Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/wL2siTKMDWsXA7n6udzPGuEZgEI.roa
File: wL2siTKMDWsXA7n6udzPGuEZgEI.roa (raw, json)
Hash identifier: ib7Yh68TazmXU2tGvftTlo1jSiGjHh2VEGJQf73FFUI=
Subject key identifier: C0:BD:AC:89:32:8C:0D:6B:17:03:B9:FA:B9:DC:CF:1A:E1:19:80:42
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 18BC
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/wL2siTKMDWsXA7n6udzPGuEZgEI.roa
Signing time: Wed 24 May 2023 03:54:03 +0000
ROA not before: Wed 24 May 2023 03:54:03 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 134762
IP address blocks: 43.226.64.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6332 (0x18bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: May 24 03:54:03 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=C0BDAC89328C0D6B1703B9FAB9DCCF1AE1198042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:84:c3:b9:93:66:3a:b8:48:a0:93:74:b9:
14:dc:c9:e2:49:10:38:02:d4:59:a7:34:4a:c3:6e:
82:38:91:52:50:5d:f9:68:06:f1:91:40:f9:64:ce:
dd:1d:e1:d4:f1:de:4c:b5:b8:ac:94:d3:05:ad:70:
1d:a8:ea:9f:e5:e3:52:bb:a8:f8:ba:86:a8:30:fe:
d6:1c:25:79:64:77:44:25:a8:6f:b2:f2:03:e3:e8:
e7:ad:2c:bb:7f:e6:88:fc:17:2e:2c:ab:ca:3d:2d:
d1:eb:06:48:e7:dc:b7:c7:ec:c5:ec:ff:b7:65:e2:
11:9e:9a:3a:51:e4:7e:70:35:a7:34:46:24:60:95:
ad:cb:d4:5d:e7:fb:a4:d3:9e:08:9b:27:e8:18:74:
f3:b3:77:ab:9b:f5:88:d9:67:74:4d:ed:32:79:75:
f4:03:e8:0c:9e:7d:89:21:81:0f:d4:be:41:ae:52:
0a:2d:be:2e:04:dc:ad:17:95:c4:14:eb:28:6b:72:
87:84:cc:ca:11:28:a1:ae:b8:51:de:2e:83:5d:e3:
31:6e:15:f2:e9:aa:91:03:a1:82:74:2e:85:db:3a:
3a:7a:82:4d:03:60:af:f7:a9:60:6e:7d:d7:57:cf:
af:62:aa:a8:b6:bc:64:8a:b4:e6:a5:23:d9:40:af:
e0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BD:AC:89:32:8C:0D:6B:17:03:B9:FA:B9:DC:CF:1A:E1:19:80:42
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/wL2siTKMDWsXA7n6udzPGuEZgEI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.64.0/21
Signature Algorithm: sha256WithRSAEncryption
70:f7:c0:ea:07:38:ac:e9:7c:2c:44:f4:ff:a4:34:e9:d5:02:
91:7e:ef:94:af:72:db:91:56:d9:4a:54:0b:a1:ae:3d:c6:67:
32:43:61:40:9a:08:7b:da:1a:49:cd:ef:05:3f:55:6c:4e:52:
29:fe:7b:98:54:7e:6e:12:0e:61:96:24:85:b0:7c:66:75:4d:
70:ed:0d:95:d8:cd:e4:67:4e:9f:b7:86:1a:87:95:b1:9d:69:
d1:9e:4f:be:0c:12:05:56:cf:54:76:9c:cb:67:ee:d2:2e:0b:
8a:bb:b6:cd:d7:db:ed:13:c6:70:18:50:8f:0d:20:f7:1a:2c:
ec:0b:a0:a5:6e:20:fd:47:0b:07:cf:94:1b:be:22:98:32:cd:
ff:75:76:28:d1:92:03:ab:ac:19:1b:f9:d9:f5:6f:4b:f6:97:
7a:c6:81:f2:a5:37:ed:49:57:50:39:54:2e:3e:78:dc:61:de:
34:87:c7:87:27:a8:57:a6:d3:9b:c0:4d:3f:2f:2c:a6:ee:ce:
b1:a9:fd:57:ce:15:e4:98:ea:37:1f:65:65:3a:0f:7b:a7:b0:
e4:a6:c5:4f:51:2f:60:30:46:db:24:97:d2:fe:a5:b0:7c:87:
73:35:98:e4:bf:80:5b:0f:d2:50:75:b6:78:50:af:3f:9b:60:
a0:2b:5c:e7
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yMzA1MjQw
MzU0MDNaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEMwQkRBQzg5MzI4QzBE
NkIxNzAzQjlGQUI5RENDRjFBRTExOTgwNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCPoTDuZNmOrhIoJN0uRTcyeJJEDgC1FmnNErDboI4kVJQXflo
BvGRQPlkzt0d4dTx3ky1uKyU0wWtcB2o6p/l41K7qPi6hqgw/tYcJXlkd0QlqG+y
8gPj6OetLLt/5oj8Fy4sq8o9LdHrBkjn3LfH7MXs/7dl4hGemjpR5H5wNac0RiRg
la3L1F3n+6TTngibJ+gYdPOzd6ub9YjZZ3RN7TJ5dfQD6AyefYkhgQ/UvkGuUgot
vi4E3K0XlcQU6yhrcoeEzMoRKKGuuFHeLoNd4zFuFfLpqpEDoYJ0LoXbOjp6gk0D
YK/3qWBufddXz69iqqi2vGSKtOalI9lAr+D7AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUwL2siTKMDWsXA7n6udzPGuEZgEIwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvd0wyc2lUS01EV3NY
QTduNnVkelBHdUVaZ0VJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAyviQDANBgkqhkiG9w0BAQsFAAOCAQEAcPfA6gc4rOl8LET0/6Q06dUCkX7v
lK9y25FW2UpUC6GuPcZnMkNhQJoIe9oaSc3vBT9VbE5SKf57mFR+bhIOYZYkhbB8
ZnVNcO0NldjN5GdOn7eGGoeVsZ1p0Z5PvgwSBVbPVHacy2fu0i4Liru2zdfb7RPG
cBhQjw0g9xos7AugpW4g/UcLB8+UG74imDLN/3V2KNGSA6usGRv52fVvS/aXesaB
8qU37UlXUDlULj543GHeNIfHhyeoV6bTm8BNPy8spu7Osan9V84V5JjqNx9lZToP
e6ew5KbFT1EvYDBG2ySX0v6lsHyHczWY5L+AWw/SUHW2eFCvP5tgoCtc5w==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org