Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/0T_4IcYKktgG16_8ujA9sP5ZgW0.roa
File: 0T_4IcYKktgG16_8ujA9sP5ZgW0.roa (raw, json)
Hash identifier: 8DkmhH8JVlJQoUsulRbu6eiu1wTxgerGM/5OVAGRgtc=
Subject key identifier: D1:3F:F8:21:C6:0A:92:D8:06:D7:AF:FC:BA:30:3D:B0:FE:59:81:6D
Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2
Certificate serial: 0D01
Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/0T_4IcYKktgG16_8ujA9sP5ZgW0.roa
Signing time: Fri 02 Aug 2024 03:19:29 +0000
ROA not before: Fri 02 Aug 2024 03:19:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 136907
IP address blocks: 139.9.98.0/24 maxlen: 24
139.9.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 03:22:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3329 (0xd01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2
Validity
Not Before: Aug 2 03:19:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D13FF821C60A92D806D7AFFCBA303DB0FE59816D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4f:4a:22:c5:53:2c:8a:f8:e5:77:14:e0:69:
ca:2b:a1:8f:1d:07:65:ac:32:9c:1e:6e:dc:3b:32:
26:e3:df:2f:ac:c5:c8:5e:5b:79:8f:f6:11:74:51:
d8:35:89:9b:52:88:63:d4:d1:26:85:fb:d6:28:ab:
22:76:fa:2b:89:b4:db:8e:a4:bc:91:53:25:1a:4c:
b0:91:e2:3e:48:17:fb:07:5f:c3:73:9f:5f:de:d0:
02:d5:ae:f1:79:b8:75:67:5c:6b:73:d5:1c:03:17:
bd:80:70:9b:6a:17:b5:33:f5:66:37:67:30:be:e4:
75:67:c0:86:d5:b6:3f:66:ba:53:3f:07:fb:b4:3a:
10:18:64:6a:c6:98:93:d8:89:48:87:a0:40:47:b3:
23:d5:2c:a5:77:8c:05:24:a2:f9:4b:79:43:e4:a4:
a5:9c:f9:cb:04:27:09:35:95:33:dc:93:ab:9b:5a:
a3:c2:30:af:3a:1d:9e:58:83:74:88:14:a5:db:d6:
f3:87:63:21:89:59:78:76:87:23:ad:ad:c2:4d:0f:
f6:e9:32:55:d8:8a:66:bd:e8:66:84:74:af:a3:d6:
3e:b9:c0:a3:6a:24:ed:5c:63:ec:97:e9:37:da:1b:
94:f5:e1:fe:01:8e:7a:04:31:66:2b:9f:eb:cc:75:
25:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3F:F8:21:C6:0A:92:D8:06:D7:AF:FC:BA:30:3D:B0:FE:59:81:6D
X509v3 Authority Key Identifier:
keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/0T_4IcYKktgG16_8ujA9sP5ZgW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
139.9.98.0/23
Signature Algorithm: sha256WithRSAEncryption
07:3b:6e:80:bc:72:ff:52:6d:4c:20:0a:73:86:a9:f9:b8:a0:
78:b1:44:fc:d0:81:dc:ea:3a:5a:9a:92:96:20:33:c5:48:29:
ff:d4:5c:10:dc:7c:9b:2a:76:20:82:8e:24:4b:27:5e:6e:fd:
0d:50:79:5e:bb:f7:35:19:8e:62:17:17:77:42:78:59:63:20:
8a:23:19:a1:4b:01:59:a7:b7:4d:4e:0e:90:0f:02:26:72:72:
a1:97:2f:8f:71:2b:b4:9c:13:3d:d7:46:8c:7e:7f:4c:a6:df:
a2:e2:fe:3c:83:b7:74:fc:bb:9f:e1:e0:ed:13:b1:5c:cc:40:
8b:61:04:8b:da:b8:4a:68:ab:2c:78:6c:42:89:29:44:77:ee:
60:c6:aa:b5:85:b6:be:5d:c7:44:d8:ef:39:da:30:a1:ba:e5:
b9:e0:92:db:60:ab:49:d9:c5:6a:e2:c3:be:3c:c9:c7:f3:b5:
44:1e:77:88:3c:ee:ec:b8:ec:3e:27:36:51:75:d8:1f:83:77:
10:96:92:f0:e4:e0:38:a2:86:82:5d:3a:20:5e:16:2f:96:f2:
67:d1:e3:2f:0f:16:b2:8b:63:65:c6:43:9b:f2:00:ee:d8:e9:
6e:91:93:70:76:9c:ff:8a:d0:78:b8:a4:25:f8:1b:51:2d:42:
46:21:07:f6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE
MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNDA4MDIw
MzE5MjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxM0ZGODIxQzYwQTky
RDgwNkQ3QUZGQ0JBMzAzREIwRkU1OTgxNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiT0oixVMsivjldxTgacoroY8dB2WsMpwebtw7Mibj3y+sxche
W3mP9hF0Udg1iZtSiGPU0SaF+9YoqyJ2+iuJtNuOpLyRUyUaTLCR4j5IF/sHX8Nz
n1/e0ALVrvF5uHVnXGtz1RwDF72AcJtqF7Uz9WY3ZzC+5HVnwIbVtj9mulM/B/u0
OhAYZGrGmJPYiUiHoEBHsyPVLKV3jAUkovlLeUPkpKWc+csEJwk1lTPck6ubWqPC
MK86HZ5Yg3SIFKXb1vOHYyGJWXh2hyOtrcJND/bpMlXYima96GaEdK+j1j65wKNq
JO1cY+yX6TfaG5T14f4BjnoEMWYrn+vMdSXRAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU0T/4IcYKktgG16/8ujA9sP5ZgW0wHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S
3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvMFRfNEljWUtrdGdH
MTZfOHVqQTlzUDVaZ1cwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAYsJYjANBgkqhkiG9w0BAQsFAAOCAQEABztugLxy/1JtTCAKc4ap+bigeLFE
/NCB3Oo6WpqSliAzxUgp/9RcENx8myp2IIKOJEsnXm79DVB5Xrv3NRmOYhcXd0J4
WWMgiiMZoUsBWae3TU4OkA8CJnJyoZcvj3ErtJwTPddGjH5/TKbfouL+PIO3dPy7
n+Hg7ROxXMxAi2EEi9q4SmirLHhsQokpRHfuYMaqtYW2vl3HRNjvOdowobrlueCS
22CrSdnFauLDvjzJx/O1RB53iDzu7LjsPic2UXXYH4N3EJaS8OTgOKKGgl06IF4W
L5byZ9HjLw8WsotjZcZDm/IA7tjpbpGTcHac/4rQeLikJfgbUS1CRiEH9g==
-----END CERTIFICATE-----
Generated at Tue Aug 13 06:55:10 2024 by rpki-client on console-ams.rpki-client.org