Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/V2gAVsp18BHf46l0SozBY0jr3Tk.roa
File: V2gAVsp18BHf46l0SozBY0jr3Tk.roa (raw, json)
Hash identifier: wbsfFFBKoKtUYpkbsv+R+kyPztNmiDEd4q5/3F662Fo=
Subject key identifier: 57:68:00:56:CA:75:F0:11:DF:E3:A9:74:4A:8C:C1:63:48:EB:DD:39
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 0198
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/V2gAVsp18BHf46l0SozBY0jr3Tk.roa
Signing time: Mon 31 Mar 2025 05:49:20 +0000
ROA not before: Mon 31 Mar 2025 05:49:20 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 24413
IP address blocks: 114.28.200.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 15:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 408 (0x198)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Mar 31 05:49:20 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=57680056CA75F011DFE3A9744A8CC16348EBDD39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:ea:d9:6d:17:91:76:2f:2d:03:1f:c6:dd:
5c:36:a6:04:22:fe:15:cb:80:da:af:c2:da:aa:7c:
84:7f:9f:32:57:b5:64:16:c2:dd:0d:61:6a:fd:a3:
2a:a4:f0:e2:56:62:cf:6d:78:d4:3c:e2:e6:93:59:
cd:82:cb:14:79:f0:51:b3:c1:fa:30:c7:35:a0:88:
07:45:8d:88:e5:89:5e:d1:30:4e:19:c3:e6:fd:03:
e6:ca:cf:20:ea:fa:b5:5e:16:3c:d4:4b:07:c4:a6:
84:3c:87:7f:5b:68:fe:fa:58:50:16:60:0f:bf:37:
32:cc:18:7d:79:3b:72:cd:a3:f7:f8:b9:4f:47:c1:
7f:83:75:4e:69:1e:cd:64:2d:2f:59:ba:8d:89:0a:
5e:b6:a6:16:d9:86:3f:f4:02:67:31:49:cd:ad:09:
18:4c:d9:64:bc:75:b3:0e:42:d3:bf:e5:27:c5:72:
d3:3a:c7:49:06:ff:6a:52:62:a3:49:de:81:f8:b7:
57:ea:57:97:54:a0:df:a4:82:3a:df:af:5f:ed:2f:
d8:56:2c:bb:97:bf:7b:e0:d3:e3:7f:66:1e:83:63:
ec:12:3a:cc:7b:56:73:05:42:48:8b:4c:de:b0:e0:
44:ec:72:be:e0:9d:2c:bf:bd:43:d0:b7:e4:54:a7:
33:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:68:00:56:CA:75:F0:11:DF:E3:A9:74:4A:8C:C1:63:48:EB:DD:39
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/V2gAVsp18BHf46l0SozBY0jr3Tk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.200.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:43:a0:73:a8:ff:71:19:26:4c:6d:8d:7d:8e:6a:a7:b6:8a:
5d:23:01:af:13:e9:3f:8a:4e:78:ea:09:d5:bd:0d:7e:8d:1b:
8c:b0:d9:cb:20:f9:4c:f7:5f:c1:4f:ef:b0:6f:38:41:cb:1c:
79:80:5d:5d:e3:74:be:80:5d:4c:99:e4:26:f7:dc:a1:78:c2:
70:bf:78:7e:38:f3:a4:4a:cc:65:ae:d2:fb:ad:db:5f:bb:e7:
4b:31:06:d1:07:ba:25:bb:a9:e3:c3:89:dc:8f:0d:d6:05:27:
3e:d2:e2:d3:d9:ad:cc:27:62:c8:14:b9:b3:ba:a9:3a:8f:7e:
86:f0:2d:c5:b6:9c:2f:a4:cf:c6:ff:ba:b3:83:87:f2:d7:ea:
fd:8b:c0:29:57:97:47:7d:4f:f4:e7:18:6e:21:c2:61:77:ab:
28:a3:44:24:cc:27:49:84:82:e9:fa:3c:21:84:50:58:30:5f:
26:fc:00:24:2b:c6:ab:ad:9e:9e:3c:2f:7e:b2:2a:69:5a:4f:
1d:6a:a3:01:e4:48:2c:20:83:a9:a3:38:78:d0:62:38:d7:a6:
db:65:88:9a:ba:c3:a8:08:df:bf:68:d9:1c:b0:e5:5c:f7:a4:
ef:fb:20:ad:4a:c5:b5:4f:e2:ec:46:d5:13:2c:2a:2c:9a:64:
34:15:24:40
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAZgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5
QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMzEw
NTQ5MjBaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDU3NjgwMDU2Q0E3NUYw
MTFERkUzQTk3NDRBOENDMTYzNDhFQkREMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ3OrZbReRdi8tAx/G3Vw2pgQi/hXLgNqvwtqqfIR/nzJXtWQW
wt0NYWr9oyqk8OJWYs9teNQ84uaTWc2CyxR58FGzwfowxzWgiAdFjYjliV7RME4Z
w+b9A+bKzyDq+rVeFjzUSwfEpoQ8h39baP76WFAWYA+/NzLMGH15O3LNo/f4uU9H
wX+DdU5pHs1kLS9Zuo2JCl62phbZhj/0AmcxSc2tCRhM2WS8dbMOQtO/5SfFctM6
x0kG/2pSYqNJ3oH4t1fqV5dUoN+kgjrfr1/tL9hWLLuXv3vg0+N/Zh6DY+wSOsx7
VnMFQkiLTN6w4ETscr7gnSy/vUPQt+RUpzNRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUV2gAVsp18BHf46l0SozBY0jr3TkwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS
CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw
L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL1YyZ0FWc3AxOEJIZjQ2
bDBTb3pCWTBqcjNUay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAByHMgwDQYJKoZIhvcNAQELBQADggEBACpDoHOo/3EZJkxtjX2Oaqe2il0jAa8T
6T+KTnjqCdW9DX6NG4yw2csg+Uz3X8FP77BvOEHLHHmAXV3jdL6AXUyZ5Cb33KF4
wnC/eH4486RKzGWu0vut21+750sxBtEHuiW7qePDidyPDdYFJz7S4tPZrcwnYsgU
ubO6qTqPfobwLcW2nC+kz8b/urODh/LX6v2LwClXl0d9T/TnGG4hwmF3qyijRCTM
J0mEgun6PCGEUFgwXyb8ACQrxqutnp48L36yKmlaTx1qowHkSCwgg6mjOHjQYjjX
pttliJq6w6gI379o2Ryw5Vz3pO/7IK1KxbVP4uxG1RMsKiyaZDQVJEA=
-----END CERTIFICATE-----
Generated at Mon Mar 31 20:35:13 2025 by rpki-client on console.sobornost.net