Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/CRovfI8jfWIV-qMlQtNmaCI-Oo4.roa
File: CRovfI8jfWIV-qMlQtNmaCI-Oo4.roa (raw, json)
Hash identifier: /d35hovkjiHjajpA8DCyWAnx3SHpQ0fg9vm/CVjwdsY=
Subject key identifier: 09:1A:2F:7C:8F:23:7D:62:15:FA:A3:25:42:D3:66:68:22:3E:3A:8E
Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Certificate serial: 0230
Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/CRovfI8jfWIV-qMlQtNmaCI-Oo4.roa
Signing time: Tue 16 Jan 2024 02:35:10 +0000
ROA not before: Tue 16 Jan 2024 02:35:10 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 135061
IP address blocks: 2407:8f40:2::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:17:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 560 (0x230)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Validity
Not Before: Jan 16 02:35:10 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=091A2F7C8F237D6215FAA32542D36668223E3A8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:13:b6:f6:c0:77:00:40:2c:ed:a9:03:34:4d:
8e:ea:ce:1b:14:f2:b3:f4:88:9a:ba:3b:30:cb:6c:
06:72:eb:75:b1:94:e8:e9:59:dc:87:a7:63:87:10:
90:9a:d5:27:84:42:7d:10:b7:7a:a9:df:1a:3f:58:
0b:0c:01:26:89:27:6e:d4:43:fc:85:5a:0b:b4:d7:
8a:3f:16:a5:66:97:12:88:ad:f2:b1:30:b5:df:a8:
32:24:08:e7:15:85:0a:25:42:a6:a9:4a:15:47:15:
4f:ee:1e:c6:cd:75:2e:8b:82:96:fa:09:04:f7:58:
63:96:8c:da:a1:40:a1:14:25:da:00:fa:c5:1a:25:
d0:0c:f0:f9:e0:b7:ca:fa:a6:87:49:2a:57:5f:3a:
3d:39:c4:fd:fb:d6:d3:68:60:72:a2:31:48:93:a9:
39:49:9c:ff:b1:2f:07:cd:f7:f1:5f:3b:60:41:1c:
89:6a:1f:e8:5a:60:62:b8:f5:90:70:de:c3:b5:62:
0a:3b:8b:f0:b2:b4:dd:2a:59:7e:0f:39:59:fe:c0:
6e:15:02:43:2f:f7:33:cc:ed:37:8c:8c:fc:01:d9:
46:88:ac:6f:7d:bc:ea:0b:f5:79:48:c7:9a:f8:2a:
38:23:4c:3d:aa:3c:89:c2:66:ac:6b:04:e0:93:05:
0d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1A:2F:7C:8F:23:7D:62:15:FA:A3:25:42:D3:66:68:22:3E:3A:8E
X509v3 Authority Key Identifier:
keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/CRovfI8jfWIV-qMlQtNmaCI-Oo4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:8f40:2::/48
Signature Algorithm: sha256WithRSAEncryption
28:01:10:97:03:ac:e6:4b:b0:cf:19:b5:73:40:21:c1:d2:7d:
ac:df:76:b5:8a:23:c3:4b:fc:2e:6e:d6:59:94:69:86:f9:6e:
1c:50:f5:4c:97:f9:a2:20:c8:94:1e:3c:18:84:4d:df:6d:44:
54:00:3f:67:a3:e9:82:72:bf:42:5c:9c:52:f2:7e:f0:e2:31:
aa:b5:df:2d:2c:be:5f:c3:4d:73:10:70:6d:68:67:44:7e:f6:
df:3f:ae:52:88:fe:e5:4b:38:5e:08:f6:2e:02:1d:d8:5d:47:
ad:42:80:c3:06:ac:d8:23:ab:c8:89:da:e0:d1:57:59:9b:8f:
02:76:e0:25:26:4a:99:70:4f:d3:c9:91:0f:0b:f7:6f:08:68:
22:b9:63:50:42:d5:d4:8e:2b:12:1a:d5:50:87:3e:14:78:b7:
3c:35:31:c5:08:a8:64:24:a5:16:39:5e:8f:8e:1b:a2:8d:7a:
16:b7:31:b3:f7:fe:55:5d:e7:2e:23:70:73:ef:f7:c2:aa:0a:
ab:e0:20:aa:bc:11:95:c2:e7:ef:6e:ec:45:41:99:b9:a7:2a:
a8:b8:b7:5c:9a:63:df:f3:39:5c:2f:33:04:d7:90:a4:bc:e8:
3f:39:3a:17:d1:63:d2:cc:66:4b:c5:c1:d8:4f:e2:03:6a:66:
7e:aa:de:81
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAjAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix
NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNDAxMTYw
MjM1MTBaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDA5MUEyRjdDOEYyMzdE
NjIxNUZBQTMyNTQyRDM2NjY4MjIzRTNBOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4E7b2wHcAQCztqQM0TY7qzhsU8rP0iJq6OzDLbAZy63WxlOjp
WdyHp2OHEJCa1SeEQn0Qt3qp3xo/WAsMASaJJ27UQ/yFWgu014o/FqVmlxKIrfKx
MLXfqDIkCOcVhQolQqapShVHFU/uHsbNdS6Lgpb6CQT3WGOWjNqhQKEUJdoA+sUa
JdAM8Pngt8r6podJKldfOj05xP371tNoYHKiMUiTqTlJnP+xLwfN9/FfO2BBHIlq
H+haYGK49ZBw3sO1Ygo7i/CytN0qWX4POVn+wG4VAkMv9zPM7TeMjPwB2UaIrG99
vOoL9XlIx5r4KjgjTD2qPInCZqxrBOCTBQ3JAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUCRovfI8jfWIV+qMlQtNmaCI+Oo4wHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b
3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvQ1JvdmZJOGpmV0lW
LXFNbFF0Tm1hQ0ktT280LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACQHj0AAAjANBgkqhkiG9w0BAQsFAAOCAQEAKAEQlwOs5kuwzxm1c0AhwdJ9
rN92tYojw0v8Lm7WWZRphvluHFD1TJf5oiDIlB48GIRN321EVAA/Z6PpgnK/Qlyc
UvJ+8OIxqrXfLSy+X8NNcxBwbWhnRH723z+uUoj+5Us4Xgj2LgId2F1HrUKAwwas
2COryIna4NFXWZuPAnbgJSZKmXBP08mRDwv3bwhoIrljUELV1I4rEhrVUIc+FHi3
PDUxxQioZCSlFjlej44boo16Frcxs/f+VV3nLiNwc+/3wqoKq+AgqrwRlcLn727s
RUGZuacqqLi3XJpj3/M5XC8zBNeQpLzoPzk6F9Fj0sxmS8XB2E/iA2pmfqregQ==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:46:28 2024 by rpki-client on console-fra.rpki-client.org