Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/Z-HgeudremYnn2i_rBZbJMtOnI0.roa
File: Z-HgeudremYnn2i_rBZbJMtOnI0.roa (raw, json)
Hash identifier: BI3223ev3apuZRm0MAyzvp9o3jesA79flpQ3o+M7cYg=
Subject key identifier: 67:E1:E0:7A:E7:6B:7A:66:27:9F:68:BF:AC:16:5B:24:CB:4E:9C:8D
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 05DA
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/Z-HgeudremYnn2i_rBZbJMtOnI0.roa
Signing time: Mon 12 Aug 2024 04:09:48 +0000
ROA not before: Mon 12 Aug 2024 04:09:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 18811
IP address blocks: 124.175.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 01:37:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1498 (0x5da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Aug 12 04:09:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=67E1E07AE76B7A66279F68BFAC165B24CB4E9C8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:8a:1e:d5:c8:a2:b9:e3:9b:78:4f:5b:99:
ac:30:9c:a7:1b:30:b7:03:36:64:2a:05:16:f4:f3:
da:a5:71:43:f5:30:84:9b:78:09:cb:74:86:5a:b8:
ef:39:bf:12:46:1f:a8:71:9a:75:6a:4b:7a:c5:85:
84:d7:37:7f:6c:e2:c6:74:49:62:23:44:28:8f:a4:
a1:21:28:0c:84:46:69:85:c4:ad:5c:8e:81:07:e4:
85:01:0d:e1:f9:e2:c4:86:48:07:f8:f9:94:1c:e0:
8f:07:fd:8e:de:25:2e:b4:39:a7:06:1c:aa:69:dc:
f4:18:48:71:1c:df:9b:5f:db:ca:cf:d3:55:e6:52:
ab:95:18:b5:f0:96:19:10:40:25:be:f5:8c:5e:46:
9f:c0:f6:ac:66:c9:71:0f:10:4d:49:f2:77:3a:fd:
07:3f:7b:f5:fb:20:01:f6:9c:5f:71:81:96:c0:a9:
8a:9e:a4:bf:6e:df:4b:35:c1:ed:21:7b:01:0e:0e:
e0:0c:8c:42:bc:af:41:98:14:9f:c6:bd:a3:51:32:
b9:26:b4:39:2d:94:53:64:d2:8f:55:ed:be:e7:29:
e5:da:9d:e1:f0:ec:df:f4:a9:84:bf:ae:ef:2a:80:
bd:28:be:8d:f6:82:ca:33:21:d9:bb:e1:e4:aa:7b:
71:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E1:E0:7A:E7:6B:7A:66:27:9F:68:BF:AC:16:5B:24:CB:4E:9C:8D
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/Z-HgeudremYnn2i_rBZbJMtOnI0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.175.56.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:87:ef:ec:b5:2e:da:b7:30:2c:3b:a5:39:82:7b:7e:df:c6:
1b:0d:08:5d:62:db:4c:34:6f:81:35:8d:df:8d:bb:85:61:79:
20:52:71:89:27:17:f7:be:dc:37:bb:ad:4a:08:f1:15:34:f3:
cc:56:00:f8:f5:8f:2a:81:35:d9:23:45:14:79:36:ce:08:10:
1a:9b:c1:2c:fb:df:07:3f:fb:00:be:3e:a5:48:6c:49:80:53:
1c:55:b8:cf:11:ee:53:dd:c2:3d:d0:10:f7:a7:a9:36:ea:d2:
ce:1b:c6:72:94:40:e2:4b:99:15:87:93:bc:05:7d:67:9c:92:
b3:2a:02:27:85:e2:26:12:13:13:d4:35:9e:7b:5b:74:09:88:
00:6a:20:8c:ed:c6:8f:35:28:8d:d1:0c:fd:13:dc:07:3c:d9:
ac:d0:a4:7a:42:cb:42:59:43:c3:1a:35:e0:83:d9:b5:92:2e:
0c:e4:45:51:a2:c0:ee:08:5e:53:87:40:ad:3d:a7:ac:d4:8e:
c2:88:fa:95:cb:18:ec:38:6b:95:21:31:5f:7c:ff:37:05:3a:
6b:f7:60:f5:9d:08:41:cc:ee:21:f9:5b:8b:84:85:93:ac:44:
ef:3e:2d:e0:f9:e8:07:85:64:29:74:4d:3d:55:ed:ba:de:2b:
09:cb:c3:13
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MTIw
NDA5NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY3RTFFMDdBRTc2QjdB
NjYyNzlGNjhCRkFDMTY1QjI0Q0I0RTlDOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzEooe1ciiueObeE9bmawwnKcbMLcDNmQqBRb089qlcUP1MISb
eAnLdIZauO85vxJGH6hxmnVqS3rFhYTXN39s4sZ0SWIjRCiPpKEhKAyERmmFxK1c
joEH5IUBDeH54sSGSAf4+ZQc4I8H/Y7eJS60OacGHKpp3PQYSHEc35tf28rP01Xm
UquVGLXwlhkQQCW+9YxeRp/A9qxmyXEPEE1J8nc6/Qc/e/X7IAH2nF9xgZbAqYqe
pL9u30s1we0hewEODuAMjEK8r0GYFJ/GvaNRMrkmtDktlFNk0o9V7b7nKeXaneHw
7N/0qYS/ru8qgL0ovo32gsozIdm74eSqe3F9AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUZ+HgeudremYnn2i/rBZbJMtOnI0wHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvWi1IZ2V1ZHJlbVlubjJpX3JC
WmJKTXRPbkkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3yv
ODANBgkqhkiG9w0BAQsFAAOCAQEAtIfv7LUu2rcwLDulOYJ7ft/GGw0IXWLbTDRv
gTWN3427hWF5IFJxiScX977cN7utSgjxFTTzzFYA+PWPKoE12SNFFHk2zggQGpvB
LPvfBz/7AL4+pUhsSYBTHFW4zxHuU93CPdAQ96epNurSzhvGcpRA4kuZFYeTvAV9
Z5ySsyoCJ4XiJhITE9Q1nntbdAmIAGogjO3GjzUojdEM/RPcBzzZrNCkekLLQllD
wxo14IPZtZIuDORFUaLA7gheU4dArT2nrNSOwoj6lcsY7DhrlSExX3z/NwU6a/dg
9Z0IQczuIflbi4SFk6xE7z4t4PnoB4VkKXRNPVXtut4rCcvDEw==
-----END CERTIFICATE-----
Generated at Wed Sep 4 03:24:24 2024 by rpki-client on console-fra.rpki-client.org