Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/3xej66Hd16SZn15JklVT56ZP9mA.roa
File: 3xej66Hd16SZn15JklVT56ZP9mA.roa (raw, json)
Hash identifier: nG5wB+He4j9PUwBMQhL+vAx/AC+HDeUiunIB8jvS6zA=
Subject key identifier: DF:17:A3:EB:A1:DD:D7:A4:99:9F:5E:49:92:55:53:E7:A6:4F:F6:60
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0E8E
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3xej66Hd16SZn15JklVT56ZP9mA.roa
Signing time: Thu 21 Nov 2024 04:34:26 +0000
ROA not before: Thu 21 Nov 2024 04:34:26 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 119.59.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 07:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3726 (0xe8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Nov 21 04:34:26 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DF17A3EBA1DDD7A4999F5E49925553E7A64FF660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:61:f6:66:dc:9b:77:d0:df:c8:49:fd:61:ab:
93:8b:ed:ae:d2:70:d0:43:49:04:dd:a6:7a:c5:da:
e8:ea:9e:e8:1c:38:22:38:d7:be:f8:db:2b:81:69:
84:bd:c0:55:26:b6:a8:95:77:76:c3:61:15:20:a2:
d6:12:99:c9:a2:8d:c2:b1:d8:a4:45:16:5b:96:46:
43:59:d2:1e:77:b1:fa:5a:45:06:0d:68:37:24:55:
ac:11:ad:61:f3:7d:25:1a:71:33:bd:f6:6d:77:cf:
ff:2a:b0:f5:b7:94:e8:de:49:55:3e:58:df:b8:c0:
11:33:d5:bc:05:71:9a:77:2a:d0:e7:17:5f:27:ed:
d8:89:49:50:98:a3:63:49:a3:53:e2:f0:7d:9e:79:
f0:91:2e:0f:35:4c:0d:c0:24:bd:1b:90:12:39:d7:
06:41:73:b2:7f:bf:db:7f:2a:2e:53:ca:9c:18:a0:
3e:83:71:7b:16:e3:a9:2f:7a:1a:ff:e4:85:89:24:
d4:b7:1f:f3:08:3b:cd:e5:44:b9:c8:7b:5a:ef:7d:
50:73:5a:83:e5:3e:04:90:37:61:d5:72:d1:79:65:
87:fb:2c:36:27:01:0b:c4:43:4a:84:5b:75:19:82:
4e:9f:e0:bc:ab:1c:02:4e:2b:45:1e:ae:73:c3:13:
a8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:17:A3:EB:A1:DD:D7:A4:99:9F:5E:49:92:55:53:E7:A6:4F:F6:60
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3xej66Hd16SZn15JklVT56ZP9mA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
11:b4:0e:37:af:79:8c:4c:23:40:6f:be:78:f4:d9:da:57:78:
41:57:2b:a1:18:69:9c:dc:2b:25:06:e8:25:ee:b3:19:29:ea:
21:76:9e:27:df:d1:cf:fb:ea:d1:7d:c4:92:12:e1:aa:5a:6e:
f5:b8:7e:7c:ba:fc:03:f9:05:79:27:2c:44:87:26:55:8b:aa:
46:d0:92:36:97:86:1a:c2:6c:60:8a:9b:05:86:7f:45:6d:cd:
01:85:d1:eb:99:0e:c4:be:67:6f:8e:5c:cb:54:4a:8c:fd:63:
af:36:06:9f:04:08:b1:9c:ac:44:62:fe:49:08:2f:57:3c:10:
94:16:48:bb:96:65:0a:56:92:88:ea:81:8a:50:7c:4a:45:cb:
d8:6b:75:ae:d9:4e:b4:8f:08:91:9a:9e:45:0c:b1:05:72:43:
a7:86:e8:fa:96:05:4a:5e:95:f1:6c:59:d4:97:22:0b:e0:9a:
43:67:5e:9d:56:64:97:b7:44:14:40:1e:32:9d:27:5b:5d:9b:
31:5c:5a:73:b0:4c:6b:a8:70:8c:9d:db:43:44:03:b0:30:cd:
90:84:3c:03:12:28:06:96:25:98:b1:94:19:73:82:33:37:9c:
6b:ae:e8:13:9c:38:45:2f:36:70:8e:27:93:c8:02:c8:1e:48:
d7:d9:58:1d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDExMjEw
NDM0MjZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERGMTdBM0VCQTFEREQ3
QTQ5OTlGNUU0OTkyNTU1M0U3QTY0RkY2NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWYfZm3Jt30N/ISf1hq5OL7a7ScNBDSQTdpnrF2ujqnugcOCI4
17742yuBaYS9wFUmtqiVd3bDYRUgotYSmcmijcKx2KRFFluWRkNZ0h53sfpaRQYN
aDckVawRrWHzfSUacTO99m13z/8qsPW3lOjeSVU+WN+4wBEz1bwFcZp3KtDnF18n
7diJSVCYo2NJo1Pi8H2eefCRLg81TA3AJL0bkBI51wZBc7J/v9t/Ki5TypwYoD6D
cXsW46kvehr/5IWJJNS3H/MIO83lRLnIe1rvfVBzWoPlPgSQN2HVctF5ZYf7LDYn
AQvEQ0qEW3UZgk6f4LyrHAJOK0UernPDE6izAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3xej66Hd16SZn15JklVT56ZP9mAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzN4ZWo2NkhkMTZTWm4x
NUprbFZUNTZaUDltQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ3O+gwDQYJKoZIhvcNAQELBQADggEBABG0DjeveYxMI0Bvvnj02dpXeEFXK6EY
aZzcKyUG6CXusxkp6iF2niff0c/76tF9xJIS4apabvW4fny6/AP5BXknLESHJlWL
qkbQkjaXhhrCbGCKmwWGf0VtzQGF0euZDsS+Z2+OXMtUSoz9Y682Bp8ECLGcrERi
/kkIL1c8EJQWSLuWZQpWkojqgYpQfEpFy9hrda7ZTrSPCJGankUMsQVyQ6eG6PqW
BUpelfFsWdSXIgvgmkNnXp1WZJe3RBRAHjKdJ1tdmzFcWnOwTGuocIyd20NEA7Aw
zZCEPAMSKAaWJZixlBlzgjM3nGuu6BOcOEUvNnCOJ5PIAsgeSNfZWB0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:47 2025 by rpki-client