Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/BMf2KTTENK83g-BQeBdCmBicw4A.roa
File: BMf2KTTENK83g-BQeBdCmBicw4A.roa (raw, json)
Hash identifier: 4ABu7XCiyuEeCZIRvza+mHiXgglAiOq1JgcbKs8A4ew=
Subject key identifier: 04:C7:F6:29:34:C4:34:AF:37:83:E0:50:78:17:42:98:18:9C:C3:80
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 0AE2
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/BMf2KTTENK83g-BQeBdCmBicw4A.roa
Signing time: Mon 28 Aug 2023 02:14:18 +0000
ROA not before: Mon 28 Aug 2023 02:14:18 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 996
IP address blocks: 180.223.80.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2786 (0xae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Aug 28 02:14:18 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=04C7F62934C434AF3783E05078174298189CC380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:24:89:28:dc:00:07:bf:4b:4b:31:8e:64:b7:
d2:86:cb:3f:be:0c:58:7d:48:d0:2c:1a:25:82:dc:
e7:bd:b5:0f:9b:ec:ca:92:a3:8d:31:aa:14:a9:d2:
58:81:72:84:fb:d1:7f:b9:fd:cd:ad:bf:f5:cd:be:
e1:56:8e:b9:6f:cd:88:e7:39:83:67:5f:b0:77:99:
53:4f:14:23:ba:31:a6:c5:8e:73:32:47:2c:34:c8:
93:a9:7e:d0:0d:4a:fd:7d:67:4b:b5:c8:aa:96:f7:
68:dd:ff:21:e9:62:41:81:6a:86:5a:ef:91:cc:ad:
d2:00:31:fe:a4:77:71:e9:dd:bb:2e:bb:39:12:82:
00:24:23:ad:9d:90:20:55:7b:98:9a:15:29:cb:85:
69:cc:3e:6d:54:12:9e:e6:5a:5b:e6:0b:25:f1:ec:
af:05:f0:28:61:26:0f:4e:0e:50:81:aa:b1:f8:3f:
5b:7a:17:ae:5b:03:c1:07:fe:f6:2c:f0:3c:2b:e9:
48:fd:69:1b:7e:8e:bb:4e:eb:1e:99:7f:fb:c0:e5:
b1:9f:fb:48:ec:e4:44:70:3e:70:a1:e8:90:b5:48:
63:b7:6d:5d:43:f1:b6:58:65:d7:48:a5:7b:b1:eb:
0a:f1:76:65:28:5e:a9:a2:f6:41:21:c5:6f:34:56:
d6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C7:F6:29:34:C4:34:AF:37:83:E0:50:78:17:42:98:18:9C:C3:80
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/BMf2KTTENK83g-BQeBdCmBicw4A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.80.0/20
Signature Algorithm: sha256WithRSAEncryption
63:92:8a:a5:6e:c9:fc:68:99:2b:d8:c0:a1:44:a3:6d:9b:0b:
b3:35:63:7c:02:6d:b3:e4:4c:c9:43:6e:8c:7a:b3:ab:9b:60:
b3:48:5c:e6:c8:1f:f0:8e:10:5b:65:f2:0f:17:14:0c:d0:c5:
2c:80:73:9c:20:b8:da:35:3c:0c:6a:db:e5:04:19:3b:d1:8f:
9f:95:7e:5a:f6:5e:7d:66:9f:de:b0:ad:be:ca:65:55:29:0d:
eb:15:c7:dc:ce:03:bc:71:fd:58:8f:53:94:9b:64:b2:6e:9a:
5c:87:01:0a:e7:bf:1d:59:70:c3:4b:10:a5:b5:90:4a:2e:7e:
cd:04:30:dd:6b:71:91:93:81:7a:f7:b0:13:19:16:f9:d7:dc:
3a:39:46:2d:a7:03:31:5f:1f:e7:0e:4c:d2:e6:26:1c:95:3b:
0c:b9:c3:7f:81:1e:90:73:a0:42:ee:e9:d9:0d:12:9d:d2:bd:
3c:a3:a4:c3:01:62:85:06:1e:94:3d:64:db:04:85:50:09:32:
d0:6d:d0:c6:3b:6c:b2:a0:cb:e1:0d:78:ed:b7:c8:1f:c3:ee:
7f:cd:6f:8d:18:3d:99:a2:09:52:16:73:96:ee:e2:ce:40:3c:
5f:59:6c:68:c8:29:a7:b4:1e:3f:a6:e3:01:cf:c8:bc:c3:69:
e8:fd:96:e9
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yMzA4Mjgw
MjE0MThaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDA0QzdGNjI5MzRDNDM0
QUYzNzgzRTA1MDc4MTc0Mjk4MTg5Q0MzODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0JIko3AAHv0tLMY5kt9KGyz++DFh9SNAsGiWC3Oe9tQ+b7MqS
o40xqhSp0liBcoT70X+5/c2tv/XNvuFWjrlvzYjnOYNnX7B3mVNPFCO6MabFjnMy
Ryw0yJOpftANSv19Z0u1yKqW92jd/yHpYkGBaoZa75HMrdIAMf6kd3Hp3bsuuzkS
ggAkI62dkCBVe5iaFSnLhWnMPm1UEp7mWlvmCyXx7K8F8ChhJg9ODlCBqrH4P1t6
F65bA8EH/vYs8Dwr6Uj9aRt+jrtO6x6Zf/vA5bGf+0js5ERwPnCh6JC1SGO3bV1D
8bZYZddIpXux6wrxdmUoXqmi9kEhxW80Vtb3AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUBMf2KTTENK83g+BQeBdCmBicw4AwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvQk1mMktUVEVOSzgz
Zy1CUWVCZENtQmljdzRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBLTfUDANBgkqhkiG9w0BAQsFAAOCAQEAY5KKpW7J/GiZK9jAoUSjbZsLszVj
fAJts+RMyUNujHqzq5tgs0hc5sgf8I4QW2XyDxcUDNDFLIBznCC42jU8DGrb5QQZ
O9GPn5V+WvZefWaf3rCtvsplVSkN6xXH3M4DvHH9WI9TlJtksm6aXIcBCue/HVlw
w0sQpbWQSi5+zQQw3WtxkZOBevewExkW+dfcOjlGLacDMV8f5w5M0uYmHJU7DLnD
f4EekHOgQu7p2Q0SndK9PKOkwwFihQYelD1k2wSFUAky0G3QxjtssqDL4Q147bfI
H8Puf81vjRg9maIJUhZzlu7izkA8X1lsaMgpp7QeP6bjAc/IvMNp6P2W6Q==
-----END CERTIFICATE-----
Generated at Wed Nov 22 13:57:01 2023 by rpki-client on console-fra.rpki-client.org