Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/LuzkZN2MdeH_RgOPqIIaeqtKaYo.roa
File: LuzkZN2MdeH_RgOPqIIaeqtKaYo.roa (raw, json)
Hash identifier: /qE46kGzrAB9VlDl+SZvAW2lfsfvo7Wzazeu9pUxki4=
Subject key identifier: 2E:EC:E4:64:DD:8C:75:E1:FF:46:03:8F:A8:82:1A:7A:AB:4A:69:8A
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 58
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/LuzkZN2MdeH_RgOPqIIaeqtKaYo.roa
Signing time: Fri 18 Apr 2025 01:19:34 +0000
ROA not before: Fri 18 Apr 2025 01:19:34 +0000
ROA not after: Wed 15 Apr 2026 09:08:30 +0000
asID: 134823
IP address blocks: 45.248.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 14:51:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88 (0x58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Apr 18 01:19:34 2025 GMT
Not After : Apr 15 09:08:30 2026 GMT
Subject: CN=2EECE464DD8C75E1FF46038FA8821A7AAB4A698A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e1:90:27:4b:a8:33:2f:98:88:6a:79:d0:8f:
fe:56:08:00:40:9f:02:42:32:12:b9:22:4b:1a:b3:
e8:c2:99:68:0d:0b:3c:f9:1c:c5:49:ba:35:87:26:
2a:fd:c2:80:6a:21:ad:df:b3:90:16:b4:fb:27:4e:
1d:54:a4:08:9a:14:0f:e2:6e:e8:0e:0e:73:d4:ff:
8a:7d:1d:5f:74:4a:29:ba:e2:5f:99:2b:66:b6:9a:
6f:60:6c:0f:cd:7e:71:e1:35:67:df:5b:4c:0b:55:
c3:ef:79:87:18:75:08:ca:64:c3:a2:98:32:e2:4c:
26:dc:4b:2e:f3:c5:59:d1:8b:b9:c2:2b:17:08:14:
76:94:ac:9c:19:a7:77:38:29:20:39:c7:99:4d:3c:
f2:e7:da:42:d4:38:88:73:a6:aa:db:74:dd:67:cc:
2a:70:fe:a7:c8:c1:fb:3d:c7:c9:7d:78:3e:1c:75:
81:17:ab:f8:54:bb:6e:75:eb:e2:c5:d6:c6:28:3f:
6c:06:c7:57:98:98:ef:93:e8:43:23:84:07:db:3c:
26:32:0e:c2:e6:1f:c2:46:b8:c2:36:71:30:c2:5d:
3f:9c:18:b8:f5:2f:6c:48:1c:10:e1:b1:1a:25:1c:
f9:1e:43:ae:24:96:76:0f:c7:76:0f:7c:57:c5:60:
b3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:EC:E4:64:DD:8C:75:E1:FF:46:03:8F:A8:82:1A:7A:AB:4A:69:8A
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/LuzkZN2MdeH_RgOPqIIaeqtKaYo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.88.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:08:1e:12:05:d8:ee:e2:2a:8d:c3:b0:36:10:51:13:89:fd:
fa:f0:ff:5a:6c:56:c7:fb:ec:49:7b:62:6a:32:c2:91:2f:eb:
ed:f8:ca:52:df:f0:b9:d5:94:ce:62:36:83:f1:3c:58:cb:d9:
75:72:18:df:b6:0c:ba:58:c0:0a:5e:fe:0d:c0:68:8e:ac:49:
f2:f9:ca:f2:84:75:73:84:f2:7b:55:e6:89:c5:93:cd:3b:17:
53:a4:ad:63:8f:eb:2a:ed:cb:f9:ed:64:66:7a:13:82:e1:4e:
dc:b7:d3:97:81:19:90:3a:a2:60:33:df:3d:29:db:36:10:de:
e1:ac:00:f7:c5:c2:c0:6b:2c:8a:e2:db:44:2c:ba:2f:20:b6:
d5:a1:c8:bc:35:f5:a8:e0:fa:ea:ee:92:c0:0c:7c:5b:88:50:
48:70:71:8e:a3:1c:20:14:7f:0a:cc:06:ca:d8:9d:83:f9:fe:
92:59:92:a5:fb:f1:5a:27:21:bf:40:44:e2:8b:fd:94:13:26:
08:15:1d:a3:d6:14:ee:fc:d0:a9:02:0a:a4:09:86:54:4c:44:
ce:1c:29:42:ea:b4:2c:0e:74:6b:6f:4a:d7:34:93:fc:89:cf:
6b:3d:e1:cc:5e:c6:bc:a7:76:73:6a:a4:ae:fd:6a:06:1f:ef:
7b:49:84:30
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF
ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxODAx
MTkzNFoXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoMkVFQ0U0NjRERDhDNzVF
MUZGNDYwMzhGQTg4MjFBN0FBQjRBNjk4QTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMvhkCdLqDMvmIhqedCP/lYIAECfAkIyErkiSxqz6MKZaA0LPPkc
xUm6NYcmKv3CgGohrd+zkBa0+ydOHVSkCJoUD+Ju6A4Oc9T/in0dX3RKKbriX5kr
Zraab2BsD81+ceE1Z99bTAtVw+95hxh1CMpkw6KYMuJMJtxLLvPFWdGLucIrFwgU
dpSsnBmndzgpIDnHmU088ufaQtQ4iHOmqtt03WfMKnD+p8jB+z3HyX14Phx1gRer
+FS7bnXr4sXWxig/bAbHV5iY75PoQyOEB9s8JjIOwuYfwka4wjZxMMJdP5wYuPUv
bEgcEOGxGiUc+R5DriSWdg/Hdg98V8Vgs4sCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBQu7ORk3Yx14f9GA4+oghp6q0ppijAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj
QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2
L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9MdXprWk4yTWRlSF9S
Z09QcUlJYWVxdEthWW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCLfhYMA0GCSqGSIb3DQEBCwUAA4IBAQBfCB4SBdju4iqNw7A2EFETif368P9a
bFbH++xJe2JqMsKRL+vt+MpS3/C51ZTOYjaD8TxYy9l1chjftgy6WMAKXv4NwGiO
rEny+cryhHVzhPJ7VeaJxZPNOxdTpK1jj+sq7cv57WRmehOC4U7ct9OXgRmQOqJg
M989Kds2EN7hrAD3xcLAayyK4ttELLovILbVoci8NfWo4Prq7pLADHxbiFBIcHGO
oxwgFH8KzAbK2J2D+f6SWZKl+/FaJyG/QETii/2UEyYIFR2j1hTu/NCpAgqkCYZU
TETOHClC6rQsDnRrb0rXNJP8ic9rPeHMXsa8p3ZzaqSu/WoGH+97SYQw
-----END CERTIFICATE-----
Generated at Wed Apr 23 17:41:57 2025 by rpki-client on console.sobornost.net