Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/QeKKnmNdwPxL2HdyGB8rhQbTCYw.roa
File: QeKKnmNdwPxL2HdyGB8rhQbTCYw.roa (raw, json)
Hash identifier: Z5DLZ8wxXNKR+FPEjZ45Nu5DcFF495oVVEH5/f9dT2g=
Subject key identifier: 41:E2:8A:9E:63:5D:C0:FC:4B:D8:77:72:18:1F:2B:85:06:D3:09:8C
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 093B
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/QeKKnmNdwPxL2HdyGB8rhQbTCYw.roa
Signing time: Fri 17 Jan 2025 01:23:42 +0000
ROA not before: Fri 17 Jan 2025 01:23:42 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4766
IP address blocks: 58.66.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 07:24:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2363 (0x93b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:42 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=41E28A9E635DC0FC4BD87772181F2B8506D3098C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f0:71:d5:9f:6e:84:6b:f8:8e:99:d6:f0:a4:
1d:99:44:9f:68:e2:8c:b2:f3:23:32:a4:9e:3e:76:
79:50:95:01:a7:58:d9:74:bf:a2:0a:79:3d:69:79:
4c:05:07:3a:2a:d2:15:e5:31:23:94:b8:ce:73:97:
bd:45:b4:07:5e:4a:bd:a6:db:7e:fd:85:24:7d:ca:
72:48:53:2f:9d:20:13:ff:d0:35:91:ce:e1:da:d2:
45:4f:d2:19:ba:12:9b:89:68:7b:72:fc:3d:23:48:
eb:82:70:39:a1:d6:e7:3a:51:7e:ca:20:f3:e5:55:
58:e3:9a:5d:fe:8e:04:ca:58:b9:fc:ee:b4:e3:6e:
cb:3e:8d:b7:ee:73:79:65:be:ae:bf:ec:fc:e7:ee:
3a:6f:ed:96:5c:40:2b:c1:41:32:be:c6:33:ac:db:
ce:bd:ad:ee:34:7f:78:c8:96:3f:4f:f2:d9:37:ef:
df:6d:35:eb:e2:e5:e5:28:80:9f:79:44:b3:15:69:
df:1a:9d:e4:2a:9a:19:c4:eb:d1:70:63:23:b6:d0:
6a:51:a6:b5:ea:38:c4:83:6e:b1:5d:c6:00:e7:ea:
87:b2:a4:55:b0:26:83:24:d9:c6:94:75:0e:02:ad:
39:c0:ab:f1:83:8e:eb:64:5e:d7:2a:65:07:fb:5e:
bb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E2:8A:9E:63:5D:C0:FC:4B:D8:77:72:18:1F:2B:85:06:D3:09:8C
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/QeKKnmNdwPxL2HdyGB8rhQbTCYw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.168.0/21
Signature Algorithm: sha256WithRSAEncryption
56:76:e5:6a:52:92:3b:4b:a7:f7:5a:56:95:27:3e:40:e1:d1:
96:34:72:d6:a8:1b:70:3c:c7:27:48:54:a9:01:3c:2e:6a:d9:
40:5c:71:9d:19:81:b3:87:c1:4e:ca:38:7e:09:ac:ec:99:17:
f9:88:5e:7a:2c:3e:9e:02:3a:30:dc:23:ba:bf:bd:64:f2:28:
f9:be:37:a4:da:df:9a:f8:67:cc:94:61:75:34:5c:2a:50:0d:
7f:6b:6c:76:81:b4:db:74:5e:d5:12:eb:76:77:fc:12:45:f6:
ae:05:59:27:83:c6:80:4e:ce:b4:d6:2f:ec:b2:18:72:8a:88:
34:28:40:b7:18:72:bd:c0:46:c3:eb:0b:a8:77:79:d6:84:4b:
8c:70:2a:74:a4:28:b6:6e:88:36:dd:bd:7d:e5:42:37:8b:b7:
0b:86:ff:ac:9e:90:d5:44:b1:2f:a3:8e:7b:54:3f:64:94:af:
3c:5a:f0:08:c5:10:55:73:d9:03:da:2c:7c:1a:11:46:cf:56:
69:15:98:78:ff:51:84:f2:1b:fc:c9:2e:0a:da:62:b3:9f:6b:
b0:bc:dc:94:41:1d:5b:98:3f:d9:54:95:c4:41:a0:f3:e1:81:
5a:cf:5b:60:a9:fa:9e:39:ad:c4:3f:48:08:db:2f:23:ab:1f:
b5:99:68:01
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQxRTI4QTlFNjM1REMw
RkM0QkQ4Nzc3MjE4MUYyQjg1MDZEMzA5OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK8HHVn26Ea/iOmdbwpB2ZRJ9o4oyy8yMypJ4+dnlQlQGnWNl0
v6IKeT1peUwFBzoq0hXlMSOUuM5zl71FtAdeSr2m2379hSR9ynJIUy+dIBP/0DWR
zuHa0kVP0hm6EpuJaHty/D0jSOuCcDmh1uc6UX7KIPPlVVjjml3+jgTKWLn87rTj
bss+jbfuc3llvq6/7Pzn7jpv7ZZcQCvBQTK+xjOs2869re40f3jIlj9P8tk3799t
Nevi5eUogJ95RLMVad8aneQqmhnE69FwYyO20GpRprXqOMSDbrFdxgDn6oeypFWw
JoMk2caUdQ4CrTnAq/GDjutkXtcqZQf7XruXAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUQeKKnmNdwPxL2HdyGB8rhQbTCYwwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvUWVLS25tTmR3UHhMMkhkeUdC
OHJoUWJUQ1l3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
qDANBgkqhkiG9w0BAQsFAAOCAQEAVnblalKSO0un91pWlSc+QOHRljRy1qgbcDzH
J0hUqQE8LmrZQFxxnRmBs4fBTso4fgms7JkX+Yheeiw+ngI6MNwjur+9ZPIo+b43
pNrfmvhnzJRhdTRcKlANf2tsdoG023Re1RLrdnf8EkX2rgVZJ4PGgE7OtNYv7LIY
coqINChAtxhyvcBGw+sLqHd51oRLjHAqdKQotm6INt29feVCN4u3C4b/rJ6Q1USx
L6OOe1Q/ZJSvPFrwCMUQVXPZA9osfBoRRs9WaRWYeP9RhPIb/MkuCtpis59rsLzc
lEEdW5g/2VSVxEGg8+GBWs9bYKn6njmtxD9ICNsvI6sftZloAQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:49 2025 by rpki-client