Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/A3POdYpyNdFnV6SuZOM5EboOMD8.roa
File: A3POdYpyNdFnV6SuZOM5EboOMD8.roa (raw, json)
Hash identifier: dN3FZdzIvGAZQqe9NIInmPCMHymrJYSda2hPJHaBMKs=
Subject key identifier: 03:73:CE:75:8A:72:35:D1:67:57:A4:AE:64:E3:39:11:BA:0E:30:3F
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C84
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/A3POdYpyNdFnV6SuZOM5EboOMD8.roa
Signing time: Thu 05 Jun 2025 03:51:17 +0000
ROA not before: Thu 05 Jun 2025 03:51:17 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3204 (0xc84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:17 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=0373CE758A7235D16757A4AE64E33911BA0E303F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:01:f6:33:b3:36:73:0f:69:eb:54:e1:cc:08:
e6:01:8b:84:42:15:36:63:0d:65:8b:4d:5b:8f:7b:
45:98:49:97:74:60:fa:06:6f:a2:e8:19:2b:da:ca:
38:97:c0:29:ea:9b:b9:5b:25:4d:ca:10:d6:e9:c5:
64:3b:c4:e8:51:a6:a8:3f:02:9c:1b:64:29:89:4c:
aa:2b:cd:5f:60:2c:f4:fc:ab:12:60:e6:57:60:a1:
ff:80:1d:93:1f:52:e5:8c:27:dd:89:0a:d8:a7:37:
a4:c6:1a:f7:6b:c3:14:60:07:c1:34:e8:6c:1b:99:
6e:28:72:86:a0:db:01:0a:75:c0:6a:4b:c6:e0:9c:
28:e1:70:2a:27:b6:32:28:1c:5d:eb:9d:dd:46:4c:
44:bf:91:5b:fb:8f:b9:47:c3:fd:dc:1c:43:32:50:
73:6d:78:a8:1a:61:15:fb:48:0c:59:83:93:33:20:
9b:a1:af:e0:ac:73:61:bf:fc:90:b5:d7:8e:69:67:
56:4e:02:b8:85:f1:14:c2:26:ef:2c:ea:6c:3e:ee:
13:a8:79:b0:68:d6:33:68:ed:70:3f:1d:55:57:06:
fc:96:6b:ac:59:07:4c:e4:09:a7:26:62:35:e4:40:
98:64:a7:94:d3:95:16:c2:0c:ff:c3:48:f9:22:79:
0f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:73:CE:75:8A:72:35:D1:67:57:A4:AE:64:E3:39:11:BA:0E:30:3F
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/A3POdYpyNdFnV6SuZOM5EboOMD8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.188.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:8e:be:14:1e:7e:d3:09:03:84:57:a6:af:a9:ed:6e:08:1e:
08:61:5c:c4:f4:e8:43:a4:f9:a2:5a:b3:a5:b7:18:55:f1:50:
de:79:85:29:4e:5b:c4:0b:db:1e:e9:5d:3a:2b:82:80:7a:39:
73:70:13:0b:2d:06:ad:2e:44:76:12:59:61:b3:19:d1:56:48:
e9:e3:63:42:d4:9b:a1:37:bb:dd:95:a6:e1:f3:2a:93:f6:b6:
88:4b:83:00:3a:32:e4:7d:a0:30:57:e2:e5:0a:70:88:6c:56:
ac:9a:96:d3:c9:da:7a:28:8c:6d:f8:8d:d3:a2:3f:fb:69:c5:
ae:5c:6b:3e:10:08:7b:ac:6f:23:79:c3:31:8b:7c:ce:cd:22:
69:0d:c3:98:45:ef:cd:70:52:02:ae:63:4c:38:4b:09:12:a6:
2d:c7:85:8b:7b:4a:5c:1c:db:29:ac:60:9c:84:1e:d3:82:9e:
2d:4b:84:ae:03:e2:02:4b:37:a0:d1:b6:7b:02:8e:66:86:00:
ac:4e:58:c7:60:47:b2:dc:e9:21:86:82:75:6b:bc:a5:06:12:
0d:00:85:c1:2d:47:29:d0:8f:74:ed:14:3a:95:1d:3c:d4:05:
d1:6f:54:59:41:f8:5f:95:98:1a:f4:83:ea:de:e5:8b:f8:3b:
48:8f:bf:14
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMTdaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDAzNzNDRTc1OEE3MjM1
RDE2NzU3QTRBRTY0RTMzOTExQkEwRTMwM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSAfYzszZzD2nrVOHMCOYBi4RCFTZjDWWLTVuPe0WYSZd0YPoG
b6LoGSvayjiXwCnqm7lbJU3KENbpxWQ7xOhRpqg/ApwbZCmJTKorzV9gLPT8qxJg
5ldgof+AHZMfUuWMJ92JCtinN6TGGvdrwxRgB8E06GwbmW4ocoag2wEKdcBqS8bg
nCjhcContjIoHF3rnd1GTES/kVv7j7lHw/3cHEMyUHNteKgaYRX7SAxZg5MzIJuh
r+Csc2G//JC1145pZ1ZOAriF8RTCJu8s6mw+7hOoebBo1jNo7XA/HVVXBvyWa6xZ
B0zkCacmYjXkQJhkp5TTlRbCDP/DSPkieQ8/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUA3POdYpyNdFnV6SuZOM5EboOMD8wHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL0EzUE9kWXB5TmRGblY2
U3VaT001RWJvT01EOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr+LwwDQYJKoZIhvcNAQELBQADggEBALWOvhQeftMJA4RXpq+p7W4IHghhXMT0
6EOk+aJas6W3GFXxUN55hSlOW8QL2x7pXTorgoB6OXNwEwstBq0uRHYSWWGzGdFW
SOnjY0LUm6E3u92VpuHzKpP2tohLgwA6MuR9oDBX4uUKcIhsVqyaltPJ2noojG34
jdOiP/tpxa5caz4QCHusbyN5wzGLfM7NImkNw5hF781wUgKuY0w4SwkSpi3HhYt7
Slwc2ymsYJyEHtOCni1LhK4D4gJLN6DRtnsCjmaGAKxOWMdgR7Lc6SGGgnVrvKUG
Eg0AhcEtRynQj3TtFDqVHTzUBdFvVFlB+F+VmBr0g+re5Yv4O0iPvxQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:33:39 2025 by rpki-client