Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/GYrT_fKRJNWt32patMCOnKOLJuM.roa
File: GYrT_fKRJNWt32patMCOnKOLJuM.roa (raw, json)
Hash identifier: 7HPibGhkoAU6ps9mpo/TEnPhBqVBNWEYIifvS6KkKLk=
Subject key identifier: 19:8A:D3:FD:F2:91:24:D5:AD:DF:6A:5A:B4:C0:8E:9C:A3:8B:26:E3
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 0780
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/GYrT_fKRJNWt32patMCOnKOLJuM.roa
Signing time: Wed 09 Jul 2025 02:53:51 +0000
ROA not before: Wed 09 Jul 2025 02:53:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146761
IP address blocks: 103.2.156.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 10 Jul 2025 01:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1920 (0x780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jul 9 02:53:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=198AD3FDF29124D5ADDF6A5AB4C08E9CA38B26E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:fd:37:a3:c8:7e:4a:f7:1a:2f:17:4f:13:b5:
3f:72:79:2d:12:12:eb:e8:58:df:6b:23:3d:b1:4f:
3a:15:99:60:be:05:8c:fe:91:59:d4:61:f2:49:e4:
a6:71:5d:d7:06:e5:4f:be:60:62:4d:11:f3:aa:f8:
8b:13:4e:b5:83:6f:5e:81:d2:b5:aa:41:b5:fa:71:
78:1d:06:e8:04:a0:34:16:68:9a:eb:d7:59:57:5f:
81:8f:c9:28:0b:93:a1:33:90:17:55:a2:08:91:26:
dd:b5:82:a0:80:5e:d4:6a:bd:af:d3:fb:85:58:c4:
74:37:32:01:fa:ab:52:63:f2:0e:e0:83:73:18:81:
b0:04:e5:1e:d4:62:02:a0:73:f3:9d:9d:26:53:25:
a6:91:6a:4e:eb:39:f1:18:80:6c:8a:a7:b5:fb:fe:
dd:dd:ae:a3:09:90:92:74:b8:dd:0a:6f:03:ff:52:
89:6e:7b:0a:25:35:e7:51:16:95:b3:55:ed:43:13:
8a:77:c3:5b:22:a3:89:47:fc:68:c5:23:bc:fe:03:
79:a4:b8:25:ef:7a:c3:4a:09:df:8c:f2:e1:7a:10:
c9:ce:f1:73:66:b3:39:f8:b9:86:02:0d:67:14:30:
ab:83:e1:fa:7f:72:49:60:86:50:a7:37:1f:dc:23:
63:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8A:D3:FD:F2:91:24:D5:AD:DF:6A:5A:B4:C0:8E:9C:A3:8B:26:E3
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/GYrT_fKRJNWt32patMCOnKOLJuM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.156.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:72:84:94:f7:16:4c:fa:4e:52:b2:16:ed:55:56:53:f5:f4:
39:1b:39:ed:39:58:84:ea:68:04:35:16:ea:10:00:b7:6c:56:
18:96:17:40:1c:93:0e:9c:aa:fc:5e:e7:f9:c3:ac:1b:0f:13:
45:cf:be:36:52:05:bf:57:2d:e6:32:25:31:44:01:31:79:b5:
27:c7:7d:b3:5d:a8:bd:63:ad:92:a4:99:91:07:a4:ec:49:d1:
85:b6:fa:c3:60:5c:10:26:f8:53:3e:2f:ef:92:52:c5:85:7e:
81:a3:dc:89:d4:5c:50:47:37:e0:7a:d9:3d:24:47:22:21:1f:
8c:1f:10:36:bf:51:0d:c6:94:fc:b8:33:57:9c:17:7f:b7:8b:
3f:fb:69:00:f8:55:3c:b4:a2:f9:20:e0:2e:22:72:60:8a:d7:
41:ff:28:67:1b:25:28:d5:f1:20:02:bd:2c:69:3f:78:cf:0b:
c9:3b:d9:cf:ec:d9:94:04:35:f3:73:fe:fb:63:31:b9:7a:3c:
b0:36:d6:10:79:6e:dd:04:40:49:c7:5f:6d:5b:1a:76:5e:41:
69:f8:b1:95:1b:e6:a9:ac:a2:e7:1f:b6:be:24:31:21:06:72:
82:b3:1c:85:50:14:74:51:a7:c2:20:a2:85:de:93:b8:26:39:
93:3f:16:f6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB4AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD
NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDkw
MjUzNTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE5OEFEM0ZERjI5MTI0
RDVBRERGNkE1QUI0QzA4RTlDQTM4QjI2RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDx/TejyH5K9xovF08TtT9yeS0SEuvoWN9rIz2xTzoVmWC+BYz+
kVnUYfJJ5KZxXdcG5U++YGJNEfOq+IsTTrWDb16B0rWqQbX6cXgdBugEoDQWaJrr
11lXX4GPySgLk6EzkBdVogiRJt21gqCAXtRqva/T+4VYxHQ3MgH6q1Jj8g7gg3MY
gbAE5R7UYgKgc/OdnSZTJaaRak7rOfEYgGyKp7X7/t3drqMJkJJ0uN0KbwP/Uolu
ewolNedRFpWzVe1DE4p3w1sio4lH/GjFI7z+A3mkuCXvesNKCd+M8uF6EMnO8XNm
szn4uYYCDWcUMKuD4fp/cklghlCnNx/cI2MvAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUGYrT/fKRJNWt32patMCOnKOLJuMwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp
FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvR1lyVF9mS1JKTld0
MzJwYXRNQ09uS09MSnVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWcCnDANBgkqhkiG9w0BAQsFAAOCAQEAn3KElPcWTPpOUrIW7VVWU/X0ORs5
7TlYhOpoBDUW6hAAt2xWGJYXQByTDpyq/F7n+cOsGw8TRc++NlIFv1ct5jIlMUQB
MXm1J8d9s12ovWOtkqSZkQek7EnRhbb6w2BcECb4Uz4v75JSxYV+gaPcidRcUEc3
4HrZPSRHIiEfjB8QNr9RDcaU/LgzV5wXf7eLP/tpAPhVPLSi+SDgLiJyYIrXQf8o
ZxslKNXxIAK9LGk/eM8LyTvZz+zZlAQ183P++2MxuXo8sDbWEHlu3QRAScdfbVsa
dl5BafixlRvmqayi5x+2viQxIQZygrMchVAUdFGnwiCihd6TuCY5kz8W9g==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:49 2025 by rpki-client