Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/kVG3W8621adcx8A-QMqiUJFv7CM.roa
File: kVG3W8621adcx8A-QMqiUJFv7CM.roa (raw, json)
Hash identifier: 5Hc7cyXoqT8C8fcdGZwTBd8A9dcPfGjwUTbg7QcF0zc=
Subject key identifier: 91:51:B7:5B:CE:B6:D5:A7:5C:C7:C0:3E:40:CA:A2:50:91:6F:EC:23
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 11B0
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/kVG3W8621adcx8A-QMqiUJFv7CM.roa
Signing time: Mon 14 Aug 2023 04:34:35 +0000
ROA not before: Mon 14 Aug 2023 04:34:35 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 139021
IP address blocks: 218.247.64.0/19 maxlen: 19
Validation: Failed, certificate revoked on Fri 24 May 2024 02:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4528 (0x11b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: Aug 14 04:34:35 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=9151B75BCEB6D5A75CC7C03E40CAA250916FEC23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ed:b4:ef:a5:70:24:08:e2:6c:ac:98:1e:a3:
55:91:59:0a:22:6d:12:3d:57:6e:f8:69:1d:36:00:
bc:34:b9:4d:48:89:d9:89:e0:28:a6:fa:37:41:9d:
1d:7e:20:c2:76:d9:5c:6c:e3:51:cb:30:7e:a1:51:
b7:df:68:17:9a:e8:0d:b5:b6:4a:4c:d4:16:3d:79:
d3:31:92:a9:26:af:00:53:4a:62:42:31:3a:54:f6:
f7:bc:33:77:96:a2:b8:d4:b9:54:14:cc:c0:8b:7d:
27:3a:ac:15:2c:bf:00:5e:76:e7:70:2e:36:a8:a8:
41:f1:19:aa:5b:10:87:e2:f4:ac:cc:af:e8:aa:7f:
74:da:7e:99:d2:ab:18:7a:01:f0:7d:79:13:e8:cd:
9e:11:a0:3f:5a:07:f4:2f:56:d1:11:e6:56:3d:40:
0c:da:ac:08:5b:a3:90:18:96:33:f0:96:61:2c:3b:
6c:6f:bd:fa:70:07:b2:44:93:a8:83:9b:f1:77:1c:
fe:8d:c3:02:75:3e:95:5e:13:ad:ee:e2:72:95:36:
b4:e3:89:16:ee:de:eb:4c:bf:0d:15:4a:4d:5e:3e:
8a:73:5d:77:40:78:f9:28:04:a5:2c:40:9c:7f:26:
9e:52:83:33:8d:00:91:32:58:6d:4a:83:f7:3c:d7:
36:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:51:B7:5B:CE:B6:D5:A7:5C:C7:C0:3E:40:CA:A2:50:91:6F:EC:23
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/kVG3W8621adcx8A-QMqiUJFv7CM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.247.64.0/19
Signature Algorithm: sha256WithRSAEncryption
ca:24:41:1d:5e:11:95:ff:c2:36:b9:ec:e3:5f:eb:16:9b:ae:
72:4e:9b:6f:5e:5e:01:e9:ee:5c:0f:63:ea:69:f2:7e:78:e5:
94:3d:05:4c:c3:f5:7e:ea:28:bc:96:c1:0b:d5:61:5f:92:6d:
1e:2d:03:e2:5b:b2:ce:7b:2f:80:f9:a2:98:94:20:dc:a2:da:
5e:ed:9d:2e:76:21:91:51:6b:6a:e7:ae:14:58:89:67:e2:fc:
f2:8c:a7:0f:f4:cc:f5:36:83:8f:4c:10:08:e3:c9:89:52:89:
74:f4:94:88:08:17:ba:d6:89:89:b7:1b:38:c3:d0:17:2b:ef:
07:08:16:d8:e8:80:60:7b:ea:23:19:7f:24:50:1e:75:76:df:
62:bf:d6:4f:03:36:c5:f6:48:8f:36:14:e3:b9:d3:18:c1:f0:
b3:b5:94:27:88:21:f6:36:e9:f5:f1:8e:35:5b:25:91:cc:34:
d1:4d:e9:6c:0a:5f:27:6e:6b:75:82:02:38:11:48:16:12:ed:
00:6b:63:0a:be:8c:65:b5:ba:63:76:6d:a5:4a:01:af:68:3f:
90:c2:60:5c:92:ff:d5:5b:bf:8a:9f:27:b3:eb:ef:6f:ef:38:
71:ec:fa:06:f1:a2:eb:f3:41:e9:12:f7:31:a5:4d:68:d3:8e:
4c:20:25:1f
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yMzA4MTQw
NDM0MzVaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDkxNTFCNzVCQ0VCNkQ1
QTc1Q0M3QzAzRTQwQ0FBMjUwOTE2RkVDMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe7bTvpXAkCOJsrJgeo1WRWQoibRI9V274aR02ALw0uU1IidmJ
4Cim+jdBnR1+IMJ22Vxs41HLMH6hUbffaBea6A21tkpM1BY9edMxkqkmrwBTSmJC
MTpU9ve8M3eWorjUuVQUzMCLfSc6rBUsvwBedudwLjaoqEHxGapbEIfi9KzMr+iq
f3TafpnSqxh6AfB9eRPozZ4RoD9aB/QvVtER5lY9QAzarAhbo5AYljPwlmEsO2xv
vfpwB7JEk6iDm/F3HP6NwwJ1PpVeE63u4nKVNrTjiRbu3utMvw0VSk1ePopzXXdA
ePkoBKUsQJx/Jp5SgzONAJEyWG1Kg/c81zbvAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUkVG3W8621adcx8A+QMqiUJFv7CMwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkva1ZHM1c4NjIxYWRj
eDhBLVFNcWlVSkZ2N0NNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBdr3QDANBgkqhkiG9w0BAQsFAAOCAQEAyiRBHV4Rlf/CNrns41/rFpuuck6b
b15eAenuXA9j6mnyfnjllD0FTMP1fuoovJbBC9VhX5JtHi0D4luyznsvgPmimJQg
3KLaXu2dLnYhkVFraueuFFiJZ+L88oynD/TM9TaDj0wQCOPJiVKJdPSUiAgXutaJ
ibcbOMPQFyvvBwgW2OiAYHvqIxl/JFAedXbfYr/WTwM2xfZIjzYU47nTGMHws7WU
J4gh9jbp9fGONVslkcw00U3pbApfJ25rdYICOBFIFhLtAGtjCr6MZbW6Y3ZtpUoB
r2g/kMJgXJL/1Vu/ip8ns+vvb+84cez6BvGi6/NB6RL3MaVNaNOOTCAlHw==
-----END CERTIFICATE-----
Generated at Fri May 24 04:47:34 2024 by rpki-client on console-ams.rpki-client.org