Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/WKJNdYV-pREOn3J-Zv8gqkKdNrk.roa
File: WKJNdYV-pREOn3J-Zv8gqkKdNrk.roa (raw, json)
Hash identifier: QN4Cpz8vVe1y+C87VB7vTr75yBobvd1OrQpfbK8PqEc=
Subject key identifier: 58:A2:4D:75:85:7E:A5:11:0E:9F:72:7E:66:FF:20:AA:42:9D:36:B9
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 0D9F
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/WKJNdYV-pREOn3J-Zv8gqkKdNrk.roa
Signing time: Mon 16 Jan 2023 08:53:46 +0000
ROA not before: Mon 16 Jan 2023 08:53:46 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 139021
IP address blocks: 218.247.88.0/21 maxlen: 21
219.234.16.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3487 (0xd9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: Jan 16 08:53:46 2023 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=58A24D75857EA5110E9F727E66FF20AA429D36B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fa:31:fd:08:f2:e5:75:cd:05:37:89:78:53:
6a:12:3a:96:d6:30:9c:84:31:d8:8d:d1:f4:77:79:
0b:20:43:ba:db:6a:6c:cc:e6:48:7e:59:81:d5:1f:
b8:96:e2:dd:bf:35:c2:3a:d8:ea:bb:aa:45:09:1e:
86:93:94:69:16:f7:1c:33:6b:54:c0:c5:5b:08:bf:
cf:a7:76:bf:1d:31:ed:6d:0f:c5:12:e2:1c:34:05:
82:47:4a:15:76:f2:a9:4a:44:74:12:75:29:d9:7a:
66:be:13:44:a7:9e:16:f8:40:5c:ff:da:ad:b1:66:
82:36:f5:22:52:21:5c:bb:30:37:cf:83:b8:6d:61:
73:5b:75:85:fa:56:80:fc:df:71:df:73:7e:3a:ae:
d2:34:08:31:65:fb:df:c7:ee:70:63:69:db:2b:e7:
72:9d:76:2c:3b:ee:6f:13:83:92:75:37:97:c3:54:
64:de:ee:d0:e7:93:da:11:16:60:6a:87:2a:93:72:
39:af:a9:ba:63:0b:d4:ac:37:d1:f8:22:c5:b5:f4:
0a:b7:d8:d2:e4:e6:c9:60:32:08:83:1d:57:1a:da:
14:ba:34:67:2d:87:f9:45:c7:07:1a:b6:4a:7b:f9:
a0:da:94:be:4b:3e:62:0f:91:5b:91:84:4d:4d:a0:
8c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A2:4D:75:85:7E:A5:11:0E:9F:72:7E:66:FF:20:AA:42:9D:36:B9
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/WKJNdYV-pREOn3J-Zv8gqkKdNrk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.247.88.0/21
219.234.16.0/21
Signature Algorithm: sha256WithRSAEncryption
e6:75:84:18:43:a2:31:fa:45:f5:d1:f9:80:1d:d2:35:19:67:
d4:b2:7b:48:6e:79:78:e3:1b:02:19:ee:8b:89:7a:cf:35:1e:
23:50:1b:c3:e5:ac:f7:2f:b7:29:17:cc:36:0b:98:6f:1d:22:
6e:d4:d8:b2:4c:9d:c7:00:fd:07:a4:6e:6f:2e:21:ba:9a:20:
79:df:e9:13:13:b4:5f:1f:d1:34:cd:c4:ce:86:34:51:ba:f0:
0d:ef:f9:28:9b:4c:38:90:be:0b:c8:8f:97:b8:32:da:20:e1:
f5:41:43:60:40:58:06:13:79:ad:93:27:75:71:39:f6:19:08:
e9:34:62:94:8b:45:03:5d:9d:13:3c:ed:72:e8:52:63:0b:a0:
56:c8:ad:60:d5:84:df:c8:91:d6:7f:26:b7:2c:82:4a:bb:9f:
b1:d9:b1:d4:d3:a8:b2:73:74:12:06:7a:97:28:fb:f1:7a:f8:
77:a6:b2:da:24:ce:77:96:f2:1b:f3:c8:8e:93:c2:4b:ce:6e:
ec:8e:45:13:9a:ba:6c:25:64:bd:a4:7b:9f:eb:72:bb:a3:cf:
87:aa:82:e6:e8:68:e4:89:10:f5:36:a6:dd:22:76:b3:fb:45:
71:8e:22:c2:14:a8:39:ea:21:d6:be:15:eb:47:a7:8a:6e:53:
95:af:7b:7b
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICDZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yMzAxMTYw
ODUzNDZaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKDU4QTI0RDc1ODU3RUE1
MTEwRTlGNzI3RTY2RkYyMEFBNDI5RDM2QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj+jH9CPLldc0FN4l4U2oSOpbWMJyEMdiN0fR3eQsgQ7rbamzM
5kh+WYHVH7iW4t2/NcI62Oq7qkUJHoaTlGkW9xwza1TAxVsIv8+ndr8dMe1tD8US
4hw0BYJHShV28qlKRHQSdSnZema+E0Snnhb4QFz/2q2xZoI29SJSIVy7MDfPg7ht
YXNbdYX6VoD833Hfc346rtI0CDFl+9/H7nBjadsr53Kddiw77m8Tg5J1N5fDVGTe
7tDnk9oRFmBqhyqTcjmvqbpjC9SsN9H4IsW19Aq32NLk5slgMgiDHVca2hS6NGct
h/lFxwcatkp7+aDalL5LPmIPkVuRhE1NoIxhAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUWKJNdYV+pREOn3J+Zv8gqkKdNrkwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvV0tKTmRZVi1wUkVP
bjNKLVp2OGdxa0tkTnJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEA9r3WAMEA9vqEDANBgkqhkiG9w0BAQsFAAOCAQEA5nWEGEOiMfpF9dH5gB3S
NRln1LJ7SG55eOMbAhnui4l6zzUeI1Abw+Ws9y+3KRfMNguYbx0ibtTYskydxwD9
B6Ruby4hupoged/pExO0Xx/RNM3EzoY0UbrwDe/5KJtMOJC+C8iPl7gy2iDh9UFD
YEBYBhN5rZMndXE59hkI6TRilItFA12dEzztcuhSYwugVsitYNWE38iR1n8mtyyC
Srufsdmx1NOosnN0EgZ6lyj78Xr4d6ay2iTOd5byG/PIjpPCS85u7I5FE5q6bCVk
vaR7n+tyu6PPh6qC5uho5IkQ9Tam3SJ2s/tFcY4iwhSoOeoh1r4V60enim5Tla97
ew==
-----END CERTIFICATE-----
Generated at Mon Aug 14 04:51:52 2023 by rpki-client on console-fra.rpki-client.org