT
Subject: CN=CCA7403B7A8F8AFBAB65C39C41434790CB44DA53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6c:37:9d:96:57:a0:86:98:6b:73:8d:95:b9:
be:78:b1:e1:2f:5a:db:03:cc:96:6d:1f:61:a7:74:
25:34:94:eb:8a:ed:78:c4:e2:b2:9b:10:6a:2d:7c:
ba:fb:1b:67:9f:03:21:95:b8:30:38:4c:16:11:4d:
4e:bc:64:0a:0e:99:fd:47:eb:c4:a0:c4:89:a3:2b:
db:78:86:9f:29:60:aa:7d:67:d3:e3:07:9f:bb:82:
49:f4:f2:21:ee:b4:bb:7b:d4:b0:b2:59:89:6b:88:
0f:e0:f6:ca:e3:75:3f:62:a1:d8:14:55:87:34:c7:
4b:31:8b:b9:b6:86:96:93:c0:65:8d:58:f1:e5:63:
9a:a3:28:24:cd:88:25:f0:71:19:7b:92:33:0d:01:
cd:7c:0d:cf:bf:47:88:7b:30:05:6a:d9:1b:2d:48:
50:1b:36:00:87:ba:f2:6b:50:a0:27:8e:ff:ca:cd:
1c:90:02:2e:91:c0:f1:43:74:9e:d3:5f:03:f8:58:
da:d4:97:be:d2:d1:ca:b9:db:89:dd:c0:7f:f6:32:
7b:fb:14:59:0f:6e:1f:a3:82:7e:62:3d:ae:2c:e1:
c3:83:de:bd:86:58:fe:9f:6e:c8:34:db:22:c2:b6:
fa:5f:b2:64:50:04:28:be:fc:d4:d8:c1:73:8b:20:
26:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A7:40:3B:7A:8F:8A:FB:AB:65:C3:9C:41:43:47:90:CB:44:DA:53
X509v3 Authority Key Identifier:
keyid:F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/zKdAO3qPivurZcOcQUNHkMtE2lM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.40.32.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:c4:e5:d3:87:21:fe:b9:f7:3c:ba:ab:cc:69:97:b9:00:94:
55:96:5a:10:47:e6:f0:8a:24:c3:90:be:78:63:b8:b2:a6:0c:
23:3b:c1:ba:55:c9:a3:11:15:b8:f4:78:bc:58:fa:df:01:de:
e3:4f:90:13:6a:a1:e3:29:57:29:4f:af:40:cb:2d:c6:d6:71:
26:fa:ff:55:1a:48:9c:24:1e:8d:b5:d2:24:02:39:69:8e:91:
86:60:cc:73:9a:36:1f:39:93:b2:82:d5:eb:9d:83:cf:e7:5e:
40:2f:37:50:16:5c:f3:11:d6:e4:37:55:c8:51:c9:1e:5d:43:
81:21:58:a1:42:fa:c4:dd:b3:6e:b8:14:85:3b:04:e6:d0:7f:
00:e5:5f:95:0f:d3:a9:9b:2c:80:09:38:1a:fd:c3:a9:66:25:
7e:3a:95:9e:57:5a:38:77:eb:2d:ff:49:e1:df:07:cc:96:99:
83:52:61:50:19:27:dc:a4:3a:f4:d5:c4:b6:84:90:be:61:e9:
74:50:b3:5b:fd:05:76:2d:61:d9:66:34:1b:34:08:1d:cb:e7:
e1:fc:f9:2b:94:34:22:83:95:bb:29:d6:e4:71:38:07:3e:d7:
9f:12:32:f5:0e:d3:e3:ee:7d:97:7e:9c:93:56:f5:44:b0:6e:
1e:7e:e1:fb
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNzAy
OTM1RjAyRkMxQjgxMjk3RDFGRkI0Qzc4Q0UwQkExRDQzNzg1MB4XDTI1MDUxMzEx
MDIxNloXDTI2MDUxMDA0NTE1NVowMzExMC8GA1UEAxMoQ0NBNzQwM0I3QThGOEFG
QkFCNjVDMzlDNDE0MzQ3OTBDQjQ0REE1MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN1sN52WV6CGmGtzjZW5vnix4S9a2wPMlm0fYad0JTSU64rteMTi
spsQai18uvsbZ58DIZW4MDhMFhFNTrxkCg6Z/UfrxKDEiaMr23iGnylgqn1n0+MH
n7uCSfTyIe60u3vUsLJZiWuID+D2yuN1P2Kh2BRVhzTHSzGLubaGlpPAZY1Y8eVj
mqMoJM2IJfBxGXuSMw0BzXwNz79HiHswBWrZGy1IUBs2AIe68mtQoCeO/8rNHJAC
LpHA8UN0ntNfA/hY2tSXvtLRyrnbid3Af/Yye/sUWQ9uH6OCfmI9rizhw4PevYZY
/p9uyDTbIsK2+l+yZFAEKL781NjBc4sgJu0CAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBTMp0A7eo+K+6tlw5xBQ0eQy0TaUzAfBgNVHSMEGDAWgBT3ApNfAvwbgSl9H/tM
eM4LodQ3hTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDc4
Lzl3S1RYd0w4RzRFcGZSXzdUSGpPQzZIVU40VS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOXdLVFh3TDhHNEVwZlJfN1RIak9DNkhVTjRVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3OC96S2RBTzNxUGl2dXJa
Y09jUVVOSGtNdEUybE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQFbiggMA0GCSqGSIb3DQEBCwUAA4IBAQAaxOXThyH+ufc8uqvMaZe5AJRVlloQ
R+bwiiTDkL54Y7iypgwjO8G6VcmjERW49Hi8WPrfAd7jT5ATaqHjKVcpT69Ayy3G
1nEm+v9VGkicJB6NtdIkAjlpjpGGYMxzmjYfOZOygtXrnYPP515ALzdQFlzzEdbk
N1XIUckeXUOBIVihQvrE3bNuuBSFOwTm0H8A5V+VD9OpmyyACTga/cOpZiV+OpWe
V1o4d+st/0nh3wfMlpmDUmFQGSfcpDr01cS2hJC+Yel0ULNb/QV2LWHZZjQbNAgd
y+fh/PkrlDQig5W7KdbkcTgHPtefEjL1DtPj7n2XfpyTVvVEsG4efuH7
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:03:08 2025 by rpki-client