Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/k_zjOgE_jollBL3KhSAjMw2x2m0.roa
File: k_zjOgE_jollBL3KhSAjMw2x2m0.roa (raw, json)
Hash identifier: 0CPbu0nJn9J5hvaLLJxjhiXncnQeL5C4vtLP4G07npY=
Subject key identifier: 93:FC:E3:3A:01:3F:8E:89:65:04:BD:CA:85:20:23:33:0D:B1:DA:6D
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C5B
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/k_zjOgE_jollBL3KhSAjMw2x2m0.roa
Signing time: Sat 31 May 2025 10:47:44 +0000
ROA not before: Sat 31 May 2025 10:47:44 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.184.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 07:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3163 (0xc5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: May 31 10:47:44 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=93FCE33A013F8E896504BDCA852023330DB1DA6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:14:f2:90:ea:7c:6b:c7:2f:8b:04:84:c5:8e:
ef:56:ed:37:2a:0f:32:32:1f:32:c7:df:e0:e6:3c:
c2:ce:f3:ad:10:52:05:d1:20:c4:db:b3:05:39:f1:
36:75:55:6a:fd:26:e1:52:64:19:ea:c6:42:1e:1b:
51:f8:d6:58:8b:4b:af:95:20:b0:ab:77:80:b8:bd:
9e:9f:73:d8:1c:4a:e1:2a:30:21:fc:63:8d:13:1f:
1f:a3:4a:5e:bd:bb:6b:58:80:44:72:ee:42:29:1e:
33:1b:50:50:1a:b6:ab:51:75:8b:c4:71:3b:31:fe:
9f:5f:9e:5c:b1:95:2a:e3:ab:44:d6:43:82:f5:2b:
24:8b:61:33:3f:bb:70:89:47:bd:2b:41:12:4c:f9:
00:54:31:de:5e:71:f3:7f:88:1f:5b:0d:e2:37:74:
f2:0c:84:d9:d7:d2:42:d6:5d:f9:9f:cf:83:c6:81:
0e:d0:f3:7e:72:66:3e:c9:48:bf:6d:f8:5b:d4:59:
dc:af:05:46:5c:ca:72:0f:e5:70:f7:68:2d:fa:b0:
4e:28:75:ae:90:37:13:9f:1c:2b:9e:43:e7:e2:03:
70:f3:cf:b3:f6:46:bd:d5:1e:f2:21:61:77:73:ed:
84:69:3d:46:22:cb:3b:d0:b6:d9:96:a4:68:4f:26:
89:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FC:E3:3A:01:3F:8E:89:65:04:BD:CA:85:20:23:33:0D:B1:DA:6D
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/k_zjOgE_jollBL3KhSAjMw2x2m0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.184.0/21
Signature Algorithm: sha256WithRSAEncryption
b9:28:f1:29:1c:98:15:3f:26:ac:1d:53:c3:e7:7e:e5:e0:89:
d8:0d:78:64:54:d6:78:a0:ef:68:80:6d:42:19:b8:9b:1b:48:
25:f5:cc:41:59:43:62:bf:ad:50:ea:ef:f8:11:ec:e2:df:06:
c3:69:3b:47:22:82:dd:8a:20:60:26:67:ea:91:62:e4:18:eb:
74:2d:03:55:3d:d0:56:85:7b:39:42:08:93:b7:18:68:99:bf:
54:5b:d4:9e:3d:fe:0c:c6:08:22:b1:9f:22:dc:9a:ee:6a:2d:
c3:44:1d:bc:92:ec:7e:48:e6:67:4a:46:61:28:68:7e:bc:75:
7a:94:c3:b2:ca:77:b2:1c:90:d9:6e:5a:ae:3a:bb:df:ea:f7:
63:85:b8:89:28:72:2b:7d:51:a5:f2:68:b5:6f:01:7c:35:88:
4e:14:58:fb:35:e7:2d:11:02:b0:c8:96:4c:9a:fa:64:a8:fe:
14:08:2d:4e:58:d9:bc:bc:07:11:ca:04:04:89:76:dd:cf:ee:
20:93:e6:5a:f8:98:72:fd:6f:e4:14:46:d9:df:06:23:68:63:
07:e4:5c:8f:6e:46:3f:5f:f0:d3:32:d4:c8:03:6b:e6:6e:66:
4f:16:2b:6c:8c:c5:4e:d8:33:c6:33:97:55:24:2b:59:1f:0f:
34:f0:38:a2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA1MzEx
MDQ3NDRaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDkzRkNFMzNBMDEzRjhF
ODk2NTA0QkRDQTg1MjAyMzMzMERCMURBNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcFPKQ6nxrxy+LBITFju9W7TcqDzIyHzLH3+DmPMLO860QUgXR
IMTbswU58TZ1VWr9JuFSZBnqxkIeG1H41liLS6+VILCrd4C4vZ6fc9gcSuEqMCH8
Y40THx+jSl69u2tYgERy7kIpHjMbUFAatqtRdYvEcTsx/p9fnlyxlSrjq0TWQ4L1
KySLYTM/u3CJR70rQRJM+QBUMd5ecfN/iB9bDeI3dPIMhNnX0kLWXfmfz4PGgQ7Q
835yZj7JSL9t+FvUWdyvBUZcynIP5XD3aC36sE4oda6QNxOfHCueQ+fiA3Dzz7P2
Rr3VHvIhYXdz7YRpPUYiyzvQttmWpGhPJonzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUk/zjOgE/jollBL3KhSAjMw2x2m0wHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL2tfempPZ0Vfam9sbEJM
M0toU0FqTXcyeDJtMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAMr+LgwDQYJKoZIhvcNAQELBQADggEBALko8SkcmBU/JqwdU8PnfuXgidgNeGRU
1nig72iAbUIZuJsbSCX1zEFZQ2K/rVDq7/gR7OLfBsNpO0cigt2KIGAmZ+qRYuQY
63QtA1U90FaFezlCCJO3GGiZv1Rb1J49/gzGCCKxnyLcmu5qLcNEHbyS7H5I5mdK
RmEoaH68dXqUw7LKd7IckNluWq46u9/q92OFuIkocit9UaXyaLVvAXw1iE4UWPs1
5y0RArDIlkya+mSo/hQILU5Y2by8BxHKBASJdt3P7iCT5lr4mHL9b+QURtnfBiNo
YwfkXI9uRj9f8NMy1MgDa+ZuZk8WK2yMxU7YM8Yzl1UkK1kfDzTwOKI=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:15:46 2025 by rpki-client