Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/AvyTiK4x7T30YW-a5obnB_iHnsA.roa
File: AvyTiK4x7T30YW-a5obnB_iHnsA.roa (raw, json)
Hash identifier: Iw6zQvGyB74LnaXvbuoKZCMfHRZ3MSRM/nUAR/KOpZ8=
Subject key identifier: 02:FC:93:88:AE:31:ED:3D:F4:61:6F:9A:E6:86:E7:07:F8:87:9E:C0
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 11B2
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/AvyTiK4x7T30YW-a5obnB_iHnsA.roa
Signing time: Mon 14 Aug 2023 04:34:36 +0000
ROA not before: Mon 14 Aug 2023 04:34:36 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 139021
IP address blocks: 218.247.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 24 May 2024 02:25:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4530 (0x11b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: Aug 14 04:34:36 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=02FC9388AE31ED3DF4616F9AE686E707F8879EC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7d:23:19:ed:e0:6c:ff:00:2c:d8:54:c2:03:
c6:ca:fa:e7:75:46:67:8b:81:a0:86:34:65:95:d5:
2e:e3:de:b6:3c:d5:fc:eb:67:d3:3e:4a:b2:73:81:
09:cb:d6:c9:11:5c:d1:1a:6c:68:cd:ef:b3:d0:27:
86:79:96:af:80:b2:04:96:82:4f:3a:3e:d0:89:6d:
14:d4:21:eb:7c:0f:fc:9a:70:1e:2d:5a:24:7f:19:
4e:6d:25:ed:a3:6e:6a:d1:9e:7c:0c:08:35:68:d0:
5a:ba:ee:44:8c:fc:ec:ae:2d:9b:9c:99:ab:3f:cd:
e3:2c:78:9b:96:d0:7a:44:b3:6d:74:94:96:87:c0:
cf:7b:c4:31:36:9c:e0:a3:66:80:f7:1b:2b:db:5b:
06:e4:5f:50:24:ab:ae:76:7c:a9:ad:ec:2b:c9:93:
e8:69:11:71:2c:09:c1:70:b2:ef:d5:9e:ec:26:1c:
5d:76:d5:76:59:d1:13:c3:57:9a:2c:a3:8d:97:c0:
0c:79:81:c7:64:bc:9e:ac:6d:73:00:5f:0b:f9:37:
4a:93:87:2b:3f:28:4a:c2:f6:c1:aa:96:8a:5f:68:
6f:fe:a4:82:35:f0:a1:b3:63:e5:6a:3a:93:ee:01:
20:ce:69:0c:43:fd:f7:12:64:ce:78:2a:25:eb:7e:
96:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FC:93:88:AE:31:ED:3D:F4:61:6F:9A:E6:86:E7:07:F8:87:9E:C0
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/AvyTiK4x7T30YW-a5obnB_iHnsA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.247.64.0/20
Signature Algorithm: sha256WithRSAEncryption
37:44:ef:0c:50:e0:5c:04:dc:9c:b1:61:87:e6:25:3e:b1:a8:
13:f0:4a:87:95:5f:da:a8:95:6d:59:30:51:96:2d:78:d7:fc:
1d:63:85:35:46:c7:37:ca:9d:10:63:b5:5e:bf:67:ca:0c:d4:
4d:46:41:51:35:93:28:72:59:b8:33:2d:f3:d1:11:d5:ca:20:
04:94:29:d9:11:98:6c:2d:17:6b:73:7a:a7:4b:9e:8e:15:63:
35:11:eb:5e:e3:e9:31:f7:ff:d0:e3:52:a9:7f:94:c4:87:32:
f7:fc:55:ca:65:64:75:4b:7b:4c:e6:ad:ce:b6:c2:a3:eb:bd:
91:c5:0c:96:88:72:38:9a:6a:56:cd:aa:81:73:63:a3:24:46:
e8:ce:e3:ab:c2:9f:87:69:7c:33:e5:18:35:bb:eb:e0:c6:5c:
84:e5:a3:32:3e:6b:5b:ad:34:5a:21:9f:71:80:6f:68:f7:93:
91:ef:ef:99:20:a0:48:04:99:13:fb:80:2f:f7:66:ce:94:93:
17:11:88:87:fc:45:88:96:e1:d2:cc:5e:60:ce:44:4b:05:9c:
26:bd:79:8d:b5:89:33:4e:b1:6c:51:49:59:6b:41:76:cd:54:
e0:91:f1:b9:a8:f6:6c:0d:50:5f:12:ca:3f:0a:a8:7e:58:1f:
02:8a:bc:e7
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yMzA4MTQw
NDM0MzZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDAyRkM5Mzg4QUUzMUVE
M0RGNDYxNkY5QUU2ODZFNzA3Rjg4NzlFQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwfSMZ7eBs/wAs2FTCA8bK+ud1RmeLgaCGNGWV1S7j3rY81fzr
Z9M+SrJzgQnL1skRXNEabGjN77PQJ4Z5lq+AsgSWgk86PtCJbRTUIet8D/yacB4t
WiR/GU5tJe2jbmrRnnwMCDVo0Fq67kSM/OyuLZucmas/zeMseJuW0HpEs210lJaH
wM97xDE2nOCjZoD3GyvbWwbkX1Akq652fKmt7CvJk+hpEXEsCcFwsu/VnuwmHF12
1XZZ0RPDV5oso42XwAx5gcdkvJ6sbXMAXwv5N0qThys/KErC9sGqlopfaG/+pII1
8KGzY+VqOpPuASDOaQxD/fcSZM54KiXrfpb7AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUAvyTiK4x7T30YW+a5obnB/iHnsAwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvQXZ5VGlLNHg3VDMw
WVctYTVvYm5CX2lIbnNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNr3QDANBgkqhkiG9w0BAQsFAAOCAQEAN0TvDFDgXATcnLFhh+YlPrGoE/BK
h5Vf2qiVbVkwUZYteNf8HWOFNUbHN8qdEGO1Xr9nygzUTUZBUTWTKHJZuDMt89ER
1cogBJQp2RGYbC0Xa3N6p0uejhVjNRHrXuPpMff/0ONSqX+UxIcy9/xVymVkdUt7
TOatzrbCo+u9kcUMlohyOJpqVs2qgXNjoyRG6M7jq8Kfh2l8M+UYNbvr4MZchOWj
Mj5rW600WiGfcYBvaPeTke/vmSCgSASZE/uAL/dmzpSTFxGIh/xFiJbh0sxeYM5E
SwWcJr15jbWJM06xbFFJWWtBds1U4JHxuaj2bA1QXxLKPwqoflgfAoq85w==
-----END CERTIFICATE-----
Generated at Fri May 24 02:54:56 2024 by rpki-client on console-fra.rpki-client.org