Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/c8cUFZDH6O5exb6j4uFUNQZBVwA.roa
File: c8cUFZDH6O5exb6j4uFUNQZBVwA.roa (raw, json)
Hash identifier: ChxxrTVExxNhWtyTkhs7Lts9bjh8WwMtzGdZlOqpElw=
Subject key identifier: 73:C7:14:15:90:C7:E8:EE:5E:C5:BE:A3:E2:E1:54:35:06:41:57:00
Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D
Certificate serial: 14CF
Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/c8cUFZDH6O5exb6j4uFUNQZBVwA.roa
Signing time: Wed 09 Apr 2025 06:48:38 +0000
ROA not before: Wed 09 Apr 2025 06:48:38 +0000
ROA not after: Thu 09 Apr 2026 06:41:24 +0000
asID: 34549
IP address blocks: 114.66.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5327 (0x14cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D
Validity
Not Before: Apr 9 06:48:38 2025 GMT
Not After : Apr 9 06:41:24 2026 GMT
Subject: CN=73C7141590C7E8EE5EC5BEA3E2E1543506415700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:eb:d2:a9:06:9a:e1:43:00:f2:99:98:90:00:
97:de:ff:de:75:34:82:93:75:51:6c:01:b2:9c:3d:
94:fa:47:61:a1:72:c5:40:c9:20:b2:2d:0c:27:f1:
e6:1d:fe:81:92:e3:2a:05:54:85:cd:2f:29:96:df:
28:28:2c:59:a3:89:c3:7f:73:60:fe:6a:d5:16:8f:
ee:26:cd:a3:0c:93:eb:1a:bc:c5:86:96:c8:97:74:
ca:ff:b6:f3:aa:3e:bd:a3:6c:01:d0:4f:ae:7d:f7:
5e:7d:b9:b0:3d:30:e4:25:43:84:39:7f:b8:35:af:
58:28:8a:8d:b1:dc:de:f5:d6:89:88:ac:a2:db:ac:
96:73:3c:fc:01:d4:8f:2d:74:ec:6d:38:f8:b2:42:
9a:d9:16:94:64:49:54:80:a8:9d:74:dc:c9:85:dd:
f6:68:58:6b:a8:9b:05:cf:65:85:ce:ed:7b:6b:3a:
e5:bc:80:9d:57:46:d2:43:24:9d:e5:80:e5:82:5e:
2e:7f:4c:40:40:12:5a:9e:34:e2:08:c9:e6:d3:cb:
c1:50:81:0d:33:78:a0:9e:88:e4:bb:0f:da:d1:59:
d4:f9:c8:bf:8c:fc:16:6e:84:04:18:4b:cc:54:f7:
e4:96:45:4f:6b:22:80:64:ce:fe:5c:2a:dd:20:5e:
34:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C7:14:15:90:C7:E8:EE:5E:C5:BE:A3:E2:E1:54:35:06:41:57:00
X509v3 Authority Key Identifier:
keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/c8cUFZDH6O5exb6j4uFUNQZBVwA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.66.212.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:c5:aa:09:b5:99:7b:4b:9e:ce:5d:ae:ae:98:e6:68:fd:6f:
95:bc:1e:33:a2:82:b6:c1:80:02:4d:72:62:f3:3a:fd:c0:1e:
b7:87:3c:f3:b2:35:64:5d:f8:d0:01:6a:ef:3b:ab:05:63:de:
29:4d:80:82:a3:16:eb:86:b9:e2:5e:a0:b9:53:b9:62:af:2d:
83:8a:26:d1:f2:97:26:b8:4c:14:85:2e:d2:fa:4d:9d:6d:a8:
e0:f2:be:6d:5b:18:62:f4:91:66:d8:0b:08:37:58:55:8e:e8:
d3:fb:ea:47:bd:77:d2:26:18:17:5f:4f:f0:f5:2f:dc:bd:f2:
43:f6:bd:48:b6:72:96:a5:21:bd:5b:4b:61:33:82:a0:96:9a:
f3:56:53:ce:00:b4:43:b0:07:6e:ea:57:92:23:57:64:57:fd:
ba:8b:db:75:e2:11:b5:32:c3:3b:00:9f:d4:15:77:69:18:64:
e9:d4:5b:d1:b5:5b:17:d6:f0:34:1f:64:94:25:15:6b:8c:7d:
f6:f4:b9:04:51:fe:de:ce:5b:9b:1b:0e:15:8c:22:73:4f:77:
c3:f1:f1:37:96:77:c6:cc:ac:e3:1d:61:9c:d9:8f:33:50:dc:
86:14:15:2f:26:d9:8a:95:7a:58:f1:17:94:01:69:7e:a8:d8:
51:96:92:54
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2
ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA0MDkw
NjQ4MzhaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKDczQzcxNDE1OTBDN0U4
RUU1RUM1QkVBM0UyRTE1NDM1MDY0MTU3MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCU69KpBprhQwDymZiQAJfe/951NIKTdVFsAbKcPZT6R2GhcsVA
ySCyLQwn8eYd/oGS4yoFVIXNLymW3ygoLFmjicN/c2D+atUWj+4mzaMMk+savMWG
lsiXdMr/tvOqPr2jbAHQT6599159ubA9MOQlQ4Q5f7g1r1goio2x3N711omIrKLb
rJZzPPwB1I8tdOxtOPiyQprZFpRkSVSAqJ103MmF3fZoWGuomwXPZYXO7XtrOuW8
gJ1XRtJDJJ3lgOWCXi5/TEBAElqeNOIIyebTy8FQgQ0zeKCeiOS7D9rRWdT5yL+M
/BZuhAQYS8xU9+SWRU9rIoBkzv5cKt0gXjRjAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUc8cUFZDH6O5exb6j4uFUNQZBVwAwHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu
EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvYzhjVUZaREg2TzVl
eGI2ajR1RlVOUVpCVndBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHJC1DANBgkqhkiG9w0BAQsFAAOCAQEAxMWqCbWZe0uezl2urpjmaP1vlbwe
M6KCtsGAAk1yYvM6/cAet4c887I1ZF340AFq7zurBWPeKU2AgqMW64a54l6guVO5
Yq8tg4om0fKXJrhMFIUu0vpNnW2o4PK+bVsYYvSRZtgLCDdYVY7o0/vqR7130iYY
F19P8PUv3L3yQ/a9SLZylqUhvVtLYTOCoJaa81ZTzgC0Q7AHbupXkiNXZFf9uovb
deIRtTLDOwCf1BV3aRhk6dRb0bVbF9bwNB9klCUVa4x99vS5BFH+3s5bmxsOFYwi
c093w/HxN5Z3xsys4x1hnNmPM1DchhQVLybZipV6WPEXlAFpfqjYUZaSVA==
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:58:22 2025 by rpki-client