Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/WbuGj_wc0XzTHliiFpMIprjEfvQ.roa
File: WbuGj_wc0XzTHliiFpMIprjEfvQ.roa (raw, json)
Hash identifier: 2mvhyn9HSX4jjzlz2cKBBoRuOf58rC/H44+BuDt87GI=
Subject key identifier: 59:BB:86:8F:FC:1C:D1:7C:D3:1E:58:A2:16:93:08:A6:B8:C4:7E:F4
Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Certificate serial: 0220
Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/WbuGj_wc0XzTHliiFpMIprjEfvQ.roa
Signing time: Sat 13 Jan 2024 09:39:58 +0000
ROA not before: Sat 13 Jan 2024 09:39:58 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 135061
IP address blocks: 202.46.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:17:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 544 (0x220)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Validity
Not Before: Jan 13 09:39:58 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=59BB868FFC1CD17CD31E58A2169308A6B8C47EF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:21:44:6d:ec:cf:fc:79:d7:ba:c8:a8:cb:
75:a9:66:71:70:78:e8:1f:c4:2b:b7:19:5c:c2:b6:
b8:ca:0c:48:e8:65:b4:35:8c:49:98:79:c3:eb:11:
05:44:da:36:6b:30:e7:29:c8:13:c7:b6:a2:78:e3:
ca:dc:b6:39:39:6d:f1:75:a2:d3:48:c5:1c:ea:d2:
0f:7c:e1:1c:11:dc:78:ae:65:c2:81:4b:66:da:48:
7f:c0:82:db:4a:3b:29:1c:26:7c:08:8b:6d:cb:14:
0d:e1:28:7d:c9:13:ee:cb:24:11:69:d1:36:4a:24:
2f:6d:80:1d:6c:58:95:26:72:63:42:16:7a:bc:9f:
6e:14:4d:51:d8:2c:f4:9e:8b:cf:d3:69:23:2a:a5:
ed:75:7d:a3:9f:0b:0e:25:e6:6d:2e:9a:30:cf:f8:
93:e5:a6:d6:05:e7:c7:63:0d:10:3a:15:17:b3:37:
41:30:92:0e:22:f6:d7:2c:9f:b2:91:df:91:1d:62:
fc:aa:90:11:68:be:4a:4d:49:31:47:46:34:07:11:
0e:3f:28:5d:3f:d5:40:0e:2d:6e:ce:a0:b8:86:7f:
c3:9a:f3:7b:65:18:d4:bd:95:05:3e:f3:08:79:95:
74:a1:20:87:13:ef:0e:7d:d8:74:79:b6:eb:2a:d3:
80:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BB:86:8F:FC:1C:D1:7C:D3:1E:58:A2:16:93:08:A6:B8:C4:7E:F4
X509v3 Authority Key Identifier:
keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/WbuGj_wc0XzTHliiFpMIprjEfvQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.46.224.0/22
Signature Algorithm: sha256WithRSAEncryption
85:2b:fe:76:99:80:26:07:a4:62:7d:7b:22:d5:5b:d5:b9:07:
af:c2:e9:7f:7f:71:70:76:6c:ec:ec:8f:70:e3:35:36:ea:86:
34:4f:4d:de:d0:98:21:b2:a9:3e:35:32:c3:75:b4:c7:53:c4:
d6:a8:44:c7:b8:99:ee:65:42:76:3c:9c:57:e6:c8:81:59:65:
43:5d:b0:73:cb:4a:29:4d:6a:48:58:51:2f:e6:55:79:ca:c3:
37:c0:6f:7c:b2:9c:f6:2f:3b:9e:93:de:f7:91:4a:f7:b6:8c:
49:a9:53:1b:ca:2d:dc:e9:50:ed:42:c1:4c:bb:48:a4:ee:2a:
d1:fc:42:07:de:93:97:ac:8b:14:c5:ab:11:9f:4a:90:dd:f3:
b6:4d:67:e5:04:68:53:ea:92:99:98:51:18:01:18:25:12:b8:
7b:3b:e9:76:ad:aa:ee:d7:09:02:08:52:99:0b:b5:28:c8:b1:
45:7f:fb:88:f5:5e:b3:d2:cf:96:83:9d:0c:0f:a3:b3:a4:50:
11:38:f1:ae:75:b1:93:e0:5b:d9:01:c4:55:d7:81:4a:c9:be:
0f:01:18:71:74:a4:55:6c:cf:e9:4a:e1:fd:a7:4e:77:92:1f:
34:d5:32:04:8a:26:bd:d7:0e:b7:b8:3c:2e:c0:61:4e:39:5b:
24:8c:12:f2
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix
NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNDAxMTMw
OTM5NThaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDU5QkI4NjhGRkMxQ0Qx
N0NEMzFFNThBMjE2OTMwOEE2QjhDNDdFRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbpyFEbezP/HnXusioy3WpZnFweOgfxCu3GVzCtrjKDEjoZbQ1
jEmYecPrEQVE2jZrMOcpyBPHtqJ448rctjk5bfF1otNIxRzq0g984RwR3HiuZcKB
S2baSH/AgttKOykcJnwIi23LFA3hKH3JE+7LJBFp0TZKJC9tgB1sWJUmcmNCFnq8
n24UTVHYLPSei8/TaSMqpe11faOfCw4l5m0umjDP+JPlptYF58djDRA6FRezN0Ew
kg4i9tcsn7KR35EdYvyqkBFovkpNSTFHRjQHEQ4/KF0/1UAOLW7OoLiGf8Oa83tl
GNS9lQU+8wh5lXShIIcT7w592HR5tusq04DbAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUWbuGj/wc0XzTHliiFpMIprjEfvQwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b
3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvV2J1R2pfd2MwWHpU
SGxpaUZwTUlwcmpFZnZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsou4DANBgkqhkiG9w0BAQsFAAOCAQEAhSv+dpmAJgekYn17ItVb1bkHr8Lp
f39xcHZs7OyPcOM1NuqGNE9N3tCYIbKpPjUyw3W0x1PE1qhEx7iZ7mVCdjycV+bI
gVllQ12wc8tKKU1qSFhRL+ZVecrDN8BvfLKc9i87npPe95FK97aMSalTG8ot3OlQ
7ULBTLtIpO4q0fxCB96Tl6yLFMWrEZ9KkN3ztk1n5QRoU+qSmZhRGAEYJRK4ezvp
dq2q7tcJAghSmQu1KMixRX/7iPVes9LPloOdDA+js6RQETjxrnWxk+Bb2QHEVdeB
Ssm+DwEYcXSkVWzP6Urh/adOd5IfNNUyBIomvdcOt7g8LsBhTjlbJIwS8g==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:46:28 2024 by rpki-client on console-fra.rpki-client.org