Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/Slt4Qyvk74t_vxnXlvarKbsVGZ8.roa
File: Slt4Qyvk74t_vxnXlvarKbsVGZ8.roa (raw, json)
Hash identifier: 3e2p8QxVbaHieENgXANzUbfP4bzuWA0nx7+rjiEwAKY=
Subject key identifier: 4A:5B:78:43:2B:E4:EF:8B:7F:BF:19:D7:96:F6:AB:29:BB:15:19:9F
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C85
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/Slt4Qyvk74t_vxnXlvarKbsVGZ8.roa
Signing time: Thu 05 Jun 2025 03:51:17 +0000
ROA not before: Thu 05 Jun 2025 03:51:17 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3205 (0xc85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:17 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=4A5B78432BE4EF8B7FBF19D796F6AB29BB15199F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e5:07:40:04:80:ad:7e:5b:e6:61:f5:84:75:
b9:a6:27:00:30:69:d3:34:26:78:9b:e5:9f:2e:6b:
37:b9:86:98:94:6d:d6:ba:8c:fb:44:1d:29:70:6f:
d3:01:c6:3d:24:3c:7b:3f:74:e9:40:c6:e9:a9:e3:
fc:ef:79:86:06:f3:f1:f2:f4:b5:71:81:e2:33:df:
0f:1c:59:c0:d7:da:6c:97:85:9a:ab:25:63:26:d7:
ab:d4:72:83:a0:0a:84:2b:0e:91:b0:08:1d:c9:fd:
09:b8:41:d4:58:76:e8:5f:dd:f0:fe:1f:9d:c1:30:
55:18:2b:fb:22:e6:f1:d3:12:4e:b8:4a:fa:76:af:
48:1f:b3:da:2f:f5:fd:57:85:85:f9:5f:d2:5a:85:
1f:d6:b4:a7:76:d7:19:bd:44:8e:61:0f:e3:7b:0e:
55:30:01:f0:9f:02:8d:68:32:b6:28:c2:e1:14:11:
d6:e8:ed:5a:eb:de:d3:59:f1:0e:b5:8f:5c:92:a8:
eb:2f:39:2a:36:3f:15:73:d9:03:0b:6c:86:ed:bf:
74:d3:6f:df:db:00:a9:37:e2:23:2a:df:26:72:ad:
63:60:ad:b5:38:b7:60:4e:44:71:d6:e7:d9:d0:da:
75:b0:0c:34:08:d9:17:c7:60:3c:9f:f6:83:a5:5e:
12:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:5B:78:43:2B:E4:EF:8B:7F:BF:19:D7:96:F6:AB:29:BB:15:19:9F
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/Slt4Qyvk74t_vxnXlvarKbsVGZ8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:a9:60:d8:81:aa:7e:28:eb:fe:5e:ac:ad:87:37:7c:7c:e9:
2c:bf:96:90:62:68:57:73:21:53:a2:5f:ee:bc:8d:fb:6e:89:
77:c6:8a:25:46:93:46:64:e6:98:23:e5:48:27:42:2e:bd:09:
b4:e3:2d:ab:f2:eb:b8:9f:19:14:9d:3c:07:13:ce:f8:9e:79:
93:d8:78:0f:50:de:16:87:04:04:74:dc:a4:8e:46:e0:67:72:
c1:65:02:10:dd:82:d7:cd:3d:eb:2e:01:65:84:ed:5c:fa:4d:
59:24:a5:00:d7:c6:7e:0a:be:24:c9:96:78:2a:69:d3:90:57:
5f:5d:70:36:69:e4:71:0d:58:7f:37:7f:7f:8b:49:4c:65:01:
90:b6:42:6c:23:68:da:6e:7b:c5:68:80:b5:77:3f:79:90:d6:
8f:20:fb:1c:4f:e6:d3:92:4c:f3:2a:67:82:cc:44:bb:f5:27:
3c:30:4b:af:af:db:41:04:24:d7:ce:01:eb:c5:70:86:d1:9d:
05:bb:23:c2:99:44:51:08:1e:45:04:a4:f2:c7:28:c2:57:b5:
6e:25:1e:a9:77:dd:e5:43:7a:f9:7f:87:d7:88:9c:10:be:49:
a5:b5:a0:6a:9f:35:f5:c9:2f:9e:28:12:03:fe:09:0b:71:2d:
d0:3f:ae:cc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMTdaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDRBNUI3ODQzMkJFNEVG
OEI3RkJGMTlENzk2RjZBQjI5QkIxNTE5OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCV5QdABICtflvmYfWEdbmmJwAwadM0Jnib5Z8uaze5hpiUbda6
jPtEHSlwb9MBxj0kPHs/dOlAxump4/zveYYG8/Hy9LVxgeIz3w8cWcDX2myXhZqr
JWMm16vUcoOgCoQrDpGwCB3J/Qm4QdRYduhf3fD+H53BMFUYK/si5vHTEk64Svp2
r0gfs9ov9f1XhYX5X9JahR/WtKd21xm9RI5hD+N7DlUwAfCfAo1oMrYowuEUEdbo
7Vrr3tNZ8Q61j1ySqOsvOSo2PxVz2QMLbIbtv3TTb9/bAKk34iMq3yZyrWNgrbU4
t2BORHHW59nQ2nWwDDQI2RfHYDyf9oOlXhJ1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSlt4Qyvk74t/vxnXlvarKbsVGZ8wHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL1NsdDRReXZrNzR0X3Z4
blhsdmFyS2JzVkdaOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr+L0wDQYJKoZIhvcNAQELBQADggEBALmpYNiBqn4o6/5erK2HN3x86Sy/lpBi
aFdzIVOiX+68jftuiXfGiiVGk0Zk5pgj5UgnQi69CbTjLavy67ifGRSdPAcTzvie
eZPYeA9Q3haHBAR03KSORuBncsFlAhDdgtfNPesuAWWE7Vz6TVkkpQDXxn4KviTJ
lngqadOQV19dcDZp5HENWH83f3+LSUxlAZC2QmwjaNpue8VogLV3P3mQ1o8g+xxP
5tOSTPMqZ4LMRLv1JzwwS6+v20EEJNfOAevFcIbRnQW7I8KZRFEIHkUEpPLHKMJX
tW4lHql33eVDevl/h9eInBC+SaW1oGqfNfXJL54oEgP+CQtxLdA/rsw=
-----END CERTIFICATE-----
Generated at Fri Jun 20 10:13:26 2025 by rpki-client