Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/mstubV0wzHB_TOXTFqdQ5t9cmQY.roa
File: mstubV0wzHB_TOXTFqdQ5t9cmQY.roa (raw, json)
Hash identifier: /cbi5eakvyNYuV73in4vhEm2JA605FxcGtiBRnR5PRo=
Subject key identifier: 9A:CB:6E:6D:5D:30:CC:70:7F:4C:E5:D3:16:A7:50:E6:DF:5C:99:06
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 0197
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/mstubV0wzHB_TOXTFqdQ5t9cmQY.roa
Signing time: Mon 31 Mar 2025 05:49:19 +0000
ROA not before: Mon 31 Mar 2025 05:49:19 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 24413
IP address blocks: 114.28.201.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 15:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407 (0x197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Mar 31 05:49:19 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=9ACB6E6D5D30CC707F4CE5D316A750E6DF5C9906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5f:9e:36:ea:96:d7:58:22:f7:78:23:53:be:
72:46:32:52:88:15:89:43:e2:8e:ab:32:7c:87:e2:
88:c3:9c:a5:63:95:22:65:8b:55:43:fb:7d:2f:eb:
ed:3e:cf:6b:c1:fa:1b:aa:65:ca:d1:17:3b:af:ef:
5d:57:0d:b4:28:b9:5c:a2:5e:19:78:9b:eb:54:35:
be:8d:77:14:75:87:a3:27:72:33:af:6c:8e:2f:d9:
0c:da:ff:a5:9c:c3:64:60:39:8e:ba:e9:ba:11:3f:
6a:76:c3:42:1e:55:02:69:45:56:5d:d8:72:0a:3c:
7d:59:ba:e5:c9:c9:15:3c:51:f4:f6:ee:3b:2a:6b:
bd:ef:3f:27:19:7d:2b:de:e3:4f:be:15:51:2b:f6:
2c:6e:b6:be:36:84:82:ea:d0:17:32:62:f8:f5:d1:
1b:55:0d:31:8c:09:36:d0:da:b5:5a:49:f0:4e:a4:
1c:69:91:77:ae:0b:88:d0:cd:67:9a:79:cc:cf:0b:
3f:de:33:74:9f:17:e8:52:da:a6:e8:72:d2:f1:ac:
97:39:a5:17:01:13:3f:60:53:83:16:18:fa:7f:c4:
3c:16:d4:a9:66:40:af:90:71:b8:ac:e6:1c:67:e2:
28:ee:ed:1b:a2:fc:13:d1:70:59:c4:d6:5c:e7:2f:
59:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CB:6E:6D:5D:30:CC:70:7F:4C:E5:D3:16:A7:50:E6:DF:5C:99:06
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/mstubV0wzHB_TOXTFqdQ5t9cmQY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.201.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a5:56:c9:0d:39:64:3d:d0:20:3c:3e:9b:96:7f:37:b8:bd:
d9:97:68:93:c8:67:9f:13:94:df:23:03:54:c2:6b:d8:54:01:
f2:69:79:33:c0:ed:4b:2e:20:63:43:46:a4:33:17:57:bb:90:
79:57:97:43:84:af:ff:87:35:f7:85:99:7c:ba:7d:51:ca:d9:
18:63:fc:8c:66:2b:51:67:25:d3:11:5e:fd:6e:8e:52:91:47:
e9:06:4b:39:0c:aa:d1:cf:09:c0:e5:85:2f:24:f2:a5:a7:5c:
47:0c:6f:e0:29:65:54:ec:79:f3:ae:d9:40:4e:93:7e:7a:51:
5e:55:d6:04:83:70:e0:d8:92:a0:79:63:99:4c:d2:34:7d:0e:
09:78:6c:94:04:44:98:72:c1:2c:a3:50:2f:7c:c5:72:32:e5:
5f:c0:1a:de:d1:57:2f:c8:8d:41:51:20:03:9a:23:3d:40:ed:
58:0f:b9:6f:4e:db:c1:4d:8c:a3:57:5a:f8:3e:f1:91:f3:5a:
b3:f6:bc:bc:04:47:04:7d:e1:01:32:af:ae:b3:99:e9:cf:cc:
1b:cb:77:97:16:03:27:8c:28:e6:41:ee:32:2c:f4:e7:b0:52:
b2:77:a4:9d:45:37:35:9e:59:45:dd:cf:eb:a2:20:91:4d:6f:
85:0b:46:50
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMzEw
NTQ5MTlaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDlBQ0I2RTZENUQzMEND
NzA3RjRDRTVEMzE2QTc1MEU2REY1Qzk5MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9X5426pbXWCL3eCNTvnJGMlKIFYlD4o6rMnyH4ojDnKVjlSJl
i1VD+30v6+0+z2vB+huqZcrRFzuv711XDbQouVyiXhl4m+tUNb6NdxR1h6MncjOv
bI4v2Qza/6Wcw2RgOY666boRP2p2w0IeVQJpRVZd2HIKPH1ZuuXJyRU8UfT27jsq
a73vPycZfSve40++FVEr9ixutr42hILq0BcyYvj10RtVDTGMCTbQ2rVaSfBOpBxp
kXeuC4jQzWeaeczPCz/eM3SfF+hS2qboctLxrJc5pRcBEz9gU4MWGPp/xDwW1Klm
QK+Qcbis5hxn4iju7Rui/BPRcFnE1lznL1kVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUmstubV0wzHB/TOXTFqdQ5t9cmQYwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL21zdHViVjB3ekhCX1RP
WFRGcWRRNXQ5Y21RWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAByHMkwDQYJKoZIhvcNAQELBQADggEBAH2lVskNOWQ90CA8PpuWfze4vdmXaJPI
Z58TlN8jA1TCa9hUAfJpeTPA7UsuIGNDRqQzF1e7kHlXl0OEr/+HNfeFmXy6fVHK
2Rhj/IxmK1FnJdMRXv1ujlKRR+kGSzkMqtHPCcDlhS8k8qWnXEcMb+ApZVTsefOu
2UBOk356UV5V1gSDcODYkqB5Y5lM0jR9Dgl4bJQERJhywSyjUC98xXIy5V/AGt7R
Vy/IjUFRIAOaIz1A7VgPuW9O28FNjKNXWvg+8ZHzWrP2vLwERwR94QEyr66zmenP
zBvLd5cWAyeMKOZB7jIs9OewUrJ3pJ1FNzWeWUXdz+uiIJFNb4ULRlA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:33:39 2025 by rpki-client