Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/O-c-5KtObf0hNkuvlA9FA_vTdOM.roa
File: O-c-5KtObf0hNkuvlA9FA_vTdOM.roa (raw, json)
Hash identifier: cwOYheYwPnLs0mTEUS/l8uhHgk1CgUsiUnUovdreWaI=
Subject key identifier: 3B:E7:3E:E4:AB:4E:6D:FD:21:36:4B:AF:94:0F:45:03:FB:D3:74:E3
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 094B
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/O-c-5KtObf0hNkuvlA9FA_vTdOM.roa
Signing time: Fri 17 Jan 2025 01:23:46 +0000
ROA not before: Fri 17 Jan 2025 01:23:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 07:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2379 (0x94b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3BE73EE4AB4E6DFD21364BAF940F4503FBD374E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:88:ab:75:8d:28:96:e9:d9:5f:67:49:10:
55:e8:5a:67:4f:eb:a4:23:9e:70:4f:57:5e:38:30:
22:84:40:db:47:f7:6d:6a:72:e8:43:a5:1f:c9:1c:
72:b5:8f:1c:2c:87:3e:c6:93:17:29:c2:2c:27:11:
22:5f:6e:79:d5:42:d1:44:ef:0c:e2:83:84:56:63:
f9:f8:48:ad:f5:30:35:66:39:df:52:06:40:c2:d1:
eb:a7:d6:25:50:d2:c6:2c:53:47:98:2e:85:00:58:
ba:71:bf:36:ae:8a:3a:e1:5a:6e:42:e8:f8:25:39:
de:28:40:ed:61:d8:74:1f:cc:d1:c1:ee:ac:a2:d9:
ea:b4:8e:19:d2:9b:b6:d6:bb:0e:74:47:7c:49:58:
1b:55:a0:05:36:5c:78:01:2f:d8:27:46:5a:00:a8:
5c:1b:5b:4b:f9:23:26:2a:19:ae:69:d0:43:58:b2:
08:1c:52:58:16:24:cd:b3:d3:47:43:84:ba:33:d6:
f3:0d:51:24:2f:5a:c0:08:59:e0:18:49:c4:28:11:
8f:0f:88:8e:68:c0:e6:3f:af:43:7a:36:f7:ca:17:
c8:6f:0d:d3:f9:72:fa:f3:0a:b1:eb:99:8a:1e:4f:
51:bc:72:fc:08:cc:43:96:03:a6:03:14:bc:e3:a8:
dd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E7:3E:E4:AB:4E:6D:FD:21:36:4B:AF:94:0F:45:03:FB:D3:74:E3
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/O-c-5KtObf0hNkuvlA9FA_vTdOM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.96.0/21
Signature Algorithm: sha256WithRSAEncryption
68:d3:f9:2d:d9:18:f6:df:34:d9:6f:e2:ac:1f:cd:2d:b6:b0:
07:7f:53:cb:ba:35:67:de:7f:e2:26:8c:88:2a:81:36:e1:02:
73:fb:57:b1:39:c6:40:87:99:ef:dc:0f:86:0a:98:01:7d:10:
67:de:56:bb:a9:80:06:61:c6:00:c1:76:04:e5:6f:f1:04:ec:
5b:60:0f:b8:ea:1f:f5:15:d6:6c:fd:5d:54:d7:8a:1d:e8:08:
38:9e:c2:7e:7c:4e:2a:a7:53:fa:d1:57:cf:3a:b9:6b:7a:6f:
1d:50:d8:fb:a2:8f:09:7a:3f:f4:06:59:84:f8:35:a2:78:82:
40:90:52:57:a6:63:a9:9a:cd:ab:f0:ec:0f:7d:dd:21:5f:d7:
53:e0:9b:ab:bf:11:c6:b6:8b:47:2d:e6:d2:17:04:7b:85:fa:
44:e2:71:a2:b5:83:78:31:01:f9:f8:24:82:a9:0f:c5:36:00:
9d:ee:e2:db:72:ef:83:78:4a:c7:48:b7:cb:40:78:4c:8b:03:
ed:65:ba:ba:6d:6b:b4:21:9f:3b:02:7f:97:08:4d:7c:82:f7:
7f:01:6a:01:c1:b9:7b:1d:88:fa:11:27:e4:43:a7:35:cf:a3:
7a:7c:e6:99:a8:31:64:b2:d1:61:db:4a:81:17:21:0e:14:45:
b8:92:93:b0
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNCRTczRUU0QUI0RTZE
RkQyMTM2NEJBRjk0MEY0NTAzRkJEMzc0RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7M4irdY0olunZX2dJEFXoWmdP66QjnnBPV144MCKEQNtH921q
cuhDpR/JHHK1jxwshz7GkxcpwiwnESJfbnnVQtFE7wzig4RWY/n4SK31MDVmOd9S
BkDC0eun1iVQ0sYsU0eYLoUAWLpxvzauijrhWm5C6PglOd4oQO1h2HQfzNHB7qyi
2eq0jhnSm7bWuw50R3xJWBtVoAU2XHgBL9gnRloAqFwbW0v5IyYqGa5p0ENYsggc
UlgWJM2z00dDhLoz1vMNUSQvWsAIWeAYScQoEY8PiI5owOY/r0N6NvfKF8hvDdP5
cvrzCrHrmYoeT1G8cvwIzEOWA6YDFLzjqN3TAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUO+c+5KtObf0hNkuvlA9FA/vTdOMwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvTy1jLTVLdE9iZjBoTmt1dmxB
OUZBX3ZUZE9NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
YDANBgkqhkiG9w0BAQsFAAOCAQEAaNP5LdkY9t802W/irB/NLbawB39Ty7o1Z95/
4iaMiCqBNuECc/tXsTnGQIeZ79wPhgqYAX0QZ95Wu6mABmHGAMF2BOVv8QTsW2AP
uOof9RXWbP1dVNeKHegIOJ7CfnxOKqdT+tFXzzq5a3pvHVDY+6KPCXo/9AZZhPg1
oniCQJBSV6ZjqZrNq/DsD33dIV/XU+Cbq78RxraLRy3m0hcEe4X6ROJxorWDeDEB
+fgkgqkPxTYAne7i23Lvg3hKx0i3y0B4TIsD7WW6um1rtCGfOwJ/lwhNfIL3fwFq
AcG5ex2I+hEn5EOnNc+jenzmmagxZLLRYdtKgRchDhRFuJKTsA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:32 2025 by rpki-client