Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/DmVjqLhNKuOE22vbPI0ul4zVLzY.roa
File: DmVjqLhNKuOE22vbPI0ul4zVLzY.roa (raw, json)
Hash identifier: kxUL4Qa3TdIVixs8EXEOedWrXc60q6MUy4uaCC86tLY=
Subject key identifier: 0E:65:63:A8:B8:4D:2A:E3:84:DB:6B:DB:3C:8D:2E:97:8C:D5:2F:36
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 19EC
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/DmVjqLhNKuOE22vbPI0ul4zVLzY.roa
Signing time: Wed 13 Mar 2024 01:21:11 +0000
ROA not before: Wed 13 Mar 2024 01:21:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 60721
IP address blocks: 223.29.253.0/24 maxlen: 24
223.29.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 11:20:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6636 (0x19ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Mar 13 01:21:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0E6563A8B84D2AE384DB6BDB3C8D2E978CD52F36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d3:02:fd:b2:7a:cc:83:3c:24:3b:32:fa:8b:
33:0e:38:98:7a:bb:2f:6a:79:0a:81:41:03:e0:33:
08:7e:5a:f6:2f:45:bd:78:67:f6:90:ab:df:63:bd:
fc:62:b0:1a:4b:0b:0f:ec:50:ab:88:cd:db:9d:04:
c0:0e:c2:4f:49:10:28:23:b1:da:ad:42:3f:5d:80:
7e:6b:ce:03:31:c8:48:dd:52:c0:05:d5:57:8a:64:
51:c3:60:8c:84:00:ea:83:39:d0:45:3d:c3:c9:8f:
64:e6:d5:d4:55:67:f3:1f:b3:8d:95:b0:05:d7:71:
28:43:5c:34:77:50:f9:dc:26:a3:ce:59:6a:f7:35:
90:82:1f:d3:fd:42:8e:22:11:fd:9b:b6:d8:aa:df:
d5:d0:c5:af:b9:88:54:da:61:08:0b:94:a5:d3:86:
6d:8d:c6:15:6b:68:14:cb:c9:af:44:4a:4a:39:5e:
82:a1:0e:b7:8d:af:d8:04:27:94:3a:ac:e2:57:4e:
db:0e:1b:4f:cf:45:f1:bc:ec:03:9f:18:9b:9a:1e:
0f:56:78:40:1f:fa:77:48:06:f8:84:f9:4e:5a:95:
a5:34:78:0b:f5:c1:dc:1e:de:1f:ce:b6:22:d0:ea:
00:e2:36:96:cd:66:0c:41:09:c8:70:94:3c:09:4c:
3e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:65:63:A8:B8:4D:2A:E3:84:DB:6B:DB:3C:8D:2E:97:8C:D5:2F:36
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/DmVjqLhNKuOE22vbPI0ul4zVLzY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.253.0-223.29.254.255
Signature Algorithm: sha256WithRSAEncryption
9c:4e:a0:0f:e5:eb:83:2e:80:31:a8:a6:ec:74:d3:67:ad:fe:
48:e5:42:72:8d:cd:ab:c4:ee:ca:2e:16:b2:bd:f7:fc:db:6b:
2a:94:58:47:ae:87:13:71:52:c4:30:08:b1:f5:bd:76:34:25:
c8:a0:52:3f:6e:b8:4d:cd:2a:e2:be:35:bc:52:d9:52:9f:89:
08:3d:09:45:27:8b:80:8a:32:43:da:a0:f1:24:79:d8:71:34:
1b:27:b0:c7:e4:d1:39:e7:be:10:88:75:90:87:5d:bc:e5:31:
e8:47:14:b6:d0:49:76:21:36:0a:9c:81:74:4e:4a:d5:83:69:
13:66:5a:bc:f2:6b:dd:40:64:b7:fc:f4:39:5d:9d:10:dd:1f:
62:e7:fe:5f:5a:56:bf:9b:ef:ce:2e:15:a4:74:dc:6a:b2:8d:
65:cd:fb:79:6f:3f:1a:cc:2c:50:2b:fa:dd:41:07:22:df:6b:
58:2c:e2:ae:27:88:44:30:da:c5:b8:02:94:fa:2f:17:74:1a:
a4:35:86:05:4c:cc:dd:a8:c2:ef:fa:65:12:33:5b:b4:05:10:
20:11:6f:69:3a:44:63:df:c3:42:40:9a:8b:d9:4b:32:e7:1f:
d4:c8:38:83:a3:61:5a:87:e7:a7:a6:d8:cb:81:06:8b:ed:1d:
69:dc:fe:b5
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICGewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMTMw
MTIxMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBFNjU2M0E4Qjg0RDJB
RTM4NERCNkJEQjNDOEQyRTk3OENENTJGMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt0wL9snrMgzwkOzL6izMOOJh6uy9qeQqBQQPgMwh+WvYvRb14
Z/aQq99jvfxisBpLCw/sUKuIzdudBMAOwk9JECgjsdqtQj9dgH5rzgMxyEjdUsAF
1VeKZFHDYIyEAOqDOdBFPcPJj2Tm1dRVZ/Mfs42VsAXXcShDXDR3UPncJqPOWWr3
NZCCH9P9Qo4iEf2bttiq39XQxa+5iFTaYQgLlKXThm2NxhVraBTLya9ESko5XoKh
DreNr9gEJ5Q6rOJXTtsOG0/PRfG87AOfGJuaHg9WeEAf+ndIBviE+U5alaU0eAv1
wdwe3h/OtiLQ6gDiNpbNZgxBCchwlDwJTD75AgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUDmVjqLhNKuOE22vbPI0ul4zVLzYwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvRG1WanFMaE5LdU9F
MjJ2YlBJMHVsNHpWTHpZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw
DjAMAwQA3x39AwQA3x3+MA0GCSqGSIb3DQEBCwUAA4IBAQCcTqAP5euDLoAxqKbs
dNNnrf5I5UJyjc2rxO7KLhayvff822sqlFhHrocTcVLEMAix9b12NCXIoFI/brhN
zSrivjW8UtlSn4kIPQlFJ4uAijJD2qDxJHnYcTQbJ7DH5NE5574QiHWQh1285THo
RxS20El2ITYKnIF0TkrVg2kTZlq88mvdQGS3/PQ5XZ0Q3R9i5/5fWla/m+/OLhWk
dNxqso1lzft5bz8azCxQK/rdQQci32tYLOKuJ4hEMNrFuAKU+i8XdBqkNYYFTMzd
qMLv+mUSM1u0BRAgEW9pOkRj38NCQJqL2Usy5x/UyDiDo2Fah+enptjLgQaL7R1p
3P61
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:52:45 2024 by rpki-client on console-fra.rpki-client.org