Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576723372179458/0/3132302e3133362e32302e302f32322d3234203d3e20313331333134.roa
File: 3132302e3133362e32302e302f32322d3234203d3e20313331333134.roa (raw, json)
Hash identifier: tVykozT4qAYtL3AOPoCdB8F3GS04gpCEtAAbYce7cC8=
Subject key identifier: 61:1D:15:A7:4F:A9:0D:83:8B:CE:3D:20:D9:26:46:E5:8D:76:D6:EA
Certificate issuer: /CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE
Certificate serial: 645D5AFBC2FD83E581CC136942AD228DC3FB139B
Authority key identifier: 8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/3132302e3133362e32302e302f32322d3234203d3e20313331333134.roa
Signing time: Mon 11 May 2026 11:10:18 +0000
ROA not before: Mon 11 May 2026 11:05:18 +0000
ROA not after: Mon 10 May 2027 11:10:18 +0000
asID: 131314
IP address blocks: 120.136.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 May 2026 09:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:5d:5a:fb:c2:fd:83:e5:81:cc:13:69:42:ad:22:8d:c3:fb:13:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE
Validity
Not Before: May 11 11:05:18 2026 GMT
Not After : May 10 11:10:18 2027 GMT
Subject: CN=611D15A74FA90D838BCE3D20D92646E58D76D6EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:71:a4:0e:4b:7f:6e:88:2e:3c:ae:7b:e1:95:
a8:6e:46:23:92:d8:eb:e5:4e:4e:24:c4:0f:75:2c:
b1:c1:80:9a:f1:e5:0f:4e:35:8a:aa:6a:5b:dc:75:
4e:f9:7e:bd:8e:b9:ac:42:ba:21:4e:7b:a9:19:20:
f5:0a:18:06:01:b1:bd:7c:c5:b7:94:bd:dd:93:48:
f9:43:6e:b3:58:d4:b3:17:42:c1:5e:74:0b:75:60:
eb:03:bc:35:e5:a5:11:0e:8d:52:8f:fd:7b:0c:63:
0a:97:c2:fa:1d:15:3c:bc:3a:c4:cc:bd:26:06:f5:
c2:54:7f:57:90:23:16:a5:ae:26:47:49:04:a5:cc:
b6:b7:3a:e5:db:9a:99:99:d4:1e:2c:dc:f7:e5:11:
30:a2:99:d0:fa:72:ac:40:ed:1a:31:96:d3:e9:dd:
5a:b2:00:75:cd:80:f3:00:b8:da:1b:b9:0d:b0:55:
e0:f2:34:8b:d3:80:67:e7:1a:71:f7:3b:af:3d:e3:
b2:80:96:1b:a7:6c:72:c9:aa:d3:aa:39:a5:6b:37:
07:eb:b6:e4:89:05:11:8d:fa:d5:c3:3f:41:05:da:
e5:d0:25:5c:f1:7a:aa:b7:d8:ff:a7:a2:82:e8:dd:
60:17:60:1c:c5:cb:c0:4a:d2:b1:8c:9c:82:37:a1:
d7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1D:15:A7:4F:A9:0D:83:8B:CE:3D:20:D9:26:46:E5:8D:76:D6:EA
X509v3 Authority Key Identifier:
keyid:8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/3132302e3133362e32302e302f32322d3234203d3e20313331333134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.136.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:0a:e8:1b:23:d2:a0:da:1d:f6:0c:12:df:8f:3e:a0:91:9e:
af:32:4f:73:1e:89:85:b9:8c:46:b8:a7:7d:32:6a:9e:e7:62:
22:4b:79:76:92:f8:31:54:b8:7d:40:a6:a3:0e:eb:c8:79:d2:
91:aa:65:bc:d2:64:10:42:68:8f:fe:69:be:a9:24:9c:20:b1:
21:74:e9:97:08:67:a6:71:fd:be:de:60:ef:00:c2:cf:0f:88:
58:7f:34:c3:f2:ca:de:b6:b1:68:1e:ae:f1:01:ee:62:09:74:
81:bd:25:08:99:6d:b3:85:85:fc:49:4d:5f:4c:9f:81:42:3c:
6e:45:94:b8:e2:71:0e:81:5e:f3:ee:7a:d5:3c:b1:ad:91:bb:
f5:2c:fb:0b:ea:18:57:9b:8b:f0:35:ae:c1:06:b9:af:4f:5f:
91:66:54:14:52:e8:ef:b9:80:d6:fe:56:bd:9c:c4:cc:6b:6c:
fc:93:d6:42:d1:b4:0f:6f:94:9b:99:3e:e5:fc:df:56:b4:22:
3b:b4:30:8c:d4:13:66:59:e2:c7:ce:6d:a1:77:f4:0e:c4:a2:
2f:89:b5:03:2a:63:d9:0b:64:9c:ba:80:03:7f:07:71:52:8d:
cc:6b:42:8b:ad:de:64:37:20:16:82:a8:3c:be:49:2d:b5:7f:
69:bd:66:e1
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIUZF1a+8L9g+WBzBNpQq0ijcP7E5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4
RkJFN0VBRTAeFw0yNjA1MTExMTA1MThaFw0yNzA1MTAxMTEwMThaMDMxMTAvBgNV
BAMTKDYxMUQxNUE3NEZBOTBEODM4QkNFM0QyMEQ5MjY0NkU1OEQ3NkQ2RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZcaQOS39uiC48rnvhlahuRiOS
2OvlTk4kxA91LLHBgJrx5Q9ONYqqalvcdU75fr2OuaxCuiFOe6kZIPUKGAYBsb18
xbeUvd2TSPlDbrNY1LMXQsFedAt1YOsDvDXlpREOjVKP/XsMYwqXwvodFTy8OsTM
vSYG9cJUf1eQIxalriZHSQSlzLa3OuXbmpmZ1B4s3PflETCimdD6cqxA7RoxltPp
3VqyAHXNgPMAuNobuQ2wVeDyNIvTgGfnGnH3O68947KAlhunbHLJqtOqOaVrNwfr
tuSJBRGN+tXDP0EF2uXQJVzxeqq32P+nooLo3WAXYBzFy8BK0rGMnII3oddpAgMB
AAGjggIXMIICEzAdBgNVHQ4EFgQUYR0Vp0+pDYOLzj0g2SZG5Y121uowHwYDVR0j
BBgwFoAUjUc7e0Hj1iLfs7YNXrlGmY++fq4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU3NjcyMzM3MjE3OTQ1OC8wLzhENDczQjdCNDFFM0Q2MjJERkIzQjYwRDVFQjk0
Njk5OEZCRTdFQUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4RkJFN0VBRS5jZXIw
gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz
LmNubmljLmNuL3JlcG8vQTEwNjU1NzY3MjMzNzIxNzk0NTgvMC8zMTMyMzAyZTMx
MzMzNjJlMzIzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMxMzMzMTMzMzEzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAniIFDANBgkqhkiG9w0BAQsFAAOCAQEAPwroGyPSoNod9gwS348+
oJGerzJPcx6JhbmMRrinfTJqnudiIkt5dpL4MVS4fUCmow7ryHnSkaplvNJkEEJo
j/5pvqkknCCxIXTplwhnpnH9vt5g7wDCzw+IWH80w/LK3raxaB6u8QHuYgl0gb0l
CJlts4WF/ElNX0yfgUI8bkWUuOJxDoFe8+561TyxrZG79Sz7C+oYV5uL8DWuwQa5
r09fkWZUFFLo77mA1v5WvZzEzGts/JPWQtG0D2+Um5k+5fzfVrQiO7QwjNQTZlni
x85toXf0DsSiL4m1Aypj2QtknLqAA38HcVKNzGtCi63eZDcgFoKoPL5JLbV/ab1m
4Q==
-----END CERTIFICATE-----
Generated at Wed May 13 13:48:05 2026 by rpki-client