Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/iyzTSWyMG713kPD5CbRVCev1_64.roa
File: iyzTSWyMG713kPD5CbRVCev1_64.roa (raw, json)
Hash identifier: KZPLbykWHHX8kYI0VyYpKLLgEfje0scaF2HiK5cEoMA=
Subject key identifier: 8B:2C:D3:49:6C:8C:1B:BD:77:90:F0:F9:09:B4:55:09:EB:F5:FF:AE
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 124D
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/iyzTSWyMG713kPD5CbRVCev1_64.roa
Signing time: Tue 20 Aug 2024 12:56:45 +0000
ROA not before: Tue 20 Aug 2024 12:56:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 398704
IP address blocks: 180.223.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 00:38:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4685 (0x124d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Aug 20 12:56:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B2CD3496C8C1BBD7790F0F909B45509EBF5FFAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:df:3b:88:a4:4b:3d:55:6d:bd:14:45:00:cc:
ea:49:5d:5c:c7:5e:59:ce:ec:60:f2:63:f6:e8:dd:
b5:1e:ed:c5:b1:07:0a:5a:78:6e:63:8b:a7:f3:23:
e6:69:37:c1:38:49:50:8c:85:5a:d7:bc:e1:c8:b1:
d4:59:c2:ea:ee:bd:9c:7c:5a:79:66:04:28:45:1b:
cb:8f:66:f7:2e:98:b0:af:42:db:42:ed:76:69:e1:
09:1a:b6:f8:78:0b:0b:64:dd:97:12:4c:3b:e7:1e:
e5:27:1b:68:17:c4:1b:a4:6c:f0:12:cf:a6:a8:19:
17:d2:18:57:2c:25:47:42:aa:d2:25:65:e8:dc:17:
c9:c7:b6:3f:2a:90:1c:34:e2:bc:5a:b9:3b:d9:07:
c1:1d:52:cb:9a:8f:cf:a4:b5:e1:3c:47:86:8f:fb:
7f:6f:99:e1:ed:58:dd:a3:94:29:57:a2:cf:d3:fa:
ef:67:fa:c2:63:25:88:15:13:db:0a:c7:6e:1e:59:
8c:35:21:72:91:49:22:a4:e1:ca:3b:79:3a:00:8c:
49:95:63:e5:68:c3:be:64:30:2b:08:55:2b:34:0c:
88:da:22:b9:30:b6:24:06:fe:f8:e5:31:c4:ca:0f:
bd:8c:e0:54:3d:3a:c1:c9:68:3e:c8:2b:20:a7:f4:
1a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2C:D3:49:6C:8C:1B:BD:77:90:F0:F9:09:B4:55:09:EB:F5:FF:AE
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/iyzTSWyMG713kPD5CbRVCev1_64.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.16.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:7d:d9:fb:0d:b4:9a:32:2b:9f:53:e2:de:0f:8c:9d:ff:84:
47:e6:73:2c:22:4a:8d:c1:a3:88:7c:4f:e3:fc:5d:85:82:c7:
53:e9:d5:36:b1:72:12:aa:fb:ed:b4:66:88:39:7f:95:e6:43:
b0:0b:ef:24:19:a0:84:a2:e7:e4:43:07:59:84:54:87:1c:4b:
eb:91:59:6c:83:9f:54:d9:14:8c:db:ff:23:78:61:75:0f:06:
d0:37:dc:7b:8c:72:bc:88:90:bc:13:e0:6e:0c:0b:47:21:aa:
15:2c:9d:a3:d5:bc:0d:a7:a8:3f:03:0c:22:e5:1b:cb:1a:3f:
a8:ae:fd:7e:2e:b9:56:c5:5f:8b:79:5f:b5:7e:96:74:45:c3:
6c:18:df:b0:c5:4d:ab:ff:0b:98:10:76:ca:88:05:81:74:96:
28:d9:8b:0e:77:10:05:a7:93:aa:1c:ca:a6:8b:ea:17:e7:f2:
bc:39:db:18:b1:3d:98:b0:21:7c:02:6b:89:cd:75:0d:9b:09:
60:60:dc:60:d8:56:52:cf:53:e7:6f:84:40:e7:3e:a9:b1:63:
27:fa:3c:4e:bd:bf:7b:a7:5b:32:a7:6e:84:7d:99:f0:0d:9e:
2a:24:6e:14:62:12:c3:f3:4b:d3:28:57:60:08:6b:97:e9:3d:
1e:d4:c1:52
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjAx
MjU2NDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCMkNEMzQ5NkM4QzFC
QkQ3NzkwRjBGOTA5QjQ1NTA5RUJGNUZGQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDl3zuIpEs9VW29FEUAzOpJXVzHXlnO7GDyY/bo3bUe7cWxBwpa
eG5ji6fzI+ZpN8E4SVCMhVrXvOHIsdRZwuruvZx8WnlmBChFG8uPZvcumLCvQttC
7XZp4Qkatvh4Cwtk3ZcSTDvnHuUnG2gXxBukbPASz6aoGRfSGFcsJUdCqtIlZejc
F8nHtj8qkBw04rxauTvZB8EdUsuaj8+kteE8R4aP+39vmeHtWN2jlClXos/T+u9n
+sJjJYgVE9sKx24eWYw1IXKRSSKk4co7eToAjEmVY+Vow75kMCsIVSs0DIjaIrkw
tiQG/vjlMcTKD72M4FQ9OsHJaD7IKyCn9BoVAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUiyzTSWyMG713kPD5CbRVCev1/64wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvaXl6VFNXeU1HNzEz
a1BENUNiUlZDZXYxXzY0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALTfEDANBgkqhkiG9w0BAQsFAAOCAQEApn3Z+w20mjIrn1Pi3g+Mnf+ER+Zz
LCJKjcGjiHxP4/xdhYLHU+nVNrFyEqr77bRmiDl/leZDsAvvJBmghKLn5EMHWYRU
hxxL65FZbIOfVNkUjNv/I3hhdQ8G0Dfce4xyvIiQvBPgbgwLRyGqFSydo9W8Daeo
PwMMIuUbyxo/qK79fi65VsVfi3lftX6WdEXDbBjfsMVNq/8LmBB2yogFgXSWKNmL
DncQBaeTqhzKpovqF+fyvDnbGLE9mLAhfAJric11DZsJYGDcYNhWUs9T52+EQOc+
qbFjJ/o8Tr2/e6dbMqduhH2Z8A2eKiRuFGISw/NL0yhXYAhrl+k9HtTBUg==
-----END CERTIFICATE-----
Generated at Wed Oct 9 04:26:57 2024 by rpki-client on console-ams.rpki-client.org