Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/LSV7oJwIx9jza1WtuyedONr6ELQ.roa
File: LSV7oJwIx9jza1WtuyedONr6ELQ.roa (raw, json)
Hash identifier: DfXdkYxj5LzII7jgsLjfJ7ySU5JJ6NTEiMsufthhc6s=
Subject key identifier: 2D:25:7B:A0:9C:08:C7:D8:F3:6B:55:AD:BB:27:9D:38:DA:FA:10:B4
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0BD9
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/LSV7oJwIx9jza1WtuyedONr6ELQ.roa
Signing time: Tue 13 May 2025 06:43:34 +0000
ROA not before: Tue 13 May 2025 06:43:34 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.241.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 May 2025 01:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3033 (0xbd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: May 13 06:43:34 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=2D257BA09C08C7D8F36B55ADBB279D38DAFA10B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0f:e4:3b:ce:a1:c8:17:31:36:0b:0a:b8:b1:
ba:fe:42:cf:dc:80:ca:a9:c9:6f:09:2b:4d:bf:e8:
d3:4b:70:ec:92:49:6d:5d:f3:6d:dd:b7:12:3d:32:
be:10:b2:b9:75:07:e9:5d:4d:05:08:f2:de:6a:17:
f0:1e:19:9a:55:0a:9a:bf:73:05:d4:71:ad:c6:36:
c1:84:2d:f7:94:67:b1:d1:9c:a1:40:fc:44:63:c3:
31:11:0d:2b:5e:8f:34:e4:07:4a:4b:bf:c6:5d:a4:
e1:dd:7c:d0:2b:34:9e:0b:b6:e1:d7:9b:69:7d:ae:
29:03:b8:c3:1c:9c:a8:1f:f4:ce:ab:5c:97:3b:87:
97:69:89:a9:ce:fa:a2:e8:c1:ea:ea:c1:0a:14:cf:
1d:20:cb:b2:8e:39:dd:d5:67:6a:27:17:84:ba:0b:
09:fc:36:4d:ed:7f:05:2c:a7:c9:ac:ee:94:4f:5d:
a5:1f:64:23:75:34:79:44:1d:96:92:36:0e:cc:64:
7f:a1:06:57:1c:51:33:bb:3c:52:cc:da:41:25:6c:
cc:d8:6e:e4:21:8d:66:38:86:85:b3:0b:a5:8f:b2:
9b:c5:db:1b:45:25:38:57:c3:31:f9:98:d0:52:4c:
ba:10:ff:e4:12:a5:a1:b4:75:4f:d6:f3:de:c2:60:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:25:7B:A0:9C:08:C7:D8:F3:6B:55:AD:BB:27:9D:38:DA:FA:10:B4
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/LSV7oJwIx9jza1WtuyedONr6ELQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.48.0/22
Signature Algorithm: sha256WithRSAEncryption
63:74:c2:12:37:e7:28:af:aa:51:02:d8:b2:70:9f:7d:95:99:
7a:23:df:b6:79:a6:05:42:74:fa:76:46:36:79:70:4a:4c:08:
ca:88:cc:d4:5f:cc:ce:4b:a0:bd:c0:be:d9:2a:ce:0b:32:41:
6e:10:4c:56:46:91:79:a3:dd:67:84:67:97:a3:1d:81:05:9a:
ab:89:ff:a2:1f:c2:f9:be:5a:aa:f6:3d:63:8c:ed:5c:e3:85:
2a:fd:ce:31:cb:06:e6:9a:22:0b:38:fe:08:d9:e4:a1:46:a3:
02:7f:7e:a4:aa:af:71:28:3b:d8:69:04:d2:16:83:82:bb:73:
35:2e:b7:32:5a:81:71:c9:f4:1e:1a:7a:37:e0:5a:f6:81:96:
e0:fa:10:3b:c9:2d:00:8d:f3:e5:63:fe:80:59:fe:0c:fc:85:
86:4a:86:37:bd:66:9d:01:a4:d3:cb:0c:52:b9:b2:a6:53:00:
de:88:78:02:75:3e:29:61:23:32:1f:d6:36:da:99:40:df:31:
97:4d:63:45:33:07:d2:3d:38:7f:32:98:4a:e8:98:0b:fd:80:
a0:aa:10:6f:bb:25:60:84:65:02:6b:fc:c2:1b:62:6c:03:67:
a1:e0:2d:77:04:69:f8:f0:b0:36:0f:f1:8a:ad:a4:e7:e1:4a:
42:d8:58:23
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICC9kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA1MTMw
NjQzMzRaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDJEMjU3QkEwOUMwOEM3
RDhGMzZCNTVBREJCMjc5RDM4REFGQTEwQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDED+Q7zqHIFzE2Cwq4sbr+Qs/cgMqpyW8JK02/6NNLcOySSW1d
823dtxI9Mr4Qsrl1B+ldTQUI8t5qF/AeGZpVCpq/cwXUca3GNsGELfeUZ7HRnKFA
/ERjwzERDStejzTkB0pLv8ZdpOHdfNArNJ4LtuHXm2l9rikDuMMcnKgf9M6rXJc7
h5dpianO+qLowerqwQoUzx0gy7KOOd3VZ2onF4S6Cwn8Nk3tfwUsp8ms7pRPXaUf
ZCN1NHlEHZaSNg7MZH+hBlccUTO7PFLM2kElbMzYbuQhjWY4hoWzC6WPspvF2xtF
JThXwzH5mNBSTLoQ/+QSpaG0dU/W897CYF/ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULSV7oJwIx9jza1WtuyedONr6ELQwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL0xTVjdvSndJeDlqemEx
V3R1eWVkT05yNkVMUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr8TAwDQYJKoZIhvcNAQELBQADggEBAGN0whI35yivqlEC2LJwn32VmXoj37Z5
pgVCdPp2RjZ5cEpMCMqIzNRfzM5LoL3AvtkqzgsyQW4QTFZGkXmj3WeEZ5ejHYEF
mquJ/6Ifwvm+Wqr2PWOM7VzjhSr9zjHLBuaaIgs4/gjZ5KFGowJ/fqSqr3EoO9hp
BNIWg4K7czUutzJagXHJ9B4aejfgWvaBluD6EDvJLQCN8+Vj/oBZ/gz8hYZKhje9
Zp0BpNPLDFK5sqZTAN6IeAJ1PilhIzIf1jbamUDfMZdNY0UzB9I9OH8ymEromAv9
gKCqEG+7JWCEZQJr/MIbYmwDZ6HgLXcEafjwsDYP8YqtpOfhSkLYWCM=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:10 2025 by rpki-client