Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/SJ3bD76NaqG5-ed8ECB4Zv4aNE0.roa
File: SJ3bD76NaqG5-ed8ECB4Zv4aNE0.roa (raw, json)
Hash identifier: nlhWagxEXy3GQzcf6hjuXn8XzDH6cFLQ+2mL5jh3l9g=
Subject key identifier: 48:9D:DB:0F:BE:8D:6A:A1:B9:F9:E7:7C:10:20:78:66:FE:1A:34:4D
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C8A
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/SJ3bD76NaqG5-ed8ECB4Zv4aNE0.roa
Signing time: Thu 05 Jun 2025 03:51:19 +0000
ROA not before: Thu 05 Jun 2025 03:51:19 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3210 (0xc8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:19 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=489DDB0FBE8D6AA1B9F9E77C10207866FE1A344D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:34:68:72:35:5e:8d:57:0d:81:b9:07:41:04:
0d:92:94:75:62:7f:ef:45:02:fb:a6:fa:e6:4d:48:
84:94:61:d1:8c:74:af:a7:bf:c5:0d:41:9a:3b:79:
8a:af:41:d3:a8:cf:38:8c:de:88:fa:91:d8:46:db:
f0:a7:0b:2b:51:bf:52:e6:36:4c:9d:4b:07:8b:0c:
34:bf:d3:03:02:a6:06:f4:ca:05:c4:dd:eb:19:9c:
7b:63:d5:fb:cb:38:1e:5a:99:ca:90:d9:8f:f1:5b:
d3:b2:cd:6b:76:3f:09:fd:40:76:55:7f:43:4e:3c:
57:3d:b4:6d:34:14:a1:c6:c9:c8:5a:4e:08:92:3b:
97:30:cc:bb:e1:ab:41:ad:d1:73:c1:25:50:c6:78:
d0:30:57:26:77:bc:0c:3b:a9:15:51:25:f7:5c:5d:
00:1d:ec:38:3a:83:83:99:59:a0:64:9f:e9:3e:45:
db:8d:7c:3d:cc:6f:4b:29:60:f1:ae:38:ed:47:17:
ef:68:ab:20:6c:49:b6:e3:8c:df:51:a1:62:86:c5:
2b:5e:92:cf:f3:64:26:84:7a:f8:78:c6:42:ac:91:
a3:29:8d:81:42:e5:39:68:77:d3:52:97:90:f9:e1:
16:03:6b:b5:54:b7:e2:ab:44:29:67:ed:52:55:d6:
9d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9D:DB:0F:BE:8D:6A:A1:B9:F9:E7:7C:10:20:78:66:FE:1A:34:4D
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/SJ3bD76NaqG5-ed8ECB4Zv4aNE0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.185.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:99:93:9c:d4:17:44:73:c4:9f:17:29:e7:5c:76:14:9d:2f:
b5:64:41:39:41:dd:e3:05:8e:fe:97:3d:3d:25:10:f4:27:f4:
47:a6:6f:ef:98:a6:1d:43:fe:f8:4a:55:27:8e:f6:b9:bf:04:
8a:03:0f:50:8e:15:3f:2a:76:b9:22:90:4b:98:a8:34:04:1c:
3f:87:4c:24:07:55:69:b6:ea:b6:02:d8:01:76:51:65:e7:49:
11:ec:8a:1e:d3:a6:09:2c:4d:57:91:ef:67:61:9d:f4:ef:e3:
fb:a3:01:ad:34:bd:ef:83:27:79:bb:92:6d:57:66:8f:45:ff:
f6:4b:15:71:ed:72:30:b3:3b:47:89:2a:79:95:c6:92:5a:8e:
de:ab:44:80:17:58:e0:68:08:45:a0:e2:04:23:2f:4d:2d:a3:
84:a1:37:9c:dd:1b:57:55:88:8e:d2:e7:45:9c:0e:73:34:df:
fc:2e:31:f3:9b:b2:1d:70:35:8e:15:3e:a0:12:55:47:ec:73:
2f:22:62:1c:4d:db:01:bc:67:30:e2:df:2a:6f:37:a8:eb:fe:
f9:52:72:03:87:d5:db:64:eb:cc:ec:f9:1d:d1:c3:64:dd:3e:
d4:50:79:47:da:d4:67:6d:27:19:8c:da:69:e0:a0:75:28:72:
0d:04:30:c8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMTlaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDQ4OUREQjBGQkU4RDZB
QTFCOUY5RTc3QzEwMjA3ODY2RkUxQTM0NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiNGhyNV6NVw2BuQdBBA2SlHVif+9FAvum+uZNSISUYdGMdK+n
v8UNQZo7eYqvQdOozziM3oj6kdhG2/CnCytRv1LmNkydSweLDDS/0wMCpgb0ygXE
3esZnHtj1fvLOB5amcqQ2Y/xW9OyzWt2Pwn9QHZVf0NOPFc9tG00FKHGychaTgiS
O5cwzLvhq0Gt0XPBJVDGeNAwVyZ3vAw7qRVRJfdcXQAd7Dg6g4OZWaBkn+k+RduN
fD3Mb0spYPGuOO1HF+9oqyBsSbbjjN9RoWKGxSteks/zZCaEevh4xkKskaMpjYFC
5Tlod9NSl5D54RYDa7VUt+KrRCln7VJV1p1JAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSJ3bD76NaqG5+ed8ECB4Zv4aNE0wHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL1NKM2JENzZOYXFHNS1l
ZDhFQ0I0WnY0YU5FMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr+LkwDQYJKoZIhvcNAQELBQADggEBALWZk5zUF0RzxJ8XKedcdhSdL7VkQTlB
3eMFjv6XPT0lEPQn9Eemb++Yph1D/vhKVSeO9rm/BIoDD1COFT8qdrkikEuYqDQE
HD+HTCQHVWm26rYC2AF2UWXnSRHsih7TpgksTVeR72dhnfTv4/ujAa00ve+DJ3m7
km1XZo9F//ZLFXHtcjCzO0eJKnmVxpJajt6rRIAXWOBoCEWg4gQjL00to4ShN5zd
G1dViI7S50WcDnM03/wuMfObsh1wNY4VPqASVUfscy8iYhxN2wG8ZzDi3ypvN6jr
/vlScgOH1dtk68zs+R3Rw2TdPtRQeUfa1GdtJxmM2mngoHUocg0EMMg=
-----END CERTIFICATE-----
Generated at Thu Jun 19 23:43:15 2025 by rpki-client