Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/J0Eit9M8oX-dXrjuEPLEleMTw7c.roa
File: J0Eit9M8oX-dXrjuEPLEleMTw7c.roa (raw, json)
Hash identifier: HH13ZOHrTgCPJ7hLsv6B9bsGLylGyXcpE7EUKOMfwtU=
Subject key identifier: 27:41:22:B7:D3:3C:A1:7F:9D:5E:B8:EE:10:F2:C4:95:E3:13:C3:B7
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 094A
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/J0Eit9M8oX-dXrjuEPLEleMTw7c.roa
Signing time: Fri 17 Jan 2025 01:23:45 +0000
ROA not before: Fri 17 Jan 2025 01:23:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.64.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 07:25:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2378 (0x94a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=274122B7D33CA17F9D5EB8EE10F2C495E313C3B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:79:cd:98:fe:05:5d:05:41:98:06:c8:1d:84:
a2:7a:ee:93:80:6f:84:00:a1:7a:37:c8:32:68:1c:
89:c3:6e:4c:10:76:c7:de:c4:d3:cf:ba:b6:9c:2a:
b9:d8:7e:d2:ee:4b:0c:16:22:13:07:82:9b:53:e5:
0b:25:54:80:7f:1c:4e:82:b1:c5:a4:10:02:de:4f:
8a:d7:d6:c4:34:c1:57:f1:f0:de:5e:4f:61:05:6f:
dd:07:1f:9e:22:dc:81:ed:a0:d3:91:4a:3b:c5:98:
b9:f7:01:50:0a:0e:71:97:a3:05:da:01:f8:37:44:
36:d6:54:6d:70:87:9d:32:cc:31:8b:98:45:21:e6:
30:1c:33:3f:f4:f9:ed:c2:03:40:f7:e9:b0:d5:04:
83:21:54:c9:99:5a:5a:aa:c7:c4:db:6d:63:55:c7:
7f:a6:1e:a9:36:da:0e:bd:d1:76:44:f1:38:52:73:
87:81:15:ee:54:cc:55:c5:c1:85:bc:fe:92:f4:33:
e9:79:d9:b7:c9:4c:f9:7b:45:43:84:28:47:72:92:
4a:47:cb:3a:ea:c0:bc:48:a9:b3:b0:10:71:ab:da:
dd:bd:cf:e4:d2:6d:f0:79:c7:3e:e1:1b:22:fc:80:
21:da:1e:e3:2a:cf:cd:a9:ad:fd:9c:68:8c:5c:3c:
ca:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:41:22:B7:D3:3C:A1:7F:9D:5E:B8:EE:10:F2:C4:95:E3:13:C3:B7
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/J0Eit9M8oX-dXrjuEPLEleMTw7c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.64.0/21
Signature Algorithm: sha256WithRSAEncryption
00:9e:89:37:95:46:38:47:cb:8f:c2:da:43:88:82:60:e5:cf:
bb:9a:e8:3a:a2:c4:9f:ae:e0:d5:16:c3:c5:3a:9e:b2:41:d1:
f6:b5:84:69:65:00:91:bf:fe:1a:08:89:e2:d9:c3:4e:b9:26:
c2:a6:b1:c1:46:09:8e:e1:c0:3c:1e:47:e1:d0:04:11:35:e5:
00:20:b9:7a:26:77:c8:44:bb:63:2e:e6:b9:5e:24:80:68:ab:
c8:86:69:83:7f:71:01:f8:e9:8b:8a:d0:e2:99:db:28:7d:dc:
7b:71:4e:f9:b9:de:a9:6b:9a:18:27:42:5b:0b:aa:20:7f:89:
a7:0e:79:6c:98:2f:69:4a:39:4f:ec:12:4d:2c:ec:55:89:49:
64:b6:02:21:8d:ce:f9:c6:c8:62:57:38:b6:d9:16:d4:de:09:
35:e2:a1:8c:1d:c0:78:a4:a0:74:39:71:cd:d5:90:80:1a:f8:
87:10:b2:4e:4f:e5:b7:4b:a7:fc:a3:94:f6:8d:ab:e2:e1:b7:
46:de:57:07:b0:0f:82:61:18:11:2e:cd:d1:50:df:65:9e:72:
58:74:35:81:c8:ca:7d:36:0e:34:35:24:6e:81:d6:1b:4b:9b:
61:99:33:15:82:d6:43:c9:49:ee:a8:98:c1:b2:37:f5:45:7f:
b1:3d:56:39
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI3NDEyMkI3RDMzQ0Ex
N0Y5RDVFQjhFRTEwRjJDNDk1RTMxM0MzQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfec2Y/gVdBUGYBsgdhKJ67pOAb4QAoXo3yDJoHInDbkwQdsfe
xNPPuracKrnYftLuSwwWIhMHgptT5QslVIB/HE6CscWkEALeT4rX1sQ0wVfx8N5e
T2EFb90HH54i3IHtoNORSjvFmLn3AVAKDnGXowXaAfg3RDbWVG1wh50yzDGLmEUh
5jAcMz/0+e3CA0D36bDVBIMhVMmZWlqqx8TbbWNVx3+mHqk22g690XZE8ThSc4eB
Fe5UzFXFwYW8/pL0M+l52bfJTPl7RUOEKEdykkpHyzrqwLxIqbOwEHGr2t29z+TS
bfB5xz7hGyL8gCHaHuMqz82prf2caIxcPMqRAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUJ0Eit9M8oX+dXrjuEPLEleMTw7cwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvSjBFaXQ5TThvWC1kWHJqdUVQ
TEVsZU1UdzdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
QDANBgkqhkiG9w0BAQsFAAOCAQEAAJ6JN5VGOEfLj8LaQ4iCYOXPu5roOqLEn67g
1RbDxTqeskHR9rWEaWUAkb/+GgiJ4tnDTrkmwqaxwUYJjuHAPB5H4dAEETXlACC5
eiZ3yES7Yy7muV4kgGiryIZpg39xAfjpi4rQ4pnbKH3ce3FO+bneqWuaGCdCWwuq
IH+Jpw55bJgvaUo5T+wSTSzsVYlJZLYCIY3O+cbIYlc4ttkW1N4JNeKhjB3AeKSg
dDlxzdWQgBr4hxCyTk/lt0un/KOU9o2r4uG3Rt5XB7APgmEYES7N0VDfZZ5yWHQ1
gcjKfTYONDUkboHWG0ubYZkzFYLWQ8lJ7qiYwbI39UV/sT1WOQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:34 2025 by rpki-client