Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/gIpAF9hddkxto4uKZ6ViR_y1bkA.roa
File: gIpAF9hddkxto4uKZ6ViR_y1bkA.roa (raw, json)
Hash identifier: hOmAd+mO8uey3VCBE1DrWUy7tviCYvWbpReZJ1vUAQs=
Subject key identifier: 80:8A:40:17:D8:5D:76:4C:6D:A3:8B:8A:67:A5:62:47:FC:B5:6E:40
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 03
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/gIpAF9hddkxto4uKZ6ViR_y1bkA.roa
Signing time: Tue 15 Apr 2025 09:12:58 +0000
ROA not before: Tue 15 Apr 2025 09:12:58 +0000
ROA not after: Wed 15 Apr 2026 09:08:30 +0000
asID: 138968
IP address blocks: 103.118.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Apr 2025 09:25:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Apr 15 09:12:58 2025 GMT
Not After : Apr 15 09:08:30 2026 GMT
Subject: CN=808A4017D85D764C6DA38B8A67A56247FCB56E40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:08:42:37:a5:80:22:e7:9d:2f:bb:2c:1f:12:
41:e7:85:c1:ab:96:00:88:0d:b1:c6:f3:a6:bd:8b:
7a:46:c9:82:94:8b:fd:9d:c6:8a:9e:fd:94:50:4d:
c4:ff:d0:60:fd:13:29:3d:ff:3c:d5:de:8d:ab:bf:
c9:4c:d5:4d:34:83:49:e8:4e:ed:41:e9:1e:70:06:
b0:40:84:03:2f:da:46:4e:6d:d7:4f:54:d7:f7:e3:
03:75:8b:2c:87:db:21:a0:34:20:df:cf:b3:5d:06:
04:c5:01:f6:54:19:08:11:3e:11:f0:22:13:af:67:
c4:42:61:92:64:51:57:02:81:82:19:18:31:f0:6e:
4a:87:3b:57:b0:2b:7d:ed:3e:0a:71:8b:63:23:22:
04:09:cf:ba:6d:a0:51:e7:f0:9b:ff:98:ac:3a:ad:
e1:51:71:42:51:47:cf:81:55:22:fd:22:ec:b3:60:
13:27:32:af:c9:0e:74:41:e8:29:93:f2:68:a6:dd:
da:73:f8:70:61:c2:60:ea:76:f4:d9:ac:ce:dd:16:
57:53:a1:7e:e4:2e:75:13:b8:ac:8d:8a:c2:d0:cc:
6e:92:5a:2c:42:3e:45:6b:41:25:ea:c9:7c:1f:6b:
b5:98:2a:bf:9c:23:93:e4:d7:83:c3:a0:a8:7a:cb:
ac:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8A:40:17:D8:5D:76:4C:6D:A3:8B:8A:67:A5:62:47:FC:B5:6E:40
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/gIpAF9hddkxto4uKZ6ViR_y1bkA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.192.0/22
Signature Algorithm: sha256WithRSAEncryption
42:87:0b:1d:28:47:93:d7:ac:b6:b2:00:f1:cd:27:95:7d:b4:
6c:85:dc:67:cc:6e:2e:1d:08:65:aa:f9:b6:96:c8:36:75:9e:
6d:74:f2:fc:d5:56:08:1c:c5:c0:74:5b:b5:4e:bc:25:1c:59:
42:07:0c:41:1e:64:1c:81:76:e4:dd:17:1c:de:70:66:1b:de:
0f:e2:e9:46:16:52:2e:1c:8f:29:35:5f:11:e9:34:73:e3:6e:
ec:38:ef:e9:0a:64:18:a6:b1:1a:72:50:21:28:b8:7c:7c:24:
68:9a:35:3b:a4:90:6d:c4:7b:19:7d:f2:1c:6a:e5:05:8d:ae:
90:38:bf:df:c8:a9:5b:ea:c6:0a:5c:19:2b:1c:2e:d2:b8:49:
c4:33:9e:9c:45:62:98:2e:cf:cd:c6:f4:c5:29:31:05:24:de:
1d:24:d0:11:a5:d8:fa:2a:d3:52:a9:26:d4:91:9a:28:71:6a:
c0:86:e9:97:40:05:7a:bd:8c:e6:c3:4a:23:0a:8c:d2:36:16:
49:08:5e:f9:b8:cb:ab:d0:c0:63:fe:b9:d2:95:d4:b3:8c:8f:
90:b7:28:fd:12:1a:d9:6c:a0:64:0f:65:4f:c3:73:78:51:f9:
08:8a:60:78:13:f6:27:9b:9c:ac:15:d7:16:c6:3e:15:d7:ee:
3b:63:b2:09
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF
ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNTA5
MTI1OFoXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoODA4QTQwMTdEODVENzY0
QzZEQTM4QjhBNjdBNTYyNDdGQ0I1NkU0MDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMUIQjelgCLnnS+7LB8SQeeFwauWAIgNscbzpr2LekbJgpSL/Z3G
ip79lFBNxP/QYP0TKT3/PNXejau/yUzVTTSDSehO7UHpHnAGsECEAy/aRk5t109U
1/fjA3WLLIfbIaA0IN/Ps10GBMUB9lQZCBE+EfAiE69nxEJhkmRRVwKBghkYMfBu
Soc7V7Arfe0+CnGLYyMiBAnPum2gUefwm/+YrDqt4VFxQlFHz4FVIv0i7LNgEycy
r8kOdEHoKZPyaKbd2nP4cGHCYOp29Nmszt0WV1OhfuQudRO4rI2KwtDMbpJaLEI+
RWtBJerJfB9rtZgqv5wjk+TXg8OgqHrLrEsCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBSAikAX2F12TG2ji4pnpWJH/LVuQDAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj
QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2
L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9nSXBBRjloZGRreHRv
NHVLWjZWaVJfeTFia0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3bAMA0GCSqGSIb3DQEBCwUAA4IBAQBChwsdKEeT16y2sgDxzSeVfbRshdxn
zG4uHQhlqvm2lsg2dZ5tdPL81VYIHMXAdFu1TrwlHFlCBwxBHmQcgXbk3Rcc3nBm
G94P4ulGFlIuHI8pNV8R6TRz427sOO/pCmQYprEaclAhKLh8fCRomjU7pJBtxHsZ
ffIcauUFja6QOL/fyKlb6sYKXBkrHC7SuEnEM56cRWKYLs/NxvTFKTEFJN4dJNAR
pdj6KtNSqSbUkZoocWrAhumXQAV6vYzmw0ojCozSNhZJCF75uMur0MBj/rnSldSz
jI+Qtyj9EhrZbKBkD2VPw3N4UfkIimB4E/Ynm5ysFdcWxj4V1+47Y7IJ
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:45:05 2025 by rpki-client on console.sobornost.net