Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/pIUsr8dIOWzKCEysYJ9z63HtYbQ.roa
File: pIUsr8dIOWzKCEysYJ9z63HtYbQ.roa (raw, json)
Hash identifier: UY2YmsItWTgiOUyQdBTzBPyLuZf83KRYnaCDo42thpw=
Subject key identifier: A4:85:2C:AF:C7:48:39:6C:CA:08:4C:AC:60:9F:73:EB:71:ED:61:B4
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 11F0
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/pIUsr8dIOWzKCEysYJ9z63HtYbQ.roa
Signing time: Sat 26 Apr 2025 13:20:09 +0000
ROA not before: Sat 26 Apr 2025 13:20:09 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 23853
IP address blocks: 211.147.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Apr 2025 13:45:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4592 (0x11f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: Apr 26 13:20:09 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A4852CAFC748396CCA084CAC609F73EB71ED61B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f3:0a:a1:87:28:56:92:46:18:fa:75:c3:9d:
7f:e9:4f:84:32:e1:06:92:ac:dd:46:f3:48:09:d8:
25:d9:f7:78:7a:51:09:ed:4d:80:65:e5:e5:78:cd:
6c:12:9a:d3:91:f7:01:4b:11:a0:86:40:36:45:41:
10:b6:81:5d:13:67:48:88:51:96:55:4b:94:d2:67:
a7:24:ed:e2:6e:f5:ba:52:aa:2d:a9:97:ef:a0:4c:
b1:f3:59:ad:0e:1d:9c:43:be:0c:13:0b:43:cb:c8:
7c:6b:41:41:5f:e5:98:c0:d6:b6:27:b1:91:c0:f0:
52:bb:cd:c6:37:fc:89:f3:91:7b:81:47:29:8e:f4:
f4:ca:af:88:74:e3:d4:ee:70:c6:e4:b5:0a:c7:ca:
01:93:fa:50:17:fc:b8:a0:5b:90:d0:34:bf:71:af:
de:10:ea:f4:a6:5e:fb:6d:74:ef:7a:f6:d4:89:35:
93:38:6b:5c:97:c2:dc:f3:71:96:35:ae:6b:c0:c9:
c4:ff:95:80:9f:23:57:f5:52:b0:67:c6:08:54:03:
b0:ad:c2:17:61:75:02:55:b0:fe:74:87:48:5f:25:
ab:37:d9:77:5d:4b:79:35:97:8e:9a:d0:df:3f:a8:
2f:66:3f:94:e2:22:cb:84:34:9d:ba:5a:2b:dc:50:
2b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:85:2C:AF:C7:48:39:6C:CA:08:4C:AC:60:9F:73:EB:71:ED:61:B4
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/pIUsr8dIOWzKCEysYJ9z63HtYbQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.147.65.0/24
Signature Algorithm: sha256WithRSAEncryption
18:bf:f6:08:39:94:71:5b:62:5a:a2:e8:d2:cf:c2:dc:e6:ba:
1f:a4:2d:55:38:dd:99:4b:bb:f2:99:b2:5b:1d:71:62:05:f0:
12:13:9f:c4:7e:7d:00:17:16:47:2a:d2:e0:44:ce:4c:90:da:
9a:fb:97:06:b3:13:23:af:e9:5e:53:fd:9c:42:98:c4:d7:11:
bd:93:10:d0:85:04:10:ec:eb:0c:83:85:3b:6e:b6:95:ba:52:
f8:29:10:89:d0:b2:55:9e:9d:60:b1:68:aa:ee:a3:71:fb:d1:
d6:28:64:96:0d:15:c4:76:cb:aa:d6:b4:f6:bd:c4:66:b5:70:
c8:88:32:24:c4:eb:9a:48:45:21:44:53:ca:75:fd:ce:e4:58:
94:a4:a5:d1:4c:05:4f:12:30:8b:7b:b9:05:d3:33:8c:8c:2e:
dd:cb:ef:9f:00:ed:63:91:83:e3:fc:79:82:cd:20:65:48:cc:
c4:14:c7:c6:79:ee:d6:4f:ca:74:b6:f4:4f:e2:9d:bb:2b:a6:
ad:f7:46:3c:f7:29:de:fe:28:df:bd:33:36:cb:bc:ac:68:7b:
0d:ee:28:d2:20:e5:d3:87:6c:e1:f7:11:96:26:2a:23:80:ef:
c7:18:33:e0:db:8c:f6:a9:79:20:14:e8:82:96:26:b3:84:09:
7f:b8:33:75
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICEfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA0MjYx
MzIwMDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE0ODUyQ0FGQzc0ODM5
NkNDQTA4NENBQzYwOUY3M0VCNzFFRDYxQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU8wqhhyhWkkYY+nXDnX/pT4Qy4QaSrN1G80gJ2CXZ93h6UQnt
TYBl5eV4zWwSmtOR9wFLEaCGQDZFQRC2gV0TZ0iIUZZVS5TSZ6ck7eJu9bpSqi2p
l++gTLHzWa0OHZxDvgwTC0PLyHxrQUFf5ZjA1rYnsZHA8FK7zcY3/InzkXuBRymO
9PTKr4h049TucMbktQrHygGT+lAX/LigW5DQNL9xr94Q6vSmXvttdO969tSJNZM4
a1yXwtzzcZY1rmvAycT/lYCfI1f1UrBnxghUA7CtwhdhdQJVsP50h0hfJas32Xdd
S3k1l46a0N8/qC9mP5TiIsuENJ26WivcUCvPAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUpIUsr8dIOWzKCEysYJ9z63HtYbQwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9wSVVzcjhkSU9XektDRXlz
WUo5ejYzSHRZYlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
05NBMA0GCSqGSIb3DQEBCwUAA4IBAQAYv/YIOZRxW2JaoujSz8Lc5rofpC1VON2Z
S7vymbJbHXFiBfASE5/Efn0AFxZHKtLgRM5MkNqa+5cGsxMjr+leU/2cQpjE1xG9
kxDQhQQQ7OsMg4U7braVulL4KRCJ0LJVnp1gsWiq7qNx+9HWKGSWDRXEdsuq1rT2
vcRmtXDIiDIkxOuaSEUhRFPKdf3O5FiUpKXRTAVPEjCLe7kF0zOMjC7dy++fAO1j
kYPj/HmCzSBlSMzEFMfGee7WT8p0tvRP4p27K6at90Y89yne/ijfvTM2y7ysaHsN
7ijSIOXTh2zh9xGWJiojgO/HGDPg24z2qXkgFOiCliazhAl/uDN1
-----END CERTIFICATE-----
Generated at Fri May 9 16:18:55 2025 by rpki-client