Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/7dwFTaTxwHgxAcCNnTEmg-LAKfM.roa
File: 7dwFTaTxwHgxAcCNnTEmg-LAKfM.roa (raw, json)
Hash identifier: Bm/1TaO2T8yDt53J5WPahcDtEh1VvsidGJoUogD5bcI=
Subject key identifier: ED:DC:05:4D:A4:F1:C0:78:31:01:C0:8D:9D:31:26:83:E2:C0:29:F3
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 101D
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/7dwFTaTxwHgxAcCNnTEmg-LAKfM.roa
Signing time: Wed 05 Feb 2025 09:36:56 +0000
ROA not before: Wed 05 Feb 2025 09:36:56 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 101.232.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 10:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4125 (0x101d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Feb 5 09:36:56 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=EDDC054DA4F1C0783101C08D9D312683E2C029F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a2:a3:55:1b:8c:8b:58:f5:4d:36:58:ab:5c:
a5:18:90:74:98:58:92:58:ef:ac:98:d9:4e:3d:e9:
70:40:2b:62:bb:38:51:ba:ca:9e:ad:d0:3a:12:10:
f5:54:53:56:0a:bc:21:d6:b4:38:15:cb:1f:f8:ec:
5a:c9:24:90:42:42:45:ac:1d:ba:76:b6:bc:49:b7:
f9:8f:44:f8:d8:46:19:7e:c9:91:c4:41:ab:61:b5:
4a:c6:86:04:ae:a6:2a:05:93:ae:19:31:79:9e:37:
44:13:e9:a6:17:ac:62:cf:de:d2:a5:92:13:92:b6:
29:e5:bc:92:90:8f:20:71:8f:67:00:24:f9:31:26:
fd:d7:3a:18:fc:c9:25:25:06:2b:97:00:22:8c:71:
f8:ea:56:92:d6:3a:24:62:5c:ac:9b:52:a0:d9:58:
d0:49:40:21:2a:54:18:76:c5:27:2a:2b:89:ef:21:
6d:47:01:af:fa:00:c7:dc:99:85:bb:27:38:90:54:
48:e7:5f:0f:2e:a5:39:4c:f0:1e:cd:8f:5c:40:37:
53:38:5b:28:0b:6b:2b:3b:7f:11:8a:0d:51:42:27:
6b:ec:72:c9:92:ba:93:dc:2a:ff:27:79:96:eb:05:
df:fc:3b:33:55:da:5d:bc:f9:80:1a:2b:74:f4:9d:
ae:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:DC:05:4D:A4:F1:C0:78:31:01:C0:8D:9D:31:26:83:E2:C0:29:F3
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/7dwFTaTxwHgxAcCNnTEmg-LAKfM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.232.40.0/22
Signature Algorithm: sha256WithRSAEncryption
80:1a:ab:d1:a1:69:e1:70:9b:e7:88:21:71:7e:94:f4:5a:9a:
54:76:2f:ab:1b:84:8d:13:2e:2d:82:65:24:15:1b:8b:2f:5e:
1b:7e:34:98:bc:99:f4:a6:05:7c:ec:12:a7:a6:07:04:36:f3:
85:04:53:65:ef:4c:59:46:4c:03:4d:24:ea:63:1c:65:4d:53:
cf:67:ce:aa:a3:cd:16:1f:95:d5:80:fb:5e:84:8e:56:5e:7f:
98:61:64:62:5b:e0:bd:54:bd:27:67:e4:53:24:f6:cb:96:8c:
86:e6:89:7e:87:c7:67:2b:bb:a0:e8:3a:65:d3:28:38:11:f5:
9c:a0:4d:3c:93:06:29:40:07:cb:d0:ae:18:fa:43:7b:b2:88:
b7:ec:51:26:80:c6:03:f2:79:b8:8d:73:4d:6d:08:18:de:c9:
3f:e8:17:d7:e0:71:5c:91:cb:ce:48:62:54:e9:78:3b:75:1d:
fe:24:35:46:21:94:54:8c:43:98:12:f9:bd:8a:6a:41:ff:e8:
40:54:a5:e4:f1:36:c6:1d:06:fe:7f:32:4b:e1:fb:05:b4:40:
29:0e:23:3a:e8:f9:e8:32:df:30:09:6c:1f:46:dd:ba:db:6b:
42:96:73:06:66:44:89:6b:44:c8:06:41:44:a2:e1:d2:77:13:
f3:24:c3:eb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEB0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAyMDUw
OTM2NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVEREMwNTREQTRGMUMw
NzgzMTAxQzA4RDlEMzEyNjgzRTJDMDI5RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuoqNVG4yLWPVNNlirXKUYkHSYWJJY76yY2U496XBAK2K7OFG6
yp6t0DoSEPVUU1YKvCHWtDgVyx/47FrJJJBCQkWsHbp2trxJt/mPRPjYRhl+yZHE
QathtUrGhgSupioFk64ZMXmeN0QT6aYXrGLP3tKlkhOStinlvJKQjyBxj2cAJPkx
Jv3XOhj8ySUlBiuXACKMcfjqVpLWOiRiXKybUqDZWNBJQCEqVBh2xScqK4nvIW1H
Aa/6AMfcmYW7JziQVEjnXw8upTlM8B7Nj1xAN1M4WygLays7fxGKDVFCJ2vscsmS
upPcKv8neZbrBd/8OzNV2l28+YAaK3T0na6hAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7dwFTaTxwHgxAcCNnTEmg+LAKfMwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzdkd0ZUYVR4d0hneEFj
Q05uVEVtZy1MQUtmTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJl6CgwDQYJKoZIhvcNAQELBQADggEBAIAaq9GhaeFwm+eIIXF+lPRamlR2L6sb
hI0TLi2CZSQVG4svXht+NJi8mfSmBXzsEqemBwQ284UEU2XvTFlGTANNJOpjHGVN
U89nzqqjzRYfldWA+16EjlZef5hhZGJb4L1UvSdn5FMk9suWjIbmiX6Hx2cru6Do
OmXTKDgR9ZygTTyTBilAB8vQrhj6Q3uyiLfsUSaAxgPyebiNc01tCBjeyT/oF9fg
cVyRy85IYlTpeDt1Hf4kNUYhlFSMQ5gS+b2KakH/6EBUpeTxNsYdBv5/Mkvh+wW0
QCkOIzro+egy3zAJbB9G3brba0KWcwZmRIlrRMgGQUSi4dJ3E/Mkw+s=
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:01:15 2025 by rpki-client