Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/_WdpriYL9dfcmoTdc1BuwrhXgMg.roa
File: _WdpriYL9dfcmoTdc1BuwrhXgMg.roa (raw, json)
Hash identifier: IJ8GjasVvIyQjYEuIX97hI9+0czJr64JgOCZ7iBE+0I=
Subject key identifier: FD:67:69:AE:26:0B:F5:D7:DC:9A:84:DD:73:50:6E:C2:B8:57:80:C8
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C89
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/_WdpriYL9dfcmoTdc1BuwrhXgMg.roa
Signing time: Thu 05 Jun 2025 03:51:19 +0000
ROA not before: Thu 05 Jun 2025 03:51:19 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3209 (0xc89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:19 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=FD6769AE260BF5D7DC9A84DD73506EC2B85780C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:86:d1:bc:7f:cf:ad:03:c6:66:26:30:c7:f2:
b2:3d:df:76:4f:8e:6b:35:07:82:a0:61:04:1e:0a:
b3:de:8c:33:69:4a:1a:99:20:c2:ca:1b:ad:07:16:
82:58:ea:82:a6:30:f8:55:8c:7d:6a:54:78:02:fb:
a8:6d:c1:67:f9:14:ec:b1:f6:82:ef:f7:39:2e:98:
4e:6a:b2:cf:2a:93:a0:c8:70:ed:e2:02:2d:6d:3a:
55:dd:d1:91:fb:01:9f:cf:98:ee:82:19:3f:1f:b8:
d2:af:2b:7f:19:f4:a0:8d:34:4c:83:23:14:e5:c4:
c7:d1:5e:d7:35:b1:ed:91:f0:36:b4:f6:27:39:22:
94:a7:1c:88:33:91:be:4e:3d:bc:ef:59:81:57:eb:
4b:db:d9:dd:52:d1:6d:6f:24:fb:a0:05:3a:ca:74:
b5:b1:42:fc:8b:7b:73:47:50:6c:44:12:19:d4:11:
97:80:06:26:be:85:d5:df:98:d6:6b:b1:72:47:0d:
3d:fe:35:ae:48:e3:57:ce:71:52:0f:58:20:25:bb:
5b:cf:e6:93:64:0b:27:da:9b:88:f4:b4:b3:bb:b4:
9b:a5:5a:4b:f2:75:43:7e:5a:88:3c:34:45:6d:ee:
4c:d5:95:a0:33:a8:77:98:68:5f:de:65:be:bb:0b:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:67:69:AE:26:0B:F5:D7:DC:9A:84:DD:73:50:6E:C2:B8:57:80:C8
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/_WdpriYL9dfcmoTdc1BuwrhXgMg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.184.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:ea:cd:1b:80:c6:ff:74:b8:34:27:c4:e4:bb:f1:37:65:f4:
f3:58:43:31:bd:65:dd:34:77:7f:8d:70:96:ac:e1:13:aa:52:
f7:0c:b9:d9:0c:7c:6b:3b:5a:02:80:51:bc:0f:aa:ca:62:8d:
ed:40:6a:cb:fe:bf:52:17:73:35:55:75:f9:d8:27:cd:f3:91:
1d:f6:24:54:78:34:0d:67:3f:8c:94:c0:a7:a1:ca:18:01:b5:
5c:ae:59:20:f8:3c:f7:6f:71:07:09:3f:db:c2:df:35:79:3c:
e4:ae:6c:a8:7e:82:96:08:9f:38:da:c2:56:08:46:17:c8:c2:
69:d3:11:43:33:18:ab:bb:15:f9:f8:70:93:fb:8a:e5:6e:ff:
73:67:92:31:08:e4:e2:44:0d:45:29:ee:64:7b:e5:3c:e8:af:
9a:2e:b7:af:2a:5c:a6:90:13:13:00:f1:9d:a8:66:01:18:3e:
2f:b7:bd:fc:3f:ae:c1:5b:c2:4c:6a:52:15:59:72:07:c6:62:
6e:97:c1:90:e3:e8:b2:e6:64:a6:a3:a5:4e:45:5e:dd:f2:3e:
72:8a:46:d6:cf:76:45:16:16:fb:73:dc:f5:34:0d:ff:75:3a:
39:dd:9b:21:58:9c:34:11:af:6a:b7:0c:90:67:d9:13:07:f2:
0b:00:b0:a8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMTlaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKEZENjc2OUFFMjYwQkY1
RDdEQzlBODRERDczNTA2RUMyQjg1NzgwQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkhtG8f8+tA8ZmJjDH8rI933ZPjms1B4KgYQQeCrPejDNpShqZ
IMLKG60HFoJY6oKmMPhVjH1qVHgC+6htwWf5FOyx9oLv9zkumE5qss8qk6DIcO3i
Ai1tOlXd0ZH7AZ/PmO6CGT8fuNKvK38Z9KCNNEyDIxTlxMfRXtc1se2R8Da09ic5
IpSnHIgzkb5OPbzvWYFX60vb2d1S0W1vJPugBTrKdLWxQvyLe3NHUGxEEhnUEZeA
Bia+hdXfmNZrsXJHDT3+Na5I41fOcVIPWCAlu1vP5pNkCyfam4j0tLO7tJulWkvy
dUN+Wog8NEVt7kzVlaAzqHeYaF/eZb67C3JDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/WdpriYL9dfcmoTdc1BuwrhXgMgwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL19XZHByaVlMOWRmY21v
VGRjMUJ1d3JoWGdNZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr+LgwDQYJKoZIhvcNAQELBQADggEBALrqzRuAxv90uDQnxOS78Tdl9PNYQzG9
Zd00d3+NcJas4ROqUvcMudkMfGs7WgKAUbwPqspije1Aasv+v1IXczVVdfnYJ83z
kR32JFR4NA1nP4yUwKehyhgBtVyuWSD4PPdvcQcJP9vC3zV5POSubKh+gpYInzja
wlYIRhfIwmnTEUMzGKu7Ffn4cJP7iuVu/3NnkjEI5OJEDUUp7mR75Tzor5out68q
XKaQExMA8Z2oZgEYPi+3vfw/rsFbwkxqUhVZcgfGYm6XwZDj6LLmZKajpU5FXt3y
PnKKRtbPdkUWFvtz3PU0Df91OjndmyFYnDQRr2q3DJBn2RMH8gsAsKg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 00:51:36 2025 by rpki-client