Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/OOHb7fEqNGCecQP8l1m8lLm_e8w.roa
File: OOHb7fEqNGCecQP8l1m8lLm_e8w.roa (raw, json)
Hash identifier: R8aJNoVx2abIHjsvX7uqnSvLRuHvp5AsZUHZ1DipeJ4=
Subject key identifier: 38:E1:DB:ED:F1:2A:34:60:9E:71:03:FC:97:59:BC:94:B9:BF:7B:CC
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0FAE
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/OOHb7fEqNGCecQP8l1m8lLm_e8w.roa
Signing time: Fri 17 Jan 2025 01:27:52 +0000
ROA not before: Fri 17 Jan 2025 01:27:52 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 34549
IP address blocks: 123.98.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:42:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4014 (0xfae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jan 17 01:27:52 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=38E1DBEDF12A34609E7103FC9759BC94B9BF7BCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5e:9e:5a:1e:d9:e9:6b:da:0a:c4:1c:d4:b3:
a4:c6:a3:88:94:a4:43:32:ca:07:34:37:67:e5:f4:
b8:ce:de:6b:9f:51:7f:e1:91:9f:d3:78:1b:a4:3c:
87:45:89:c5:e9:9d:1a:4f:3a:06:21:17:0a:e3:22:
7c:04:a6:78:09:ea:bf:3f:d0:a4:37:e3:82:1d:6e:
44:b8:d4:43:b0:67:1d:1f:75:22:e5:95:7a:cd:43:
82:04:1b:b3:f8:6b:79:8f:a6:80:cc:3e:59:85:b3:
93:f3:62:ea:17:d3:d3:ad:37:1c:7c:f3:df:d1:d5:
1a:4e:08:41:4f:34:9b:d5:e2:9c:4c:33:73:1c:ec:
34:66:29:66:4a:49:eb:74:f2:a1:00:b6:88:cc:4f:
91:91:ab:ac:a2:79:4f:fd:3a:02:1f:89:22:e4:0e:
7d:77:6f:81:40:dc:45:2f:ce:34:e2:c8:17:12:fc:
55:89:6f:9c:7d:02:11:ed:04:f0:93:07:a2:07:40:
cb:f0:f3:18:33:9e:17:b1:cc:41:de:fe:6b:87:53:
26:3d:5c:79:14:1b:f7:a1:27:d7:a6:1b:43:db:1d:
ed:7d:c7:11:78:80:f0:6d:a6:b2:b3:12:ef:dc:eb:
3c:3d:f6:88:35:7f:df:2c:6a:ac:bf:99:e5:4f:cb:
95:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E1:DB:ED:F1:2A:34:60:9E:71:03:FC:97:59:BC:94:B9:BF:7B:CC
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/OOHb7fEqNGCecQP8l1m8lLm_e8w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.72.0/22
Signature Algorithm: sha256WithRSAEncryption
dc:fa:9b:94:05:cd:ac:b0:23:8f:0f:96:e5:cd:d8:1b:bd:f6:
ed:c5:bb:f0:c1:43:eb:f1:b3:ef:21:df:64:d9:5e:77:1c:fe:
5e:c5:98:63:40:97:8d:af:d1:dc:99:5c:23:b7:30:9f:52:41:
ab:e1:86:39:13:00:d3:80:c2:83:fe:f0:c6:46:81:64:56:11:
83:36:b6:36:ec:f3:56:05:53:08:54:02:72:00:b3:da:a5:3c:
6c:54:08:05:4e:00:6b:c8:55:28:52:d7:2a:0e:6e:a8:06:2b:
4f:17:41:69:1b:b5:e0:41:28:c5:a8:0a:c4:b5:ea:84:15:05:
11:76:4b:30:54:1f:1a:9a:cd:35:43:cf:a1:20:94:6d:95:63:
e6:d7:06:75:7c:02:e6:42:80:90:01:f0:ef:f6:25:6d:a8:b3:
61:16:a4:d3:2b:ad:15:2d:52:b7:88:40:2f:4b:bd:6b:af:7e:
fe:7b:b7:a5:29:3a:a5:97:b1:be:6c:17:93:10:7b:bd:2d:99:
a3:60:ac:1c:36:f6:76:f6:a9:96:a5:41:ac:ef:39:1e:38:67:
c9:b8:30:78:c0:4a:59:a5:25:30:e9:d2:e7:ac:7f:86:36:30:
97:d3:88:d0:4a:01:79:5a:18:da:39:da:5d:c9:73:1e:2e:22:
47:ea:be:87
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICD64wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAxMTcw
MTI3NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM4RTFEQkVERjEyQTM0
NjA5RTcxMDNGQzk3NTlCQzk0QjlCRjdCQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+Xp5aHtnpa9oKxBzUs6TGo4iUpEMyygc0N2fl9LjO3mufUX/h
kZ/TeBukPIdFicXpnRpPOgYhFwrjInwEpngJ6r8/0KQ344IdbkS41EOwZx0fdSLl
lXrNQ4IEG7P4a3mPpoDMPlmFs5PzYuoX09OtNxx889/R1RpOCEFPNJvV4pxMM3Mc
7DRmKWZKSet08qEAtojMT5GRq6yieU/9OgIfiSLkDn13b4FA3EUvzjTiyBcS/FWJ
b5x9AhHtBPCTB6IHQMvw8xgznhexzEHe/muHUyY9XHkUG/ehJ9emG0PbHe19xxF4
gPBtprKzEu/c6zw99og1f98saqy/meVPy5WbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOOHb7fEqNGCecQP8l1m8lLm/e8wwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL09PSGI3ZkVxTkdDZWNR
UDhsMW04bExtX2U4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YkgwDQYJKoZIhvcNAQELBQADggEBANz6m5QFzaywI48PluXN2Bu99u3Fu/DB
Q+vxs+8h32TZXncc/l7FmGNAl42v0dyZXCO3MJ9SQavhhjkTANOAwoP+8MZGgWRW
EYM2tjbs81YFUwhUAnIAs9qlPGxUCAVOAGvIVShS1yoObqgGK08XQWkbteBBKMWo
CsS16oQVBRF2SzBUHxqazTVDz6EglG2VY+bXBnV8AuZCgJAB8O/2JW2os2EWpNMr
rRUtUreIQC9LvWuvfv57t6UpOqWXsb5sF5MQe70tmaNgrBw29nb2qZalQazvOR44
Z8m4MHjASlmlJTDp0uesf4Y2MJfTiNBKAXlaGNo52l3Jcx4uIkfqvoc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:55:11 2025 by rpki-client