Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/rVVruZiWqXURJCj60QriNxXJUII.roa
File: rVVruZiWqXURJCj60QriNxXJUII.roa (raw, json)
Hash identifier: gbAwVnh3VXohP3INx6jesd0QX4BeTF3s1gZmecWLPGY=
Subject key identifier: AD:55:6B:B9:98:96:A9:75:11:24:28:FA:D1:0A:E2:37:15:C9:50:82
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1156
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/rVVruZiWqXURJCj60QriNxXJUII.roa
Signing time: Thu 11 Jul 2024 15:10:41 +0000
ROA not before: Thu 11 Jul 2024 15:10:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 398704
IP address blocks: 180.223.112.0/21 maxlen: 24
180.223.120.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 12:56:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4438 (0x1156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Jul 11 15:10:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD556BB99896A975112428FAD10AE23715C95082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8c:e3:5d:e4:76:4a:01:5b:73:0f:4a:81:ff:
b4:e4:7b:a1:7c:54:f0:74:68:e7:69:4a:3c:f3:40:
dc:68:45:3c:af:3d:36:41:7e:ed:e0:5b:9d:0f:c0:
34:78:93:0e:22:03:a0:38:56:0f:44:97:78:4c:00:
44:3e:a2:3f:35:1c:40:0b:0a:4f:1c:a8:b2:81:da:
72:6c:2d:ad:05:76:af:15:05:c0:90:4d:41:25:a2:
1e:3d:12:f0:07:53:22:b7:24:8f:18:42:1c:de:7a:
29:82:74:ed:ec:fd:da:24:52:04:f8:bb:76:05:70:
22:de:57:75:0e:d9:71:6f:18:85:c6:00:75:c6:5e:
3b:4f:9f:3d:0b:ea:bd:0e:bc:e3:ae:c7:fd:36:4d:
52:3e:65:ed:57:70:24:7a:92:1d:50:57:ae:2f:fe:
ea:eb:f1:77:d6:3b:e5:74:42:fb:b9:1a:1d:6a:e9:
78:a7:a2:00:65:68:4a:c8:6e:a1:f6:69:2f:0b:20:
4a:54:69:8e:d0:2b:03:af:1e:28:2b:aa:c0:64:71:
d0:e5:a7:61:28:62:83:21:9a:c8:da:4d:9a:85:e8:
5d:59:fa:a3:a1:d3:45:8b:38:ef:73:42:01:f2:79:
84:53:67:79:4c:d6:f6:65:4e:e7:99:38:06:03:26:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:55:6B:B9:98:96:A9:75:11:24:28:FA:D1:0A:E2:37:15:C9:50:82
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/rVVruZiWqXURJCj60QriNxXJUII.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.112.0/20
Signature Algorithm: sha256WithRSAEncryption
32:36:5f:7f:fa:fb:1d:c5:9c:19:a6:ad:41:f3:9f:e2:1d:94:
14:a7:61:3d:88:85:e0:9d:15:04:98:37:2a:0f:31:e6:47:32:
00:78:74:04:6d:bd:7b:a8:bc:d0:91:45:90:a2:ef:0a:07:e6:
95:a6:19:4e:66:37:eb:01:fa:3c:92:b3:30:75:3a:10:ed:68:
f3:ab:17:d1:e1:7b:7e:03:53:6d:07:3e:cf:6d:ac:83:72:9c:
a8:9f:13:bc:e4:9c:0e:f0:b1:9a:40:34:17:3c:b7:db:6f:9b:
ca:06:04:c0:91:74:d3:2f:f3:6f:05:52:a6:65:41:90:40:f9:
fb:1c:8e:cd:14:9a:d3:07:c0:54:53:33:a3:76:f3:f4:1d:0f:
94:7b:15:d4:96:51:bf:90:3a:69:df:bb:ba:1f:df:0a:73:c7:
d5:00:e8:c8:18:c1:9f:4c:85:b6:21:55:4e:bb:bd:86:84:a9:
86:5e:df:04:d2:76:01:99:3f:ff:29:ad:0c:bb:5c:54:b8:96:
73:53:7e:3d:6a:03:c6:ea:f8:63:e9:b4:c4:59:64:35:00:21:
c8:f5:a8:74:7d:9b:b0:0d:db:1a:43:eb:68:10:15:2e:30:78:
51:fc:28:8b:a5:63:cc:a7:9e:57:91:15:d4:06:e1:ab:53:8a:
53:a0:03:8c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA3MTEx
NTEwNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFENTU2QkI5OTg5NkE5
NzUxMTI0MjhGQUQxMEFFMjM3MTVDOTUwODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjjONd5HZKAVtzD0qB/7Tke6F8VPB0aOdpSjzzQNxoRTyvPTZB
fu3gW50PwDR4kw4iA6A4Vg9El3hMAEQ+oj81HEALCk8cqLKB2nJsLa0Fdq8VBcCQ
TUEloh49EvAHUyK3JI8YQhzeeimCdO3s/dokUgT4u3YFcCLeV3UO2XFvGIXGAHXG
XjtPnz0L6r0OvOOux/02TVI+Ze1XcCR6kh1QV64v/urr8XfWO+V0Qvu5Gh1q6Xin
ogBlaErIbqH2aS8LIEpUaY7QKwOvHigrqsBkcdDlp2EoYoMhmsjaTZqF6F1Z+qOh
00WLOO9zQgHyeYRTZ3lM1vZlTueZOAYDJrnhAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUrVVruZiWqXURJCj60QriNxXJUIIwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvclZWcnVaaVdxWFVS
SkNqNjBRcmlOeFhKVUlJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBLTfcDANBgkqhkiG9w0BAQsFAAOCAQEAMjZff/r7HcWcGaatQfOf4h2UFKdh
PYiF4J0VBJg3Kg8x5kcyAHh0BG29e6i80JFFkKLvCgfmlaYZTmY36wH6PJKzMHU6
EO1o86sX0eF7fgNTbQc+z22sg3KcqJ8TvOScDvCxmkA0Fzy322+bygYEwJF00y/z
bwVSpmVBkED5+xyOzRSa0wfAVFMzo3bz9B0PlHsV1JZRv5A6ad+7uh/fCnPH1QDo
yBjBn0yFtiFVTru9hoSphl7fBNJ2AZk//ymtDLtcVLiWc1N+PWoDxur4Y+m0xFlk
NQAhyPWodH2bsA3bGkPraBAVLjB4Ufwoi6VjzKeeV5EV1Abhq1OKU6ADjA==
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:12 2024 by rpki-client on console-ams.rpki-client.org