Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/8VFm5x1DCV0kqWChfczT9aIqkTk.roa
File: 8VFm5x1DCV0kqWChfczT9aIqkTk.roa (raw, json)
Hash identifier: U9ENYSQ5c4zFU4djcivZXpofa05tT/uNpJ9PAkCEi6E=
Subject key identifier: F1:51:66:E7:1D:43:09:5D:24:A9:60:A1:7D:CC:D3:F5:A2:2A:91:39
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 0178
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/8VFm5x1DCV0kqWChfczT9aIqkTk.roa
Signing time: Wed 26 Mar 2025 09:08:30 +0000
ROA not before: Wed 26 Mar 2025 09:08:30 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 24413
IP address blocks: 114.28.212.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Mar 2025 02:39:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 376 (0x178)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Mar 26 09:08:30 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=F15166E71D43095D24A960A17DCCD3F5A22A9139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:ca:d9:be:3f:94:fa:ea:e9:41:19:de:36:
5a:e6:b9:1c:03:3d:a7:6c:13:5f:ab:da:1c:54:19:
ab:7a:e8:6d:3f:7e:62:34:d9:d8:82:b6:ce:22:b9:
3b:53:d1:cf:2f:32:17:b5:da:9e:31:42:ae:87:33:
92:2e:c5:d0:b9:12:9e:31:54:cf:d8:1e:d9:6c:2d:
c6:46:64:e1:ee:d2:ac:8b:2a:dc:0c:d7:8d:bf:8b:
66:ea:76:84:02:e3:4a:99:82:96:f9:93:74:0a:26:
c0:09:31:eb:ab:e0:65:d8:89:da:b0:35:14:47:ed:
46:98:0b:10:ab:df:30:65:b7:54:7c:80:9f:5c:bf:
00:60:43:ac:a4:68:78:3e:c4:64:be:c2:94:50:ef:
ef:a9:94:45:9d:42:39:95:69:c6:58:f7:f9:3b:68:
b9:ff:c6:74:d4:30:9d:ab:71:88:79:b8:fc:9b:2f:
f1:09:3c:5b:5a:c9:c1:4f:b1:d6:36:0b:85:b2:ce:
df:b0:02:62:31:f2:61:09:09:0f:96:6d:2b:54:74:
75:3b:81:43:4b:7a:a0:4b:8f:95:17:d0:28:aa:cf:
22:14:86:54:cd:78:a7:d8:7c:da:5c:5e:6a:9c:83:
fa:28:ec:dd:4f:42:a4:42:e2:8a:f9:af:34:a1:ea:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:51:66:E7:1D:43:09:5D:24:A9:60:A1:7D:CC:D3:F5:A2:2A:91:39
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/8VFm5x1DCV0kqWChfczT9aIqkTk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.212.0/22
Signature Algorithm: sha256WithRSAEncryption
09:48:50:26:38:ee:e9:fe:f7:c6:58:e3:c8:05:61:6e:ed:03:
8c:08:a6:c6:9b:42:27:6e:28:eb:d0:c7:dc:1d:de:13:ad:77:
82:5c:61:6d:38:66:bd:31:a9:80:15:49:e4:a8:bb:fc:84:fa:
bc:65:c1:4d:3e:94:d7:c4:8c:c5:c2:91:48:80:4c:17:2f:76:
1a:40:79:fa:1c:fa:12:5a:5c:ad:77:77:9c:dc:4e:3f:22:29:
6d:29:37:d3:0c:24:31:51:60:ac:09:29:60:a9:ba:98:ba:6a:
7c:94:0b:02:1e:5a:79:95:58:35:f3:28:23:dc:bc:fc:3e:39:
bc:5f:e5:db:ff:cf:c0:b2:58:43:c5:4f:71:58:95:97:86:37:
0b:2c:22:4d:57:aa:7a:92:ff:32:e8:1c:3d:02:3d:f8:9a:dc:
c8:61:28:1d:cf:ff:b7:0f:84:4a:82:0b:4e:03:b8:88:3d:d0:
4b:bd:60:62:bb:07:82:cf:92:d8:28:13:c7:29:39:93:83:94:
ac:f3:2d:86:37:9b:80:48:76:64:e7:95:bc:af:2a:5f:a7:67:
86:0f:31:32:96:43:a1:15:b9:e2:7c:c4:37:8a:1e:d9:c4:36:
87:5f:c8:75:c2:eb:20:b7:64:b3:bb:1a:1f:e1:32:9e:f0:fb:
9b:0c:5e:c5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMjYw
OTA4MzBaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKEYxNTE2NkU3MUQ0MzA5
NUQyNEE5NjBBMTdEQ0NEM0Y1QTIyQTkxMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBycrZvj+U+urpQRneNlrmuRwDPadsE1+r2hxUGat66G0/fmI0
2diCts4iuTtT0c8vMhe12p4xQq6HM5IuxdC5Ep4xVM/YHtlsLcZGZOHu0qyLKtwM
142/i2bqdoQC40qZgpb5k3QKJsAJMeur4GXYidqwNRRH7UaYCxCr3zBlt1R8gJ9c
vwBgQ6ykaHg+xGS+wpRQ7++plEWdQjmVacZY9/k7aLn/xnTUMJ2rcYh5uPybL/EJ
PFtaycFPsdY2C4Wyzt+wAmIx8mEJCQ+WbStUdHU7gUNLeqBLj5UX0CiqzyIUhlTN
eKfYfNpcXmqcg/oo7N1PQqRC4or5rzSh6p/hAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8VFm5x1DCV0kqWChfczT9aIqkTkwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwLzhWRm01eDFEQ1Ywa3FX
Q2hmY3pUOWFJcWtUay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJyHNQwDQYJKoZIhvcNAQELBQADggEBAAlIUCY47un+98ZY48gFYW7tA4wIpsab
QiduKOvQx9wd3hOtd4JcYW04Zr0xqYAVSeSou/yE+rxlwU0+lNfEjMXCkUiATBcv
dhpAefoc+hJaXK13d5zcTj8iKW0pN9MMJDFRYKwJKWCpupi6anyUCwIeWnmVWDXz
KCPcvPw+Obxf5dv/z8CyWEPFT3FYlZeGNwssIk1XqnqS/zLoHD0CPfia3MhhKB3P
/7cPhEqCC04DuIg90Eu9YGK7B4LPktgoE8cpOZODlKzzLYY3m4BIdmTnlbyvKl+n
Z4YPMTKWQ6EVueJ8xDeKHtnENodfyHXC6yC3ZLO7Gh/hMp7w+5sMXsU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:34:08 2025 by rpki-client