Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/1qln4cjSbKFgWFdcpCpWQgy4z8A.roa
File: 1qln4cjSbKFgWFdcpCpWQgy4z8A.roa (raw, json)
Hash identifier: OGNAN8iYCmNCwBh6JoLpjdH+XmWGLHy8vrP2ON+O9Bg=
Subject key identifier: D6:A9:67:E1:C8:D2:6C:A1:60:58:57:5C:A4:2A:56:42:0C:B8:CF:C0
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 0789
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/1qln4cjSbKFgWFdcpCpWQgy4z8A.roa
Signing time: Thu 10 Jul 2025 01:30:59 +0000
ROA not before: Thu 10 Jul 2025 01:30:59 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146762
IP address blocks: 103.2.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 17 Jul 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1929 (0x789)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jul 10 01:30:59 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D6A967E1C8D26CA16058575CA42A56420CB8CFC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c8:e7:bf:30:26:31:93:35:61:49:44:32:4d:
f8:b0:5d:c4:89:35:de:25:d3:84:ec:5a:93:d1:5b:
f8:60:ae:0b:14:5f:cb:39:4a:a3:90:d6:4b:54:24:
5d:66:0b:b7:89:96:68:8f:5f:92:31:91:b3:15:12:
4e:df:31:43:d1:c7:65:ec:9d:bf:fd:de:b4:59:b2:
9e:e1:0b:04:7f:25:99:99:ac:56:ca:08:23:a5:47:
df:d0:8b:b7:bc:75:6e:8e:a9:4b:32:bd:32:03:0e:
ab:8c:2d:30:30:26:5b:a9:b0:27:43:b6:9f:e3:25:
59:1c:fb:d3:5d:16:8c:14:9c:7a:da:23:79:da:e6:
ad:70:bc:ce:5b:58:5e:f1:3e:d1:b2:25:c4:73:93:
cb:94:f2:b9:cb:66:84:15:ed:cd:d3:07:ed:d7:25:
65:b9:af:46:9c:a8:c6:73:1e:5a:9a:4a:71:ac:c1:
bb:1b:c7:81:12:61:a5:1b:17:0e:b1:98:0e:77:83:
75:78:7e:43:91:54:61:78:9f:bd:d9:aa:b5:95:fd:
c1:49:f1:92:f7:9e:3d:5e:06:e6:43:9a:e0:e5:ed:
28:09:a9:56:d3:6b:40:e4:5c:0e:ab:e0:73:6c:27:
e1:4e:38:29:8a:7f:2d:85:dd:f7:9d:2c:51:c3:c9:
2a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A9:67:E1:C8:D2:6C:A1:60:58:57:5C:A4:2A:56:42:0C:B8:CF:C0
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/1qln4cjSbKFgWFdcpCpWQgy4z8A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.158.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:99:92:b1:d2:a7:36:c0:9b:0d:0c:c4:67:70:c8:eb:ed:28:
29:b0:c5:77:58:03:19:92:9d:98:46:c1:32:35:73:e3:90:be:
82:c0:54:9e:57:ab:b9:30:09:e8:92:4e:ad:e4:89:2f:32:7d:
80:22:68:35:ac:c5:02:55:0f:31:55:1b:49:99:6d:6e:12:88:
58:94:8a:d7:ec:10:0d:09:63:2a:33:02:19:33:53:9e:de:05:
fb:e3:3f:58:1a:7a:4d:cb:e4:36:59:87:94:96:26:c3:00:2e:
30:e8:40:f6:c6:6f:6b:f3:25:15:3e:63:a2:2c:4a:63:a8:99:
7b:a6:d4:d2:fe:21:ff:83:45:e1:5f:48:cd:6b:63:d8:08:8f:
f8:5e:3c:3e:0d:19:83:a7:cb:1e:29:65:c5:31:33:33:3a:4e:
a5:80:4a:01:8f:01:3c:71:df:4d:ff:15:65:34:51:23:57:05:
de:a8:8f:75:80:2d:f4:7e:f7:54:2b:02:a3:72:f8:9d:42:7b:
d2:6f:fc:80:a8:72:80:d1:ea:1f:d2:0f:4a:80:f1:fe:79:a2:
84:0a:bf:21:b2:16:df:6b:36:72:89:d7:43:cd:3c:23:7a:f2:
c5:9c:41:6a:0a:63:9c:c6:53:5a:bb:39:b9:96:a9:69:0c:c2:
3d:b6:97:fe
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD
NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MTAw
MTMwNTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ2QTk2N0UxQzhEMjZD
QTE2MDU4NTc1Q0E0MkE1NjQyMENCOENGQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3yOe/MCYxkzVhSUQyTfiwXcSJNd4l04TsWpPRW/hgrgsUX8s5
SqOQ1ktUJF1mC7eJlmiPX5IxkbMVEk7fMUPRx2Xsnb/93rRZsp7hCwR/JZmZrFbK
CCOlR9/Qi7e8dW6OqUsyvTIDDquMLTAwJlupsCdDtp/jJVkc+9NdFowUnHraI3na
5q1wvM5bWF7xPtGyJcRzk8uU8rnLZoQV7c3TB+3XJWW5r0acqMZzHlqaSnGswbsb
x4ESYaUbFw6xmA53g3V4fkORVGF4n73ZqrWV/cFJ8ZL3nj1eBuZDmuDl7SgJqVbT
a0DkXA6r4HNsJ+FOOCmKfy2F3fedLFHDySonAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU1qln4cjSbKFgWFdcpCpWQgy4z8AwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp
FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvMXFsbjRjalNiS0Zn
V0ZkY3BDcFdRZ3k0ejhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWcCnjANBgkqhkiG9w0BAQsFAAOCAQEALpmSsdKnNsCbDQzEZ3DI6+0oKbDF
d1gDGZKdmEbBMjVz45C+gsBUnleruTAJ6JJOreSJLzJ9gCJoNazFAlUPMVUbSZlt
bhKIWJSK1+wQDQljKjMCGTNTnt4F++M/WBp6TcvkNlmHlJYmwwAuMOhA9sZva/Ml
FT5joixKY6iZe6bU0v4h/4NF4V9IzWtj2AiP+F48Pg0Zg6fLHillxTEzMzpOpYBK
AY8BPHHfTf8VZTRRI1cF3qiPdYAt9H73VCsCo3L4nUJ70m/8gKhygNHqH9IPSoDx
/nmihAq/IbIW32s2conXQ808I3ryxZxBagpjnMZTWrs5uZapaQzCPbaX/g==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:00 2025 by rpki-client