Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/XUG35tL9YRXEzG4nfZQpFOWRiO4.roa
File: XUG35tL9YRXEzG4nfZQpFOWRiO4.roa (raw, json)
Hash identifier: ZX0pPfmQh5ojneyqiBhafVZ+Wgswf08ReTUrtjYNceI=
Subject key identifier: 5D:41:B7:E6:D2:FD:61:15:C4:CC:6E:27:7D:94:29:14:E5:91:88:EE
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C87
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/XUG35tL9YRXEzG4nfZQpFOWRiO4.roa
Signing time: Thu 05 Jun 2025 03:51:18 +0000
ROA not before: Thu 05 Jun 2025 03:51:18 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.176.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3207 (0xc87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:18 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=5D41B7E6D2FD6115C4CC6E277D942914E59188EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:16:50:ba:86:53:3a:1c:5d:56:b6:e0:1b:dc:
76:c3:b6:94:dd:f3:f4:a2:f7:34:fe:94:68:15:5c:
ac:25:32:65:96:e8:20:b3:2e:9a:4c:2f:f7:4a:b7:
a7:48:1d:50:ae:6b:cd:95:90:25:4c:a3:f2:83:02:
cf:9d:ac:7d:32:2c:55:5e:3f:0e:4b:66:ce:39:8c:
bf:e1:47:30:9b:80:34:33:43:8d:05:07:03:d5:3f:
26:5c:82:05:96:d9:2f:62:80:2c:00:06:fe:57:8b:
40:55:a7:72:70:8f:2c:01:ed:77:9c:8c:87:00:61:
c1:4d:3a:96:53:06:f2:17:a1:9e:4e:95:99:e4:67:
45:d7:07:d2:3b:26:e4:a3:26:b0:4f:d6:7c:d3:7c:
c7:d8:ae:b0:21:73:54:3b:b9:a0:81:e0:71:85:ab:
4a:59:b2:ba:e6:8d:3e:b9:45:d9:03:ac:84:06:5f:
cf:e6:b3:69:53:c8:f0:54:24:0b:e5:4a:e8:43:df:
cc:3a:b0:4b:5d:57:4d:d2:25:de:84:6c:d4:49:1e:
d7:7a:93:8e:2d:1f:cb:8c:97:cc:69:98:8c:a6:5d:
19:a0:14:0c:fd:bd:12:1b:47:71:c8:c8:0d:4c:6e:
49:44:72:f8:80:5b:c1:23:e0:7e:d0:c3:80:4a:fd:
12:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:41:B7:E6:D2:FD:61:15:C4:CC:6E:27:7D:94:29:14:E5:91:88:EE
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/XUG35tL9YRXEzG4nfZQpFOWRiO4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.176.0/20
Signature Algorithm: sha256WithRSAEncryption
43:59:ff:3f:ba:0e:e8:0a:d7:ad:02:e4:aa:95:fa:ec:b3:9e:
4c:01:f8:24:90:ea:c7:b1:65:95:73:82:85:21:96:37:0e:2c:
ae:1a:a7:38:e9:00:83:aa:24:42:bd:f1:7c:7f:02:6b:29:28:
bd:36:dc:bf:6f:31:92:98:b1:7b:50:bd:22:b7:57:bc:23:14:
ec:0d:41:69:5c:14:38:21:fc:94:f4:a1:0a:20:53:ab:cb:37:
1e:9a:57:22:08:b4:ff:f5:0d:cb:40:53:a8:a9:99:fd:2f:29:
ce:f0:f4:1c:82:4e:d3:68:a6:d8:0d:11:83:a0:87:d2:a0:d9:
30:d0:cd:42:82:02:3c:95:76:c7:c9:f2:2c:0a:a6:45:b1:21:
8f:fb:24:c5:aa:07:08:97:0d:bc:be:0d:df:f2:25:02:03:59:
95:0b:a2:d0:9a:19:04:70:71:5f:6d:a4:17:56:6a:e2:76:0f:
ad:54:b8:ec:7c:b1:0e:f1:d2:70:65:e6:69:8a:a6:5a:a1:74:
a1:0d:6e:ee:98:e3:6f:12:fc:af:fc:e4:df:73:8e:ba:b1:e9:
7d:d1:f2:24:1a:22:b5:3a:53:fc:63:2e:f1:c6:39:14:93:04:
84:20:61:b5:51:a9:35:a6:4b:ef:76:69:2c:34:91:f3:97:fc:
cf:84:4a:27
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMThaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDVENDFCN0U2RDJGRDYx
MTVDNENDNkUyNzdEOTQyOTE0RTU5MTg4RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbFlC6hlM6HF1WtuAb3HbDtpTd8/Si9zT+lGgVXKwlMmWW6CCz
LppML/dKt6dIHVCua82VkCVMo/KDAs+drH0yLFVePw5LZs45jL/hRzCbgDQzQ40F
BwPVPyZcggWW2S9igCwABv5Xi0BVp3JwjywB7XecjIcAYcFNOpZTBvIXoZ5OlZnk
Z0XXB9I7JuSjJrBP1nzTfMfYrrAhc1Q7uaCB4HGFq0pZsrrmjT65RdkDrIQGX8/m
s2lTyPBUJAvlSuhD38w6sEtdV03SJd6EbNRJHtd6k44tH8uMl8xpmIymXRmgFAz9
vRIbR3HIyA1MbklEcviAW8Ej4H7Qw4BK/RJpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXUG35tL9YRXEzG4nfZQpFOWRiO4wHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL1hVRzM1dEw5WVJYRXpH
NG5mWlFwRk9XUmlPNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQr+LAwDQYJKoZIhvcNAQELBQADggEBAENZ/z+6DugK160C5KqV+uyznkwB+CSQ
6sexZZVzgoUhljcOLK4apzjpAIOqJEK98Xx/AmspKL023L9vMZKYsXtQvSK3V7wj
FOwNQWlcFDgh/JT0oQogU6vLNx6aVyIItP/1DctAU6ipmf0vKc7w9ByCTtNoptgN
EYOgh9Kg2TDQzUKCAjyVdsfJ8iwKpkWxIY/7JMWqBwiXDby+Dd/yJQIDWZULotCa
GQRwcV9tpBdWauJ2D61UuOx8sQ7x0nBl5mmKplqhdKENbu6Y428S/K/85N9zjrqx
6X3R8iQaIrU6U/xjLvHGORSTBIQgYbVRqTWmS+92aSw0kfOX/M+ESic=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:36:15 2025 by rpki-client