Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/vf-DpwvA89DnOrnDDtF4WZ2RDlA.roa
File: vf-DpwvA89DnOrnDDtF4WZ2RDlA.roa (raw, json)
Hash identifier: A2lxnn4dZoudPzZRLoZ67o90QVJE/XX7de/g+9LWalM=
Subject key identifier: BD:FF:83:A7:0B:C0:F3:D0:E7:3A:B9:C3:0E:D1:78:59:9D:91:0E:50
Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Certificate serial: 39
Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/vf-DpwvA89DnOrnDDtF4WZ2RDlA.roa
Signing time: Thu 01 Aug 2024 07:53:21 +0000
ROA not before: Thu 01 Aug 2024 07:53:21 +0000
ROA not after: Tue 22 Jul 2025 06:31:48 +0000
asID: 63631
IP address blocks: 119.161.136.0/21 maxlen: 24
119.161.144.0/21 maxlen: 24
119.161.152.0/21 maxlen: 24
119.161.160.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 06:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57 (0x39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Validity
Not Before: Aug 1 07:53:21 2024 GMT
Not After : Jul 22 06:31:48 2025 GMT
Subject: CN=BDFF83A70BC0F3D0E73AB9C30ED178599D910E50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6d:75:6d:1b:fd:a7:b7:0a:d1:69:d1:57:0b:
3e:c9:dd:c4:99:3a:d2:22:b4:9b:cd:ca:b7:e3:d8:
15:b9:73:25:af:b6:72:0b:f9:1a:4b:9c:14:af:2f:
d6:77:2b:69:e8:ac:df:94:60:b8:77:1b:f4:6b:0c:
71:b6:c2:96:9b:9d:ac:ec:37:13:d5:c9:1c:2a:09:
bc:20:46:b9:d5:00:b0:75:f4:18:85:38:c7:bb:4b:
0e:66:9f:c5:af:ea:73:df:65:68:f5:cf:92:69:73:
bc:01:83:fe:a8:e9:e6:58:5f:f9:73:ef:6a:f7:52:
c5:b9:d6:d8:32:2f:fd:cf:dd:19:65:3f:8c:90:3d:
9c:b9:f0:ec:6b:6e:81:01:49:35:d3:60:98:d6:11:
b9:d3:07:95:c8:17:b2:ec:b9:6f:f0:a3:29:bf:5a:
1b:1b:58:dc:99:f4:57:c8:9c:de:6b:1c:c5:0c:93:
1d:f0:c0:a8:87:3a:de:df:07:02:33:6e:79:5e:6d:
e3:67:44:6c:89:6b:38:ad:4e:35:6e:64:e0:fb:f5:
f4:71:6d:22:2b:98:d6:82:82:7a:e9:74:58:9f:3f:
d8:e8:7f:06:b0:ae:5b:f3:64:da:34:fd:6f:ac:c4:
c7:82:f0:97:fc:ae:87:85:3f:24:9f:9f:25:95:72:
4b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FF:83:A7:0B:C0:F3:D0:E7:3A:B9:C3:0E:D1:78:59:9D:91:0E:50
X509v3 Authority Key Identifier:
keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/vf-DpwvA89DnOrnDDtF4WZ2RDlA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.161.136.0-119.161.167.255
Signature Algorithm: sha256WithRSAEncryption
09:40:1e:f2:41:f9:c7:d2:be:54:97:05:fa:26:a4:dd:fa:e6:
bb:a2:17:5f:24:db:b7:2a:53:2e:3a:6c:97:f1:71:6d:f5:a6:
da:97:1c:7b:fd:f1:30:d1:f6:ef:85:9e:50:6b:fd:5e:a0:ad:
48:ec:4a:75:2f:6d:99:29:ff:49:42:ef:4f:93:b1:74:aa:b0:
b3:db:54:15:6b:01:c7:2a:b5:9a:f7:63:9c:4e:f3:8e:8b:74:
c1:30:39:66:2f:ca:54:c7:a3:ab:66:23:78:69:a4:72:33:f0:
07:6a:bd:76:f3:60:ff:8c:8b:79:2d:33:a9:07:f2:f9:00:f4:
92:5f:a4:61:fb:23:30:bb:1a:f2:1b:9c:98:33:84:ac:ea:f6:
9d:e6:be:d1:47:5c:fc:ee:bb:6c:d3:c3:0b:e4:3c:13:f9:ee:
1f:cc:62:58:47:e4:11:81:f2:53:22:28:2e:a0:c3:fe:d3:e6:
6f:fc:e9:c1:39:fb:f8:f1:14:13:5f:d2:10:29:5b:a5:15:33:
e0:85:ea:25:09:4f:98:0d:f8:44:3e:3e:8c:78:56:f2:ba:ef:
03:bd:7e:30:70:26:cf:ef:c1:11:87:97:07:f3:d1:4f:c0:b8:
79:e8:a8:49:90:92:a9:a0:de:e4:73:90:c4:f4:2d:7f:ab:94:
34:22:61:ad
-----BEGIN CERTIFICATE-----
MIIE3jCCA8agAwIBAgIBOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFNTAy
REUyQzYwODZBNjYyODRCODBDREI3QjVBQzBDMTJDQzNGM0MyMB4XDTI0MDgwMTA3
NTMyMVoXDTI1MDcyMjA2MzE0OFowMzExMC8GA1UEAxMoQkRGRjgzQTcwQkMwRjNE
MEU3M0FCOUMzMEVEMTc4NTk5RDkxMEU1MDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALZtdW0b/ae3CtFp0VcLPsndxJk60iK0m83Kt+PYFblzJa+2cgv5
GkucFK8v1ncraeis35RguHcb9GsMcbbClpudrOw3E9XJHCoJvCBGudUAsHX0GIU4
x7tLDmafxa/qc99laPXPkmlzvAGD/qjp5lhf+XPvavdSxbnW2DIv/c/dGWU/jJA9
nLnw7GtugQFJNdNgmNYRudMHlcgXsuy5b/CjKb9aGxtY3Jn0V8ic3mscxQyTHfDA
qIc63t8HAjNueV5t42dEbIlrOK1ONW5k4Pv19HFtIiuY1oKCeul0WJ8/2Oh/BrCu
W/Nk2jT9b6zEx4Lwl/yuh4U/JJ+fJZVyS88CAwEAAaOCAfswggH3MB0GA1UdDgQW
BBS9/4OnC8Dz0Oc6ucMO0XhZnZEOUDAfBgNVHSMEGDAWgBTlAt4sYIamYoS4DNt7
WsDBLMPzwjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yMTU0
LzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNVFMZUxHQ0dwbUtFdUF6YmUxckF3U3pEODhJLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1NC92Zi1EcHd2QTg5RG5P
cm5ERHRGNFdaMlJEbEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAO
MAwDBAN3oYgDBAN3oaAwDQYJKoZIhvcNAQELBQADggEBAAlAHvJB+cfSvlSXBfom
pN365ruiF18k27cqUy46bJfxcW31ptqXHHv98TDR9u+FnlBr/V6grUjsSnUvbZkp
/0lC70+TsXSqsLPbVBVrAccqtZr3Y5xO846LdMEwOWYvylTHo6tmI3hppHIz8Adq
vXbzYP+Mi3ktM6kH8vkA9JJfpGH7IzC7GvIbnJgzhKzq9p3mvtFHXPzuu2zTwwvk
PBP57h/MYlhH5BGB8lMiKC6gw/7T5m/86cE5+/jxFBNf0hApW6UVM+CF6iUJT5gN
+EQ+Pox4VvK67wO9fjBwJs/vwRGHlwfz0U/AuHnoqEmQkqmg3uRzkMT0LX+rlDQi
Ya0=
-----END CERTIFICATE-----
Generated at Mon Aug 5 08:15:43 2024 by rpki-client on console-ams.rpki-client.org