Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/HM-rbF7kBXZEsJU00RK5ZvlSZD4.roa
File: HM-rbF7kBXZEsJU00RK5ZvlSZD4.roa (raw, json)
Hash identifier: MhRqTjxaospsRWP7OmJtIDtw73YLAXeIc5MK7KzZfFU=
Subject key identifier: 1C:CF:AB:6C:5E:E4:05:76:44:B0:95:34:D1:12:B9:66:F9:52:64:3E
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 101F
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/HM-rbF7kBXZEsJU00RK5ZvlSZD4.roa
Signing time: Wed 05 Feb 2025 09:37:08 +0000
ROA not before: Wed 05 Feb 2025 09:37:08 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 101.232.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4127 (0x101f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Feb 5 09:37:08 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1CCFAB6C5EE4057644B09534D112B966F952643E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e2:37:bf:fb:4b:ae:13:73:59:64:db:bb:73:
02:b6:ad:9c:26:06:82:2f:a2:74:7e:e9:d2:22:06:
65:5f:5e:8f:f8:92:b9:05:ea:aa:6d:ad:1f:4d:b3:
a5:fc:9d:6c:c6:05:86:00:d3:88:6b:c8:db:65:57:
05:ea:d8:c9:26:00:ab:13:3c:46:0d:99:55:b6:aa:
1a:c3:39:10:a7:0c:cc:d8:39:92:07:19:00:2e:46:
81:d9:4f:9c:c9:c4:ac:05:4d:83:e2:05:30:6f:84:
b9:c2:51:e0:f6:25:da:cb:8b:c6:3b:5c:23:d0:2c:
71:27:82:6b:47:26:b3:6f:14:82:07:23:bc:b8:d1:
a9:40:85:6f:02:c8:b7:2e:43:54:0e:d3:e7:03:33:
25:a3:bf:8a:a5:39:46:fc:ff:31:41:d7:d7:e9:2a:
ea:cc:37:d1:28:f4:66:9e:9c:15:01:d9:18:69:c4:
ca:83:5c:77:c2:58:ce:84:6e:54:4c:bb:49:df:ec:
ad:cb:2b:a5:d8:ab:f8:e9:72:f1:aa:e0:75:b7:c0:
bd:d9:22:04:a8:71:c8:9c:22:d8:d8:f7:3c:53:99:
cb:4c:6b:fb:8d:f3:c4:ed:33:20:ff:93:dc:05:45:
60:75:50:84:07:c5:d7:87:6d:63:a1:ec:43:18:f2:
34:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CF:AB:6C:5E:E4:05:76:44:B0:95:34:D1:12:B9:66:F9:52:64:3E
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/HM-rbF7kBXZEsJU00RK5ZvlSZD4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.232.48.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:63:13:d4:d7:9c:8b:b3:ee:2c:d4:99:96:d2:65:0c:dd:60:
a1:d4:a2:94:d7:cb:1e:ad:9e:11:c0:3b:7e:66:f8:2c:e0:33:
33:48:34:14:8d:f3:57:f9:f5:ee:ff:25:8e:35:cd:43:1f:c3:
bc:a6:c4:9d:32:b0:30:50:d4:26:0e:ea:eb:88:33:f9:8f:73:
a9:6c:32:d6:d3:e9:f5:89:2d:5d:fa:f0:58:87:6d:ed:0a:db:
54:dc:90:07:4d:c3:6d:64:e4:8f:15:0b:4c:7f:d5:a8:17:29:
a4:12:ba:4c:d7:f7:38:e6:eb:8a:bd:da:1a:50:4f:f5:c6:1d:
31:39:30:5d:ae:11:b5:d5:90:ed:a3:3c:2c:d7:49:52:4c:c4:
a5:cf:dd:3a:dd:83:d2:1d:c0:ef:71:04:b9:1a:95:80:57:5b:
e0:2f:09:33:6d:b7:68:84:f9:25:fe:f3:c6:16:67:8f:cc:73:
bf:59:47:e4:c4:e5:6a:45:2e:9b:a8:28:51:e9:ea:49:4f:1a:
83:e4:9e:4d:cd:28:67:3c:3a:97:9e:60:18:c5:57:e9:fe:12:
eb:6f:c0:9e:23:c8:b6:1d:c8:3d:10:84:7c:ec:8a:b5:e9:88:
7d:3a:2a:a6:8c:9a:85:8a:91:e1:43:84:af:ef:0a:48:5c:71:
e4:e6:29:7c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEB8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAyMDUw
OTM3MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFDQ0ZBQjZDNUVFNDA1
NzY0NEIwOTUzNEQxMTJCOTY2Rjk1MjY0M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp4je/+0uuE3NZZNu7cwK2rZwmBoIvonR+6dIiBmVfXo/4krkF
6qptrR9Ns6X8nWzGBYYA04hryNtlVwXq2MkmAKsTPEYNmVW2qhrDORCnDMzYOZIH
GQAuRoHZT5zJxKwFTYPiBTBvhLnCUeD2JdrLi8Y7XCPQLHEngmtHJrNvFIIHI7y4
0alAhW8CyLcuQ1QO0+cDMyWjv4qlOUb8/zFB19fpKurMN9Eo9GaenBUB2RhpxMqD
XHfCWM6EblRMu0nf7K3LK6XYq/jpcvGq4HW3wL3ZIgSoccicItjY9zxTmctMa/uN
88TtMyD/k9wFRWB1UIQHxdeHbWOh7EMY8jQLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHM+rbF7kBXZEsJU00RK5ZvlSZD4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0hNLXJiRjdrQlhaRXNK
VTAwUks1WnZsU1pENC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJl6DAwDQYJKoZIhvcNAQELBQADggEBAMdjE9TXnIuz7izUmZbSZQzdYKHUopTX
yx6tnhHAO35m+CzgMzNINBSN81f59e7/JY41zUMfw7ymxJ0ysDBQ1CYO6uuIM/mP
c6lsMtbT6fWJLV368FiHbe0K21TckAdNw21k5I8VC0x/1agXKaQSukzX9zjm64q9
2hpQT/XGHTE5MF2uEbXVkO2jPCzXSVJMxKXP3Trdg9IdwO9xBLkalYBXW+AvCTNt
t2iE+SX+88YWZ4/Mc79ZR+TE5WpFLpuoKFHp6klPGoPknk3NKGc8OpeeYBjFV+n+
EutvwJ4jyLYdyD0QhHzsirXpiH06KqaMmoWKkeFDhK/vCkhcceTmKXw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:32 2025 by rpki-client