Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/4LdxieviL_h1n0SbkQ6IQ8P0j4U.roa
File: 4LdxieviL_h1n0SbkQ6IQ8P0j4U.roa (raw, json)
Hash identifier: 4ehuCLDfLpb5Rs/LQtzG+DacoP+z1cdlsnQMS5lbNGk=
Subject key identifier: E0:B7:71:89:EB:E2:2F:F8:75:9F:44:9B:91:0E:88:43:C3:F4:8F:85
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 1D9D
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/4LdxieviL_h1n0SbkQ6IQ8P0j4U.roa
Signing time: Thu 12 Sep 2024 11:21:30 +0000
ROA not before: Thu 12 Sep 2024 11:21:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 43260
IP address blocks: 49.128.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 13:06:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7581 (0x1d9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Sep 12 11:21:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E0B77189EBE22FF8759F449B910E8843C3F48F85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2e:2f:57:0f:e7:42:04:de:ea:cf:02:b5:6e:
32:11:c8:23:9f:51:c6:ac:30:b1:64:15:ed:81:1c:
fa:c7:fe:31:61:30:3c:c0:b5:07:b8:16:2b:9d:79:
be:e8:ee:8c:a1:45:40:39:91:e6:dc:f3:40:4c:9c:
2c:0b:94:02:2f:8b:0d:f9:24:d0:2c:46:ca:b7:ff:
31:76:8a:11:24:84:cc:b0:d8:12:69:8e:bc:f6:15:
c4:c5:f7:b9:ea:e3:7b:b4:1d:66:02:08:9d:5f:b8:
46:4c:44:5c:58:e3:9e:70:84:d4:09:f2:eb:07:4a:
b9:39:ba:37:fa:ea:60:fc:ed:0f:2c:35:0a:b6:03:
35:e4:6b:19:28:9a:40:b2:fb:34:f0:7d:24:46:c6:
90:51:bf:7c:b2:d8:ae:6a:27:3e:6c:04:26:fe:6b:
37:28:f4:b3:fc:60:15:35:92:55:5c:f7:6d:66:af:
8d:ce:f5:fd:5c:73:85:8f:1c:65:21:f5:bf:aa:62:
b0:1b:57:24:70:39:a9:ff:58:a2:f8:12:38:90:f3:
38:b6:83:f8:ea:80:c7:b7:da:a0:b9:34:60:01:17:
d7:0f:e6:9d:fa:83:af:6e:ca:a1:a1:c8:97:8e:0d:
49:86:65:7d:e6:f5:fd:80:cf:e6:c0:7e:65:9e:a8:
d5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B7:71:89:EB:E2:2F:F8:75:9F:44:9B:91:0E:88:43:C3:F4:8F:85
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/4LdxieviL_h1n0SbkQ6IQ8P0j4U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.4.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:39:17:41:0b:78:f2:28:e7:b7:91:7c:97:2e:47:a8:7b:75:
04:e3:9b:3e:b0:71:22:cd:a2:da:e5:56:98:ad:2d:e0:e8:5f:
af:59:ed:10:1d:08:65:a0:8b:b5:e2:95:2e:44:52:b3:07:87:
fe:74:c0:46:63:2a:cb:b2:ab:f8:92:8f:79:da:a0:fe:b5:4c:
e6:8b:6b:c0:a9:c9:f7:f6:30:46:bd:e7:9c:58:1d:f7:5b:ad:
f8:ea:54:ef:a2:0b:12:f5:26:06:ba:fc:33:75:c0:4d:e9:cf:
02:12:cf:4d:78:ab:80:67:12:d4:b5:11:19:d8:1a:d3:f2:85:
3a:26:0b:b0:6a:82:42:b5:18:b5:01:ac:db:b0:43:f9:ab:e5:
39:47:b8:09:1c:b5:a6:b8:9d:d0:df:5f:dd:24:4e:50:73:93:
cf:8b:46:81:3a:70:6e:7f:8d:bc:f1:bb:d2:df:75:a4:53:74:
e7:f5:89:e3:ca:54:d2:87:17:ef:f3:64:32:de:74:0c:4b:ef:
4e:22:a4:2b:7e:44:8c:dc:b0:d5:a5:b6:37:d5:3e:53:95:55:
cb:39:74:26:bf:83:0a:75:94:18:76:05:7d:ed:3b:34:35:a3:
be:97:be:37:a4:f7:e9:cd:29:7b:4c:4c:76:af:22:46:7a:32:
72:a6:47:bb
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHZ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx
MTIxMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwQjc3MTg5RUJFMjJG
Rjg3NTlGNDQ5QjkxMEU4ODQzQzNGNDhGODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKLi9XD+dCBN7qzwK1bjIRyCOfUcasMLFkFe2BHPrH/jFhMDzA
tQe4Fiudeb7o7oyhRUA5kebc80BMnCwLlAIviw35JNAsRsq3/zF2ihEkhMyw2BJp
jrz2FcTF97nq43u0HWYCCJ1fuEZMRFxY455whNQJ8usHSrk5ujf66mD87Q8sNQq2
AzXkaxkomkCy+zTwfSRGxpBRv3yy2K5qJz5sBCb+azco9LP8YBU1klVc921mr43O
9f1cc4WPHGUh9b+qYrAbVyRwOan/WKL4EjiQ8zi2g/jqgMe32qC5NGABF9cP5p36
g69uyqGhyJeODUmGZX3m9f2Az+bAfmWeqNU9AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU4LdxieviL/h1n0SbkQ6IQ8P0j4UwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvNExkeGlldmlMX2gx
bjBTYmtRNklROFAwajRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAjGABDANBgkqhkiG9w0BAQsFAAOCAQEAKzkXQQt48ijnt5F8ly5HqHt1BOOb
PrBxIs2i2uVWmK0t4Ohfr1ntEB0IZaCLteKVLkRSsweH/nTARmMqy7Kr+JKPedqg
/rVM5otrwKnJ9/YwRr3nnFgd91ut+OpU76ILEvUmBrr8M3XATenPAhLPTXirgGcS
1LURGdga0/KFOiYLsGqCQrUYtQGs27BD+avlOUe4CRy1prid0N9f3SROUHOTz4tG
gTpwbn+NvPG70t91pFN05/WJ48pU0ocX7/NkMt50DEvvTiKkK35EjNyw1aW2N9U+
U5VVyzl0Jr+DCnWUGHYFfe07NDWjvpe+N6T36c0pe0xMdq8iRnoycqZHuw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 15:03:35 2024 by rpki-client on console-fra.rpki-client.org