Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/IhZb77bMTMYLPUpW-NMlaw2d324.roa
File: IhZb77bMTMYLPUpW-NMlaw2d324.roa (raw, json)
Hash identifier: Ed/NiVF+Oha+S0B8FLSASgu7x66M1L3tSGcygbhAS4w=
Subject key identifier: 22:16:5B:EF:B6:CC:4C:C6:0B:3D:4A:56:F8:D3:25:6B:0D:9D:DF:6E
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 05D7
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/IhZb77bMTMYLPUpW-NMlaw2d324.roa
Signing time: Mon 12 Aug 2024 04:09:46 +0000
ROA not before: Mon 12 Aug 2024 04:09:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 136897
IP address blocks: 124.175.32.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 01:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1495 (0x5d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Aug 12 04:09:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=22165BEFB6CC4CC60B3D4A56F8D3256B0D9DDF6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bc:5a:9a:32:a4:f0:85:09:a2:ad:c1:56:23:
54:70:5b:c0:72:79:a8:0f:db:7a:0a:a9:37:27:55:
c5:31:af:46:e4:d1:40:95:12:6f:ed:b2:ba:fa:01:
95:d1:06:8e:c2:11:98:d9:f2:ba:e0:03:23:3b:1f:
ff:76:91:3b:7b:c7:7c:c3:ba:a8:4b:38:4c:c5:d0:
6c:9e:8b:3b:50:66:3e:f7:e6:d5:05:a9:b6:d8:6f:
81:34:07:c2:47:7a:52:a3:aa:61:7e:44:05:d6:dd:
3d:8f:df:8f:0c:a4:2b:91:88:a3:88:9a:e9:41:ad:
ef:3e:c2:82:25:26:a0:c3:69:67:7e:2b:a7:95:a3:
32:18:e1:22:46:43:e6:b2:6a:52:8f:ae:73:62:b5:
fb:bb:bc:29:f8:a1:4a:0b:07:e6:61:71:37:c2:6a:
1b:9f:d0:8e:e3:6a:69:51:7d:0e:ea:98:20:0f:09:
61:8d:80:6a:6b:13:cc:98:f6:5c:2f:4c:da:52:bc:
04:5f:6f:e7:98:d3:09:4b:48:17:ab:2c:ca:3b:91:
16:f1:77:00:d4:d2:8d:d8:9a:bf:19:bd:1b:80:03:
3f:7c:d8:27:c2:c0:c3:e0:5a:0b:77:6b:3a:7e:bc:
1c:95:0d:6f:38:e9:9f:26:dd:1a:ad:8f:c2:9c:c3:
64:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:16:5B:EF:B6:CC:4C:C6:0B:3D:4A:56:F8:D3:25:6B:0D:9D:DF:6E
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/IhZb77bMTMYLPUpW-NMlaw2d324.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.175.32.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:b5:87:49:30:d4:6d:2d:91:6f:6d:a5:a1:8a:96:85:72:d9:
b0:0a:c4:88:fb:3b:30:be:18:95:61:2a:a5:d5:80:97:7f:0d:
c2:69:4a:b4:cb:61:e6:5b:f9:83:59:0c:a7:bd:2a:cc:a2:75:
ea:11:37:4b:d4:d7:3f:b7:be:b5:25:8f:49:18:15:bf:03:b5:
8d:f0:07:17:65:0a:dc:9c:36:63:a3:13:29:1b:50:6f:d6:f4:
15:c9:c8:2a:9b:a1:cb:ba:bf:93:b0:4f:76:b1:d2:38:46:c1:
4a:f9:e3:57:db:ff:3f:c1:74:98:38:2a:3a:c0:77:b8:8b:98:
51:d8:e3:e6:7e:58:9d:95:1c:ed:51:db:0d:a0:aa:a1:e3:91:
bb:3c:4c:e0:b9:51:a2:47:04:a0:61:04:41:dd:a7:f1:4a:f7:
cf:a3:3f:7f:d3:8c:59:35:da:37:2e:cb:60:a8:96:1b:fd:13:
61:32:dd:8b:97:6a:91:2c:73:44:db:fd:c6:0a:4b:17:3d:2f:
11:c6:9c:f0:6b:33:c5:e8:b0:a0:bc:6d:85:f5:89:21:39:d7:
8f:15:bb:d3:4a:4e:cc:94:d7:bc:62:ce:26:ff:a1:09:d0:d3:
56:21:f8:dc:0f:ae:9b:fa:75:8b:54:fc:33:bf:80:d5:71:e8:
d1:8b:25:a9
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MTIw
NDA5NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIyMTY1QkVGQjZDQzRD
QzYwQjNENEE1NkY4RDMyNTZCMEQ5RERGNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7vFqaMqTwhQmircFWI1RwW8ByeagP23oKqTcnVcUxr0bk0UCV
Em/tsrr6AZXRBo7CEZjZ8rrgAyM7H/92kTt7x3zDuqhLOEzF0GyeiztQZj735tUF
qbbYb4E0B8JHelKjqmF+RAXW3T2P348MpCuRiKOImulBre8+woIlJqDDaWd+K6eV
ozIY4SJGQ+ayalKPrnNitfu7vCn4oUoLB+ZhcTfCahuf0I7jamlRfQ7qmCAPCWGN
gGprE8yY9lwvTNpSvARfb+eY0wlLSBerLMo7kRbxdwDU0o3Ymr8ZvRuAAz982CfC
wMPgWgt3azp+vByVDW846Z8m3Rqtj8Kcw2SxAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUIhZb77bMTMYLPUpW+NMlaw2d324wHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvSWhaYjc3Yk1UTVlMUFVwVy1O
TWxhdzJkMzI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3yv
IDANBgkqhkiG9w0BAQsFAAOCAQEADrWHSTDUbS2Rb22loYqWhXLZsArEiPs7ML4Y
lWEqpdWAl38NwmlKtMth5lv5g1kMp70qzKJ16hE3S9TXP7e+tSWPSRgVvwO1jfAH
F2UK3Jw2Y6MTKRtQb9b0FcnIKpuhy7q/k7BPdrHSOEbBSvnjV9v/P8F0mDgqOsB3
uIuYUdjj5n5YnZUc7VHbDaCqoeORuzxM4LlRokcEoGEEQd2n8Ur3z6M/f9OMWTXa
Ny7LYKiWG/0TYTLdi5dqkSxzRNv9xgpLFz0vEcac8GszxeiwoLxthfWJITnXjxW7
00pOzJTXvGLOJv+hCdDTViH43A+um/p1i1T8M7+A1XHo0YslqQ==
-----END CERTIFICATE-----
Generated at Wed Sep 4 03:24:24 2024 by rpki-client on console-fra.rpki-client.org