Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/Kot2SQzZqE2ZZPz63MpPzO2x9jI.roa
File: Kot2SQzZqE2ZZPz63MpPzO2x9jI.roa (raw, json)
Hash identifier: 40mX2+XbBHV1ks9pTr222smyXbkF7+2mCJyVgpXZtGM=
Subject key identifier: 2A:8B:76:49:0C:D9:A8:4D:99:64:FC:FA:DC:CA:4F:CC:ED:B1:F6:32
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0942
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/Kot2SQzZqE2ZZPz63MpPzO2x9jI.roa
Signing time: Fri 17 Jan 2025 01:23:44 +0000
ROA not before: Fri 17 Jan 2025 01:23:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.144.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 07:25:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2370 (0x942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2A8B76490CD9A84D9964FCFADCCA4FCCEDB1F632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:78:e3:dc:1a:bb:df:5e:4d:5b:10:a6:f5:0b:
eb:cc:51:0d:cc:19:d3:f7:64:48:d2:d4:2a:37:1e:
5f:11:37:b0:6e:a6:74:e3:5c:81:ba:50:ab:41:53:
e4:6d:66:2e:b0:a8:72:e2:24:98:e3:f0:4a:64:95:
b1:f8:0e:44:3b:45:d6:6e:bc:af:2d:42:ef:26:13:
9c:08:2b:9f:85:0f:39:20:2b:90:50:e1:27:57:90:
c6:3a:db:d6:3c:d1:3a:a8:33:4a:91:6d:c1:e0:a9:
1c:44:65:c3:ca:de:93:10:5f:87:7b:29:89:b3:8f:
f7:e0:43:ca:37:58:74:77:a4:f1:31:b2:b1:c8:2a:
ce:d6:09:d5:22:b5:f0:e6:9c:cf:88:8a:c5:30:61:
13:7d:cf:9a:37:17:99:2f:b9:53:69:82:b1:87:69:
0e:1f:f3:a6:2b:80:a9:6b:0f:ee:af:88:ac:38:c5:
52:56:c9:ef:d4:9f:21:c9:66:97:27:09:5e:f5:53:
bb:b1:d1:3c:13:b8:1c:b4:94:5a:ce:60:38:2d:67:
70:e6:ca:00:5a:5c:3b:d0:ab:b3:e7:1c:3f:3b:bb:
e5:da:84:f5:e2:d6:82:d7:66:a0:d9:fe:44:24:80:
e4:37:79:5c:ab:00:53:7c:65:07:00:f8:6b:d3:39:
d6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8B:76:49:0C:D9:A8:4D:99:64:FC:FA:DC:CA:4F:CC:ED:B1:F6:32
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/Kot2SQzZqE2ZZPz63MpPzO2x9jI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.144.0/21
Signature Algorithm: sha256WithRSAEncryption
d6:c6:bf:81:93:be:ce:bd:fd:06:4a:eb:cc:b5:57:e8:ec:e8:
56:b3:f5:03:17:bb:c4:36:72:7e:1b:29:86:72:85:d1:2c:23:
7d:b8:f3:fb:ac:28:1d:34:0c:a7:7a:ae:ee:52:e7:ae:d8:c8:
2d:e8:2f:6f:91:6e:d6:d2:ba:6e:5b:75:cb:e7:e0:e6:61:1b:
91:2d:0d:d5:ff:bf:8f:e3:fa:30:0f:de:14:67:08:39:fc:13:
26:1f:b5:9b:06:87:04:3b:d4:11:82:75:b0:96:37:cb:f6:8c:
8f:69:7f:9c:53:ed:7b:8a:03:a5:c4:56:d1:32:ee:de:85:08:
2d:5d:8d:66:14:bc:68:18:cb:30:48:9c:d0:e2:19:fc:fc:be:
56:51:f9:1b:0e:81:80:df:53:72:58:cb:b9:66:68:43:d4:2d:
89:5f:1f:83:8b:1f:ad:34:f3:7a:f1:eb:79:66:47:1c:a0:a4:
28:27:81:69:14:c1:95:4a:a0:78:53:e6:d7:a4:cb:1d:4c:44:
22:f9:b0:80:fa:3b:65:27:2c:e7:f1:77:8d:d1:c8:57:71:79:
ad:8a:40:1f:27:0f:a7:35:1f:8d:e9:cf:4d:dc:7c:af:5f:0e:
de:af:94:38:e2:1b:c2:74:3b:3b:f3:4c:4e:f5:f5:b2:68:de:
20:b0:f3:91
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJBOEI3NjQ5MENEOUE4
NEQ5OTY0RkNGQURDQ0E0RkNDRURCMUY2MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKeOPcGrvfXk1bEKb1C+vMUQ3MGdP3ZEjS1Co3Hl8RN7BupnTj
XIG6UKtBU+RtZi6wqHLiJJjj8EpklbH4DkQ7RdZuvK8tQu8mE5wIK5+FDzkgK5BQ
4SdXkMY629Y80TqoM0qRbcHgqRxEZcPK3pMQX4d7KYmzj/fgQ8o3WHR3pPExsrHI
Ks7WCdUitfDmnM+IisUwYRN9z5o3F5kvuVNpgrGHaQ4f86YrgKlrD+6viKw4xVJW
ye/UnyHJZpcnCV71U7ux0TwTuBy0lFrOYDgtZ3DmygBaXDvQq7PnHD87u+XahPXi
1oLXZqDZ/kQkgOQ3eVyrAFN8ZQcA+GvTOdZ1AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUKot2SQzZqE2ZZPz63MpPzO2x9jIwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvS290MlNRelpxRTJaWlB6NjNN
cFB6TzJ4OWpJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
kDANBgkqhkiG9w0BAQsFAAOCAQEA1sa/gZO+zr39BkrrzLVX6OzoVrP1Axe7xDZy
fhsphnKF0Swjfbjz+6woHTQMp3qu7lLnrtjILegvb5Fu1tK6blt1y+fg5mEbkS0N
1f+/j+P6MA/eFGcIOfwTJh+1mwaHBDvUEYJ1sJY3y/aMj2l/nFPte4oDpcRW0TLu
3oUILV2NZhS8aBjLMEic0OIZ/Py+VlH5Gw6BgN9TcljLuWZoQ9QtiV8fg4sfrTTz
evHreWZHHKCkKCeBaRTBlUqgeFPm16TLHUxEIvmwgPo7ZScs5/F3jdHIV3F5rYpA
HycPpzUfjenPTdx8r18O3q+UOOIbwnQ7O/NMTvX1smjeILDzkQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:43 2025 by rpki-client