Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3051/kpdHKYWDyiQvI5Kqlo7Uq8twiiQ.roa
File: kpdHKYWDyiQvI5Kqlo7Uq8twiiQ.roa (raw, json)
Hash identifier: 1b/ke+Gq5Tnk06+NxZPUrfePDPc5snDUNVc0JayCC9U=
Subject key identifier: 92:97:47:29:85:83:CA:24:2F:23:92:AA:96:8E:D4:AB:CB:70:8A:24
Certificate issuer: /CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E
Certificate serial: 1172
Authority key identifier: FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/kpdHKYWDyiQvI5Kqlo7Uq8twiiQ.roa
Signing time: Fri 19 May 2023 05:53:25 +0000
ROA not before: Fri 19 May 2023 05:53:25 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 24409
IP address blocks: 111.223.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:22:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4466 (0x1172)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E
Validity
Not Before: May 19 05:53:25 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=929747298583CA242F2392AA968ED4ABCB708A24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e3:0f:ab:61:60:aa:6c:41:1d:f6:01:e3:e1:
d2:d6:19:ca:11:e7:7a:6b:b8:68:34:ec:12:74:39:
85:b9:aa:1a:90:0a:5c:73:86:4e:9a:c6:5e:07:fd:
eb:40:67:90:19:91:bb:64:76:c3:ad:de:82:0c:c2:
a8:55:b4:3b:f4:6f:17:81:cb:0b:02:24:f6:05:34:
b4:95:cd:e1:aa:94:b3:cc:a4:4a:82:9f:8b:d5:3c:
23:a3:0a:81:81:be:b6:dc:74:7b:1d:e7:f5:79:a0:
df:bd:d3:df:a9:c5:85:3d:c7:e1:d9:a3:f8:b9:ca:
81:d7:a3:62:b7:7c:91:98:af:32:5f:a2:5e:6c:28:
85:69:e5:31:db:fe:24:9e:e2:50:f8:38:1a:c9:1e:
58:1a:c0:4c:be:f4:d1:8e:d6:8e:a5:cc:0d:5d:0d:
e4:84:f2:81:16:6f:ac:4c:e7:f7:84:de:2a:df:97:
7d:b6:c9:21:ab:d5:56:ae:31:82:99:75:0a:c7:a2:
0a:ce:72:1b:1c:53:7d:32:00:3d:d7:84:87:0e:fb:
40:dd:43:a1:b4:f0:c1:23:cd:79:bd:7b:66:4e:6b:
1a:87:31:7b:01:af:a5:32:c6:58:71:7c:06:c4:37:
2b:c8:e7:86:70:32:ba:ea:7f:0b:09:a9:c7:3a:be:
49:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:97:47:29:85:83:CA:24:2F:23:92:AA:96:8E:D4:AB:CB:70:8A:24
X509v3 Authority Key Identifier:
keyid:FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/_APy-Wb2K_3GawQVYum6QAMtoJ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/kpdHKYWDyiQvI5Kqlo7Uq8twiiQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.223.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:2a:25:d1:cc:5b:5a:35:2d:a4:dc:af:18:be:39:13:1e:5c:
0a:d5:8f:81:5a:a8:0a:b3:67:43:c6:9d:7f:0b:ec:66:ec:01:
51:48:52:56:d5:86:29:30:dc:8d:b6:92:a1:c2:b5:d8:36:1e:
eb:a2:8b:91:62:6c:e8:5b:28:9b:ae:82:12:ab:02:fe:4f:da:
48:0d:b1:10:65:ff:45:0b:a9:d7:24:0b:a8:21:86:99:07:51:
1c:ae:92:e9:25:1a:03:8e:d8:31:31:0e:67:44:ed:70:03:9c:
c5:4c:0d:34:3f:1a:1f:10:9b:ed:ce:bf:2c:f3:77:ed:ea:61:
b6:fa:44:0f:8e:05:22:ce:43:23:6e:1c:0d:8d:30:ff:a8:71:
ad:f2:33:bf:36:12:49:bf:e6:95:ab:e1:9b:2d:c2:13:b0:e7:
90:39:bf:96:40:5a:8f:89:c9:7d:5e:49:cd:b9:2b:35:2d:28:
44:64:02:38:28:fe:42:3d:1d:2c:f8:a4:5d:73:59:fb:8e:2c:
a2:3e:78:c0:3a:13:05:fb:08:08:44:0b:0e:8c:a6:ae:34:91:
68:b9:78:56:9c:da:91:25:f0:92:6b:95:33:6b:4b:3e:cf:59:
91:0e:75:50:f1:0f:03:4e:4b:7f:4c:9d:c1:9f:ec:2d:d7:f7:
13:e3:a2:26
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkMw
M0YyRjk2NkY2MkJGREM2NkIwNDE1NjJFOUJBNDAwMzJEQTA5RTAeFw0yMzA1MTkw
NTUzMjVaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDkyOTc0NzI5ODU4M0NB
MjQyRjIzOTJBQTk2OEVENEFCQ0I3MDhBMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ4w+rYWCqbEEd9gHj4dLWGcoR53pruGg07BJ0OYW5qhqQClxz
hk6axl4H/etAZ5AZkbtkdsOt3oIMwqhVtDv0bxeBywsCJPYFNLSVzeGqlLPMpEqC
n4vVPCOjCoGBvrbcdHsd5/V5oN+909+pxYU9x+HZo/i5yoHXo2K3fJGYrzJfol5s
KIVp5THb/iSe4lD4OBrJHlgawEy+9NGO1o6lzA1dDeSE8oEWb6xM5/eE3irfl322
ySGr1VauMYKZdQrHogrOchscU30yAD3XhIcO+0DdQ6G08MEjzXm9e2ZOaxqHMXsB
r6UyxlhxfAbENyvI54ZwMrrqfwsJqcc6vkmVAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUkpdHKYWDyiQvI5Kqlo7Uq8twiiQwHwYDVR0jBBgwFoAU/APy+Wb2K/3GawQV
Yum6QAMtoJ4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA1
MS9fQVB5LVdiMktfM0dhd1FWWXVtNlFBTXRvSjQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19BUHktV2IyS18zR2F3UVZZdW02UUFNdG9KNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNTEva3BkSEtZV0R5aVF2
STVLcWxvN1VxOHR3aWlRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAm/fCDANBgkqhkiG9w0BAQsFAAOCAQEASiol0cxbWjUtpNyvGL45Ex5cCtWP
gVqoCrNnQ8adfwvsZuwBUUhSVtWGKTDcjbaSocK12DYe66KLkWJs6Fsom66CEqsC
/k/aSA2xEGX/RQup1yQLqCGGmQdRHK6S6SUaA47YMTEOZ0TtcAOcxUwNND8aHxCb
7c6/LPN37ephtvpED44FIs5DI24cDY0w/6hxrfIzvzYSSb/mlavhmy3CE7DnkDm/
lkBaj4nJfV5JzbkrNS0oRGQCOCj+Qj0dLPikXXNZ+44soj54wDoTBfsICEQLDoym
rjSRaLl4VpzakSXwkmuVM2tLPs9ZkQ51UPEPA05Lf0ydwZ/sLdf3E+OiJg==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org