Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/NGN_RbK2zUMey-AsFgqkxEUKwpc.roa
File: NGN_RbK2zUMey-AsFgqkxEUKwpc.roa (raw, json)
Hash identifier: UskbvNPI9QA2oq7OomfUXncjE376GKEa42wVyTEx3cA=
Subject key identifier: 34:63:7F:45:B2:B6:CD:43:1E:CB:E0:2C:16:0A:A4:C4:45:0A:C2:97
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0A66
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/NGN_RbK2zUMey-AsFgqkxEUKwpc.roa
Signing time: Thu 06 Mar 2025 12:40:15 +0000
ROA not before: Thu 06 Mar 2025 12:40:15 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4134
IP address blocks: 58.66.96.0/19 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Mar 2025 13:41:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2662 (0xa66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Mar 6 12:40:15 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=34637F45B2B6CD431ECBE02C160AA4C4450AC297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:93:7a:07:9e:0a:8f:95:17:18:20:7d:d1:fd:
a1:be:f0:43:c5:09:6e:b3:a7:d9:27:5f:85:be:9d:
1c:d6:8a:77:a4:e7:ce:a3:dc:ac:df:4a:78:8f:b6:
49:85:40:32:38:8b:1d:7d:80:19:1b:c5:47:18:75:
73:8d:d0:9e:d5:8f:59:85:a0:a7:95:1f:84:39:5f:
03:18:29:31:b0:8b:af:5a:ae:54:7e:84:62:40:81:
00:1d:e6:32:00:82:4e:53:86:8e:22:b9:5e:37:d1:
18:7d:42:ea:0b:0e:5d:f7:58:e7:ae:c0:ad:c3:25:
63:94:7a:ea:20:77:87:1a:67:7c:87:f8:d0:06:43:
3c:38:12:f8:e3:1b:74:17:e6:1a:40:3f:fc:b3:c3:
89:4d:59:fb:a2:b7:24:81:07:e6:37:3f:42:99:cc:
cd:89:fc:af:8d:4b:08:7c:2e:bf:51:bf:c2:fb:ff:
bd:38:ee:22:ba:2d:bd:68:d3:27:79:d6:0e:b0:01:
3f:cb:cc:b3:8f:d0:1c:61:9a:81:58:41:de:76:35:
91:d2:cd:68:37:94:c1:4e:2a:22:69:66:e6:4e:a9:
29:15:c7:55:19:e1:4b:f5:e3:f9:5f:8c:2f:31:c7:
c9:c6:e5:aa:52:c9:9c:e7:a0:8e:94:2f:25:6d:36:
09:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:63:7F:45:B2:B6:CD:43:1E:CB:E0:2C:16:0A:A4:C4:45:0A:C2:97
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/NGN_RbK2zUMey-AsFgqkxEUKwpc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.96.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:8e:14:d7:79:13:80:e5:bb:64:be:b0:6d:7d:53:70:d0:6d:
66:c7:4c:75:d5:f9:5b:ca:21:e5:28:66:36:40:86:50:d4:e1:
c6:f4:e0:7d:bf:d8:84:2d:6e:0b:2f:8c:3f:89:97:7c:2f:e9:
ce:0f:51:a5:fd:c2:36:05:35:f3:5a:5a:14:f2:56:2b:bf:18:
2a:fb:5e:b7:16:9c:0c:45:c5:4c:22:a2:12:66:d7:8e:1d:fc:
88:a9:0c:f6:83:7b:57:79:0a:1f:5d:fa:2a:b6:76:ca:e2:66:
af:50:ab:4a:c4:88:b6:9f:25:68:15:13:98:7c:d5:ed:57:15:
70:73:3e:b9:f5:ed:fa:67:39:3f:0f:51:b5:79:24:fd:d9:a4:
09:d7:b9:d2:a6:f5:03:99:de:ea:bd:e2:e6:33:74:d5:ab:f1:
5e:50:aa:d6:fb:ee:7b:0d:bb:91:46:20:23:13:60:30:91:6b:
32:c0:d1:5a:64:70:21:54:c4:3f:6b:5b:b9:38:8b:1a:ab:34:
29:7f:8a:79:a7:85:cb:24:60:51:b9:ad:60:14:d6:77:b6:c6:
e2:86:22:5f:3b:52:2c:f7:dd:67:de:bb:3a:00:eb:ea:0e:9b:
dd:eb:f1:bc:a3:8e:30:0f:f6:43:b3:3c:bf:30:67:5c:6e:3f:
16:f8:b4:cb
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCmYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAzMDYx
MjQwMTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM0NjM3RjQ1QjJCNkNE
NDMxRUNCRTAyQzE2MEFBNEM0NDUwQUMyOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDck3oHngqPlRcYIH3R/aG+8EPFCW6zp9knX4W+nRzWinek586j
3KzfSniPtkmFQDI4ix19gBkbxUcYdXON0J7Vj1mFoKeVH4Q5XwMYKTGwi69arlR+
hGJAgQAd5jIAgk5Tho4iuV430Rh9QuoLDl33WOeuwK3DJWOUeuogd4caZ3yH+NAG
Qzw4EvjjG3QX5hpAP/yzw4lNWfuitySBB+Y3P0KZzM2J/K+NSwh8Lr9Rv8L7/704
7iK6Lb1o0yd51g6wAT/LzLOP0BxhmoFYQd52NZHSzWg3lMFOKiJpZuZOqSkVx1UZ
4Uv14/lfjC8xx8nG5apSyZznoI6ULyVtNgkZAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUNGN/RbK2zUMey+AsFgqkxEUKwpcwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvTkdOX1JiSzJ6VU1leS1Bc0Zn
cWt4RVVLd3BjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTpC
YDANBgkqhkiG9w0BAQsFAAOCAQEAjI4U13kTgOW7ZL6wbX1TcNBtZsdMddX5W8oh
5ShmNkCGUNThxvTgfb/YhC1uCy+MP4mXfC/pzg9Rpf3CNgU181paFPJWK78YKvte
txacDEXFTCKiEmbXjh38iKkM9oN7V3kKH136KrZ2yuJmr1CrSsSItp8laBUTmHzV
7VcVcHM+ufXt+mc5Pw9RtXkk/dmkCde50qb1A5ne6r3i5jN01avxXlCq1vvuew27
kUYgIxNgMJFrMsDRWmRwIVTEP2tbuTiLGqs0KX+KeaeFyyRgUbmtYBTWd7bG4oYi
XztSLPfdZ967OgDr6g6b3evxvKOOMA/2Q7M8vzBnXG4/Fvi0yw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:18 2025 by rpki-client