Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/npd1wsO8WD56P80Q7I-P11bvM6M.roa
File: npd1wsO8WD56P80Q7I-P11bvM6M.roa (raw, json)
Hash identifier: 3a2rMhupHpgpbOp/gMnIvd6k8QTWaCvEyslARgOT8co=
Subject key identifier: 9E:97:75:C2:C3:BC:58:3E:7A:3F:CD:10:EC:8F:8F:D7:56:EF:33:A3
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C8B
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/npd1wsO8WD56P80Q7I-P11bvM6M.roa
Signing time: Thu 05 Jun 2025 03:51:20 +0000
ROA not before: Thu 05 Jun 2025 03:51:20 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.184.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3211 (0xc8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:20 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=9E9775C2C3BC583E7A3FCD10EC8F8FD756EF33A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4c:6e:d4:a2:0f:b1:31:07:26:07:b0:c8:f7:
46:87:0a:7c:c6:b8:7f:d1:b7:8e:8f:f9:7d:bf:0f:
5b:83:e2:d1:98:26:99:e2:7b:b7:91:0e:28:8a:e0:
59:1e:c7:d7:d5:2b:f5:5e:1b:ea:7d:48:69:8d:ba:
3b:d4:a0:f5:ff:19:f1:74:30:ec:54:80:f9:25:ff:
1e:1f:a7:85:10:b7:29:39:87:2a:8f:82:6e:aa:4f:
50:ac:52:12:4f:62:33:44:5f:0f:8d:b8:48:6a:4b:
be:40:e1:c1:a5:8d:e1:e1:9c:30:6f:df:f7:d2:54:
fa:8a:86:6a:e7:1d:62:d1:b0:60:17:8f:4c:2d:9e:
89:77:b2:91:c4:64:bd:69:3f:58:f7:a2:66:13:6e:
05:c4:1a:f6:e0:34:c7:f0:e6:38:fb:25:eb:ac:11:
3d:4f:93:b2:de:50:13:e1:7d:28:68:8f:68:26:26:
63:44:7e:0c:40:9e:02:0b:86:f4:25:cf:f3:4f:57:
2b:75:22:7b:0a:ac:39:9b:f8:e6:75:a5:bb:85:85:
cb:e6:15:ca:2d:63:e6:96:25:b7:21:c5:3e:c1:1d:
cf:9e:81:84:08:f1:2f:ee:5d:f5:e6:4b:f8:dd:ce:
fe:7a:a4:bc:89:0f:10:49:d5:1f:d7:d3:6d:67:87:
a2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:97:75:C2:C3:BC:58:3E:7A:3F:CD:10:EC:8F:8F:D7:56:EF:33:A3
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/npd1wsO8WD56P80Q7I-P11bvM6M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.184.0/21
Signature Algorithm: sha256WithRSAEncryption
45:1a:6a:64:0d:44:92:d9:18:d2:33:8e:b0:32:7c:86:e9:f7:
51:92:3d:6a:9c:a9:24:a7:e5:82:fc:10:8b:a3:90:97:65:5c:
79:1e:b0:88:2d:d5:24:43:6a:0a:cf:a6:7b:ba:de:31:9f:f6:
eb:61:c0:11:f0:27:76:c0:4f:23:cf:99:06:08:b6:02:6c:9c:
d3:2e:4e:46:c9:a2:65:24:38:b2:05:65:63:33:9e:07:f4:5d:
58:e8:e0:9e:8d:e4:c0:d7:15:13:ad:63:53:df:a4:4f:d0:e5:
59:76:76:42:9f:1c:b7:2e:6b:fc:4a:63:80:aa:46:85:4a:04:
b6:ca:9e:85:e6:1c:08:b3:56:db:49:f5:3f:b4:a4:17:b6:fc:
b0:22:d3:5e:f2:d8:a4:26:67:78:64:42:bd:de:39:3a:ed:b3:
ba:10:64:7f:95:f5:bc:a9:34:56:13:6f:e8:17:c7:c7:51:38:
f5:81:b2:70:cd:e4:36:32:c9:cd:ef:66:cf:f9:fc:90:5d:4a:
8a:15:d3:06:92:e6:5c:3b:9b:4c:c8:9e:52:16:db:40:99:71:
35:0f:0e:4d:45:ef:1e:75:96:47:b6:f0:9b:0f:32:ac:15:4e:
2c:ae:55:4c:fa:7c:3e:5f:e3:33:f0:7b:67:71:b2:ca:51:18:
08:d6:bf:04
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMjBaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDlFOTc3NUMyQzNCQzU4
M0U3QTNGQ0QxMEVDOEY4RkQ3NTZFRjMzQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsTG7Uog+xMQcmB7DI90aHCnzGuH/Rt46P+X2/D1uD4tGYJpni
e7eRDiiK4Fkex9fVK/VeG+p9SGmNujvUoPX/GfF0MOxUgPkl/x4fp4UQtyk5hyqP
gm6qT1CsUhJPYjNEXw+NuEhqS75A4cGljeHhnDBv3/fSVPqKhmrnHWLRsGAXj0wt
nol3spHEZL1pP1j3omYTbgXEGvbgNMfw5jj7JeusET1Pk7LeUBPhfShoj2gmJmNE
fgxAngILhvQlz/NPVyt1InsKrDmb+OZ1pbuFhcvmFcotY+aWJbchxT7BHc+egYQI
8S/uXfXmS/jdzv56pLyJDxBJ1R/X021nh6JjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUnpd1wsO8WD56P80Q7I+P11bvM6MwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL25wZDF3c084V0Q1NlA4
MFE3SS1QMTFidk02TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAMr+LgwDQYJKoZIhvcNAQELBQADggEBAEUaamQNRJLZGNIzjrAyfIbp91GSPWqc
qSSn5YL8EIujkJdlXHkesIgt1SRDagrPpnu63jGf9uthwBHwJ3bATyPPmQYItgJs
nNMuTkbJomUkOLIFZWMzngf0XVjo4J6N5MDXFROtY1PfpE/Q5Vl2dkKfHLcua/xK
Y4CqRoVKBLbKnoXmHAizVttJ9T+0pBe2/LAi017y2KQmZ3hkQr3eOTrts7oQZH+V
9bypNFYTb+gXx8dROPWBsnDN5DYyyc3vZs/5/JBdSooV0waS5lw7m0zInlIW20CZ
cTUPDk1F7x51lke28JsPMqwVTiyuVUz6fD5f4zPwe2dxsspRGAjWvwQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:50:05 2025 by rpki-client