Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/erB1JQe1Yaz9l7OG5yQ8Xa57n2Q.roa
File: erB1JQe1Yaz9l7OG5yQ8Xa57n2Q.roa (raw, json)
Hash identifier: OkB7VA01nHYmIxbQBOw1Xv2v43deP8SINCSzIUYO2Dw=
Subject key identifier: 7A:B0:75:25:07:B5:61:AC:FD:97:B3:86:E7:24:3C:5D:AE:7B:9F:64
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C86
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/erB1JQe1Yaz9l7OG5yQ8Xa57n2Q.roa
Signing time: Thu 05 Jun 2025 03:51:18 +0000
ROA not before: Thu 05 Jun 2025 03:51:18 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3206 (0xc86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:18 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=7AB0752507B561ACFD97B386E7243C5DAE7B9F64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8d:f7:eb:51:57:99:a9:36:e7:a3:26:b1:2b:
d2:94:8d:7f:05:d1:34:57:fe:36:05:a2:dd:18:1c:
cb:08:eb:f3:26:3c:fe:83:77:b5:3d:72:ad:b1:fd:
8c:98:84:c8:e5:36:ee:9e:60:e3:c8:5b:fe:b8:61:
d1:6a:f4:3b:f8:a1:f9:02:84:c9:13:5e:17:29:d0:
fe:c3:f5:37:26:f2:ae:11:b7:f4:c7:c4:0b:e4:28:
75:6c:95:21:b9:f0:b9:fd:70:10:90:d0:c3:31:41:
1f:90:3f:50:b6:f1:f5:51:d2:3b:97:9e:5d:ae:c6:
e2:70:97:d4:f0:23:bf:b5:c0:10:7a:9e:05:ad:5d:
fe:b7:0f:44:b0:ad:18:3d:88:59:c8:c8:33:0b:90:
c2:b6:1b:c0:37:90:80:f0:50:8b:11:4e:0d:44:fc:
c1:ab:4d:38:74:5f:3b:9b:65:de:9d:37:97:54:20:
b0:16:2c:a4:80:82:c2:48:d5:a7:5c:26:d8:14:c5:
4d:a2:a8:d3:f0:75:69:f1:d5:0e:eb:8f:47:c6:33:
97:1e:89:d8:c3:47:81:d9:48:d9:66:91:31:f6:1e:
7b:7b:68:53:67:f5:05:99:e1:db:32:f6:0e:63:91:
19:7a:cd:64:00:89:2d:51:2c:db:fd:28:f4:51:b1:
5a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B0:75:25:07:B5:61:AC:FD:97:B3:86:E7:24:3C:5D:AE:7B:9F:64
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/erB1JQe1Yaz9l7OG5yQ8Xa57n2Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.190.0/24
Signature Algorithm: sha256WithRSAEncryption
82:22:5e:88:ef:c5:94:2d:96:99:df:15:98:c5:f6:8a:a3:19:
ed:28:f6:dc:91:ef:07:0d:d7:76:97:6e:45:cd:32:21:ea:82:
40:e5:ac:52:33:a6:17:1f:f7:b3:6c:c7:09:5b:4b:8a:d5:14:
69:15:86:13:74:45:16:5f:eb:8b:b2:90:28:87:02:d7:32:00:
90:2e:68:58:5a:a0:49:44:15:88:d7:58:f7:57:6c:c9:1d:a2:
96:83:f3:5f:33:89:eb:13:00:0a:5a:2e:07:55:30:b9:ff:61:
1b:5c:77:5c:7f:5b:eb:a4:cf:4d:e1:c2:2f:b7:e9:5c:01:ad:
22:f0:80:3a:d9:27:e1:f7:e0:9f:08:eb:50:73:0d:be:2c:35:
6b:9d:9a:77:4d:6b:b8:f8:cc:1a:99:f7:d5:88:bb:f2:90:d1:
ce:e8:d6:0e:cc:d3:b6:08:e8:4c:fd:79:47:66:6e:9c:d7:35:
f4:33:b0:c8:93:58:4a:2d:8a:8f:b6:54:f4:e1:db:22:ce:2b:
2f:f9:72:33:c2:2e:56:7b:72:22:8a:b8:92:75:bc:57:e5:07:
db:e6:ce:12:27:30:12:64:b0:6f:f0:69:7d:16:0b:6d:36:4c:
57:6e:80:01:30:4d:57:cb:b6:e0:22:48:c8:d6:b9:c6:2a:b1:
f0:51:e1:c2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMThaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDdBQjA3NTI1MDdCNTYx
QUNGRDk3QjM4NkU3MjQzQzVEQUU3QjlGNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsjffrUVeZqTbnoyaxK9KUjX8F0TRX/jYFot0YHMsI6/MmPP6D
d7U9cq2x/YyYhMjlNu6eYOPIW/64YdFq9Dv4ofkChMkTXhcp0P7D9Tcm8q4Rt/TH
xAvkKHVslSG58Ln9cBCQ0MMxQR+QP1C28fVR0juXnl2uxuJwl9TwI7+1wBB6ngWt
Xf63D0SwrRg9iFnIyDMLkMK2G8A3kIDwUIsRTg1E/MGrTTh0XzubZd6dN5dUILAW
LKSAgsJI1adcJtgUxU2iqNPwdWnx1Q7rj0fGM5ceidjDR4HZSNlmkTH2Hnt7aFNn
9QWZ4dsy9g5jkRl6zWQAiS1RLNv9KPRRsVr3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUerB1JQe1Yaz9l7OG5yQ8Xa57n2QwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL2VyQjFKUWUxWWF6OWw3
T0c1eVE4WGE1N24yUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr+L4wDQYJKoZIhvcNAQELBQADggEBAIIiXojvxZQtlpnfFZjF9oqjGe0o9tyR
7wcN13aXbkXNMiHqgkDlrFIzphcf97NsxwlbS4rVFGkVhhN0RRZf64uykCiHAtcy
AJAuaFhaoElEFYjXWPdXbMkdopaD818ziesTAApaLgdVMLn/YRtcd1x/W+ukz03h
wi+36VwBrSLwgDrZJ+H34J8I61BzDb4sNWudmndNa7j4zBqZ99WIu/KQ0c7o1g7M
07YI6Ez9eUdmbpzXNfQzsMiTWEotio+2VPTh2yLOKy/5cjPCLlZ7ciKKuJJ1vFfl
B9vmzhInMBJksG/waX0WC202TFdugAEwTVfLtuAiSMjWucYqsfBR4cI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:30:00 2025 by rpki-client