Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2894/ckD5F4oSjFWNCqBPNE5ZmQ5vTBI.roa
File: ckD5F4oSjFWNCqBPNE5ZmQ5vTBI.roa (raw, json)
Hash identifier: moapmHarywuipnx2S3ff0EfmmrwiTr8jF4vvRckmN44=
Subject key identifier: 72:40:F9:17:8A:12:8C:55:8D:0A:A0:4F:34:4E:59:99:0E:6F:4C:12
Certificate issuer: /CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8
Certificate serial: 06EE
Authority key identifier: 83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/ckD5F4oSjFWNCqBPNE5ZmQ5vTBI.roa
Signing time: Wed 15 Feb 2023 09:16:40 +0000
ROA not before: Wed 15 Feb 2023 09:16:40 +0000
ROA not after: Tue 16 Jan 2024 06:09:07 +0000
asID: 146834
IP address blocks: 2404:e5c0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1774 (0x6ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8
Validity
Not Before: Feb 15 09:16:40 2023 GMT
Not After : Jan 16 06:09:07 2024 GMT
Subject: CN=7240F9178A128C558D0AA04F344E59990E6F4C12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c9:46:e9:2b:c9:33:3c:ca:1b:7a:cb:5b:34:
de:db:7b:8a:86:05:36:ef:b8:3d:e1:c7:3f:ee:d9:
7b:cc:97:ce:1e:c5:3a:12:fe:43:5a:22:1a:12:d4:
13:1b:f8:43:15:2c:fa:fc:24:a9:7a:65:7e:67:21:
97:fb:81:21:09:78:17:44:33:78:88:b5:93:eb:d6:
c4:42:7f:93:7d:f8:19:ca:3d:f0:66:12:4f:ab:7d:
e6:9f:d0:48:64:bc:d6:43:95:6e:6d:2a:69:70:f6:
dd:a6:d0:d0:c9:ae:b2:75:83:01:4d:3f:4d:af:42:
85:43:30:2a:75:b6:5b:c0:6f:28:30:85:1b:5c:6a:
60:ef:d3:17:cf:ce:f7:8d:a2:ec:ae:32:90:5b:52:
9a:c4:37:34:c8:fb:2f:7c:7d:8a:8f:ee:9f:e2:c6:
32:9e:f0:d9:5b:d8:9f:96:5b:36:24:11:66:f4:be:
35:59:33:b1:2d:75:56:65:b3:b9:03:a1:4a:9e:ff:
a4:2d:39:54:50:8d:8c:35:a7:d3:bc:d0:3d:58:1c:
06:bd:70:b9:fe:21:5f:b7:f0:1f:19:eb:f0:eb:7f:
ac:cd:55:c3:85:3e:bb:88:4b:13:a9:09:cd:1c:5a:
4d:e5:94:ec:6a:b2:f4:9b:9a:d3:a1:6c:23:a8:00:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:40:F9:17:8A:12:8C:55:8D:0A:A0:4F:34:4E:59:99:0E:6F:4C:12
X509v3 Authority Key Identifier:
keyid:83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/ckD5F4oSjFWNCqBPNE5ZmQ5vTBI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:e5c0::/32
Signature Algorithm: sha256WithRSAEncryption
85:13:6f:7c:5b:2f:4e:57:93:e4:5a:e9:5c:91:d6:ce:f2:e6:
d7:96:a9:08:32:cf:ca:0b:a1:e4:51:70:89:ad:af:5b:1c:20:
7f:30:8d:20:71:67:14:d5:7a:bd:60:a5:60:d4:bc:74:9d:24:
9d:92:00:f5:bc:62:17:86:15:62:38:db:af:62:de:36:85:e2:
14:19:18:14:b7:66:27:01:46:4e:3e:00:6d:db:6e:2d:84:85:
e0:9b:11:9b:dd:95:d3:b9:f2:9a:c9:fa:3b:35:92:59:8c:f1:
e1:b3:ab:f8:73:cf:87:a9:6a:6c:79:dc:b3:0e:16:a3:c6:1a:
a9:f1:4c:74:e1:a9:05:8b:8e:98:c3:cc:90:5d:4e:8d:a6:98:
da:51:09:fe:38:78:31:14:70:e0:d4:d5:24:73:7b:2b:e3:ad:
28:5e:1d:f9:f3:34:82:25:37:bf:5b:a7:9b:f2:36:76:1f:46:
a5:a1:54:a4:ec:a6:88:12:7c:d2:93:35:c5:9f:55:95:8e:c1:
ad:42:1b:40:4e:38:7b:f0:08:6d:94:1e:81:22:40:a2:26:35:
20:2f:1b:3e:df:dc:27:50:1b:6e:08:aa:69:78:2e:99:ef:93:
f1:26:15:4b:4a:10:2a:10:e9:e1:22:e0:ab:cf:94:e6:50:2c:
ba:7e:23:13
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICBu4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODM5
RjU1N0I5RjlGMkY2Q0RENzVBRkI0QUJBOEEyQTc5NkM2MTBFODAeFw0yMzAyMTUw
OTE2NDBaFw0yNDAxMTYwNjA5MDdaMDMxMTAvBgNVBAMTKDcyNDBGOTE3OEExMjhD
NTU4RDBBQTA0RjM0NEU1OTk5MEU2RjRDMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFyUbpK8kzPMobestbNN7be4qGBTbvuD3hxz/u2XvMl84exToS
/kNaIhoS1BMb+EMVLPr8JKl6ZX5nIZf7gSEJeBdEM3iItZPr1sRCf5N9+BnKPfBm
Ek+rfeaf0EhkvNZDlW5tKmlw9t2m0NDJrrJ1gwFNP02vQoVDMCp1tlvAbygwhRtc
amDv0xfPzveNouyuMpBbUprENzTI+y98fYqP7p/ixjKe8Nlb2J+WWzYkEWb0vjVZ
M7EtdVZls7kDoUqe/6QtOVRQjYw1p9O80D1YHAa9cLn+IV+38B8Z6/Drf6zNVcOF
PruISxOpCc0cWk3llOxqsvSbmtOhbCOoAH3bAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUckD5F4oSjFWNCqBPNE5ZmQ5vTBIwHwYDVR0jBBgwFoAUg59Ve5+fL2zdda+0
q6iip5bGEOgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5
NC9nNTlWZTUtZkwyemRkYS0wcTZpaXA1YkdFT2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2c1OVZlNS1mTDJ6ZGRhLTBxNmlpcDViR0VPZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTQvY2tENUY0b1NqRldO
Q3FCUE5FNVptUTV2VEJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQE5cAwDQYJKoZIhvcNAQELBQADggEBAIUTb3xbL05Xk+Ra6VyR1s7y5teW
qQgyz8oLoeRRcImtr1scIH8wjSBxZxTVer1gpWDUvHSdJJ2SAPW8YheGFWI4269i
3jaF4hQZGBS3ZicBRk4+AG3bbi2EheCbEZvdldO58prJ+js1klmM8eGzq/hzz4ep
amx53LMOFqPGGqnxTHThqQWLjpjDzJBdTo2mmNpRCf44eDEUcODU1SRzeyvjrShe
HfnzNIIlN79bp5vyNnYfRqWhVKTspogSfNKTNcWfVZWOwa1CG0BOOHvwCG2UHoEi
QKImNSAvGz7f3CdQG24Iqml4Lpnvk/EmFUtKECoQ6eEi4KvPlOZQLLp+IxM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:01 2024 by rpki-client on console-ams.rpki-client.org