Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/338/DSOCImhj9vfwhELJuqeqId9TwWg.roa
File: DSOCImhj9vfwhELJuqeqId9TwWg.roa (raw, json)
Hash identifier: lt9UsxrEfk/SwaLPVB16rDrGJ+vPVUiAzFlF7Mc88Jo=
Subject key identifier: 0D:23:82:22:68:63:F6:F7:F0:84:42:C9:BA:A7:AA:21:DF:53:C1:68
Certificate issuer: /CN=898FCD881F2DAD951ADC31E481C4EDC820931AD3
Certificate serial: 1A82
Authority key identifier: 89:8F:CD:88:1F:2D:AD:95:1A:DC:31:E4:81:C4:ED:C8:20:93:1A:D3
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iY_NiB8trZUa3DHkgcTtyCCTGtM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/DSOCImhj9vfwhELJuqeqId9TwWg.roa
Signing time: Mon 07 Jul 2025 09:15:48 +0000
ROA not before: Mon 07 Jul 2025 09:15:48 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 45061
IP address blocks: 2400:8201::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 07 Jul 2025 10:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6786 (0x1a82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898FCD881F2DAD951ADC31E481C4EDC820931AD3
Validity
Not Before: Jul 7 09:15:48 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=0D2382226863F6F7F08442C9BAA7AA21DF53C168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:58:75:8d:b8:3a:85:7d:79:61:90:de:0e:7f:
05:d7:ec:95:3c:6b:29:13:cb:24:7d:aa:23:d1:11:
2e:cf:9f:e8:ad:ce:a7:2a:e8:2f:1f:b2:e3:72:07:
02:0b:92:9b:ee:cf:c1:af:74:c3:1d:94:59:d8:99:
db:ff:79:1e:28:78:7e:65:76:fa:9a:43:e0:b7:06:
c5:c7:fa:ac:ee:5f:9f:77:3e:3a:9d:e4:63:d9:e6:
57:96:02:11:f9:99:8d:36:8a:5d:89:a7:0e:00:d6:
46:43:91:1f:e8:06:0d:5d:03:d3:a8:9f:d1:f7:6c:
a5:f5:54:3d:3a:80:26:da:1f:61:37:72:37:9e:5e:
46:8e:ed:a3:3f:75:6c:d3:b4:cd:7a:3c:fe:1b:9b:
9c:13:17:68:b8:c9:19:2e:09:b3:68:63:e3:a9:14:
d8:10:ea:2f:c6:f0:6f:58:11:8a:49:81:c2:ac:4d:
3e:37:a8:7a:d4:46:60:26:96:2b:3b:2d:8d:f0:b4:
f4:0b:39:3f:c7:9b:2d:2a:5c:0e:8b:49:73:d3:0c:
f0:0f:86:cf:7b:f5:f6:9c:85:be:c4:ac:57:77:ce:
e3:50:2b:95:76:69:03:d6:e9:04:93:2c:36:82:b8:
15:a0:c6:ab:0b:6d:a6:04:f2:f2:0e:14:27:e6:48:
3c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:23:82:22:68:63:F6:F7:F0:84:42:C9:BA:A7:AA:21:DF:53:C1:68
X509v3 Authority Key Identifier:
keyid:89:8F:CD:88:1F:2D:AD:95:1A:DC:31:E4:81:C4:ED:C8:20:93:1A:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/iY_NiB8trZUa3DHkgcTtyCCTGtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iY_NiB8trZUa3DHkgcTtyCCTGtM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/DSOCImhj9vfwhELJuqeqId9TwWg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:8201::/48
Signature Algorithm: sha256WithRSAEncryption
06:cc:0e:fb:25:74:2a:61:81:cc:d5:d6:f7:8a:6c:47:be:1e:
f2:bc:49:1a:c4:66:7e:57:7b:c3:71:6c:72:d4:77:2a:51:7e:
c1:ce:23:61:6d:1d:6d:16:71:1d:90:81:7f:25:a0:76:f8:59:
00:48:eb:cf:ec:6f:50:51:ac:51:7a:90:bf:40:e5:22:1e:b8:
8e:c1:d4:15:81:99:76:14:62:22:8d:3b:9e:9d:0c:3b:d2:88:
36:54:1b:4f:fb:d0:f6:c7:ed:61:5a:3a:92:b0:94:fd:04:4a:
f3:d2:95:e8:8c:68:bf:95:4f:52:9e:22:fa:30:da:eb:c2:53:
19:84:d0:6a:2d:63:2d:4e:cf:70:ce:07:a6:4a:c4:82:00:5d:
87:17:db:56:4a:58:e8:ec:7a:be:99:49:e0:bd:1f:c3:8a:07:
99:a2:d5:94:fd:8b:05:2e:ef:f0:0f:33:1c:a5:eb:08:64:13:
8a:24:d1:f7:e8:b7:b6:1d:21:64:68:13:80:e6:25:52:1a:8c:
c3:3b:07:10:e8:e4:89:d5:76:24:aa:55:d4:4c:cc:f4:e3:d4:
b3:dd:e1:70:7b:19:11:86:a8:ef:fa:c3:2f:df:bf:50:bd:e9:
b5:21:e7:3f:ab:eb:c6:2e:fb:4d:aa:eb:ed:be:6f:80:f6:6c:
2d:49:c2:c4
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICGoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk4
RkNEODgxRjJEQUQ5NTFBREMzMUU0ODFDNEVEQzgyMDkzMUFEMzAeFw0yNTA3MDcw
OTE1NDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBEMjM4MjIyNjg2M0Y2
RjdGMDg0NDJDOUJBQTdBQTIxREY1M0MxNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3WHWNuDqFfXlhkN4OfwXX7JU8aykTyyR9qiPRES7Pn+itzqcq
6C8fsuNyBwILkpvuz8GvdMMdlFnYmdv/eR4oeH5ldvqaQ+C3BsXH+qzuX593Pjqd
5GPZ5leWAhH5mY02il2Jpw4A1kZDkR/oBg1dA9Oon9H3bKX1VD06gCbaH2E3cjee
XkaO7aM/dWzTtM16PP4bm5wTF2i4yRkuCbNoY+OpFNgQ6i/G8G9YEYpJgcKsTT43
qHrURmAmlis7LY3wtPQLOT/Hmy0qXA6LSXPTDPAPhs979fachb7ErFd3zuNQK5V2
aQPW6QSTLDaCuBWgxqsLbaYE8vIOFCfmSDyLAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUDSOCImhj9vfwhELJuqeqId9TwWgwHwYDVR0jBBgwFoAUiY/NiB8trZUa3DHk
gcTtyCCTGtMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM4
L2lZX05pQjh0clpVYTNESGtnY1R0eUNDVEd0TS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaVlfTmlCOHRyWlVhM0RIa2djVHR5Q0NUR3RNLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM4L0RTT0NJbWhqOXZmd2hF
TEp1cWVxSWQ5VHdXZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAkAIIBAAAwDQYJKoZIhvcNAQELBQADggEBAAbMDvsldCphgczV1veKbEe+HvK8
SRrEZn5Xe8NxbHLUdypRfsHOI2FtHW0WcR2QgX8loHb4WQBI68/sb1BRrFF6kL9A
5SIeuI7B1BWBmXYUYiKNO56dDDvSiDZUG0/70PbH7WFaOpKwlP0ESvPSleiMaL+V
T1KeIvow2uvCUxmE0GotYy1Oz3DOB6ZKxIIAXYcX21ZKWOjser6ZSeC9H8OKB5mi
1ZT9iwUu7/APMxyl6whkE4ok0ffot7YdIWRoE4DmJVIajMM7BxDo5InVdiSqVdRM
zPTj1LPd4XB7GRGGqO/6wy/fv1C96bUh5z+r68Yu+02q6+2+b4D2bC1JwsQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:57:54 2025 by rpki-client