Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/BWCpE87fqtnxCj-rdrbh7JtPNVQ.roa
File: BWCpE87fqtnxCj-rdrbh7JtPNVQ.roa (raw, json)
Hash identifier: wyCtNjiYu7hbCQDeBJS9pyb8Cfe0clhuq6C1/xpYnm0=
Subject key identifier: 05:60:A9:13:CE:DF:AA:D9:F1:0A:3F:AB:76:B6:E1:EC:9B:4F:35:54
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 0FEB
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/BWCpE87fqtnxCj-rdrbh7JtPNVQ.roa
Signing time: Wed 20 Sep 2023 06:31:00 +0000
ROA not before: Wed 20 Sep 2023 06:31:00 +0000
ROA not after: Tue 17 Sep 2024 08:06:57 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, certificate revoked on Tue 03 Sep 2024 08:16:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4075 (0xfeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Sep 20 06:31:00 2023 GMT
Not After : Sep 17 08:06:57 2024 GMT
Subject: CN=0560A913CEDFAAD9F10A3FAB76B6E1EC9B4F3554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a1:6c:c8:96:80:2b:e0:1b:44:d3:e8:f5:92:
f0:8b:d1:66:45:7a:8c:5d:02:6a:88:71:36:1f:ed:
b0:91:6e:c8:af:9c:f6:9a:f8:c1:07:ab:64:86:0a:
84:79:bd:0e:24:7d:eb:90:fb:b1:15:f5:68:11:23:
ab:83:58:62:a7:0b:1c:aa:98:fb:66:15:1e:89:a0:
9a:6c:21:36:1d:bc:e7:51:cf:9a:1b:4c:d4:ad:1b:
84:72:07:87:1b:f4:f6:66:29:03:e5:b7:5c:eb:c3:
f4:a3:2c:70:84:5d:e3:da:6c:8c:9b:88:5f:37:07:
46:19:32:bd:cc:05:ee:c8:59:e6:00:51:b6:da:b6:
7f:7b:93:85:c6:30:04:47:5b:e8:01:e5:50:2e:70:
04:ce:e9:cc:e0:5e:02:a9:a9:18:86:4f:26:4f:fb:
12:be:33:34:25:43:2a:10:ca:d8:9d:ac:83:6e:7a:
54:8b:d5:df:ac:65:b5:9c:1c:0b:bd:e5:0d:37:4e:
01:e3:15:d0:25:3d:4c:f6:0e:ab:ca:e1:b6:9e:72:
6e:ac:33:b4:63:a7:b0:a0:28:cd:7b:29:33:e7:c0:
2f:03:fd:18:a9:3f:ea:3a:7e:a6:57:26:a1:5c:ec:
11:b0:a1:b2:5f:88:34:43:66:a6:a3:2d:68:90:f6:
c2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:60:A9:13:CE:DF:AA:D9:F1:0A:3F:AB:76:B6:E1:EC:9B:4F:35:54
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/BWCpE87fqtnxCj-rdrbh7JtPNVQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
28:c2:24:01:f5:cf:7b:0b:73:90:0a:4e:0b:83:f5:e2:78:c3:
c8:12:85:77:81:38:10:fb:56:ed:f3:65:62:6e:33:9f:58:bf:
23:be:e3:76:8a:20:82:b4:27:ac:58:40:2c:3b:1c:ac:05:48:
f1:3d:0a:da:dd:19:8d:b2:d9:36:05:77:46:ec:b7:c1:8a:d9:
fc:c9:5c:21:5e:b9:d7:b1:39:10:39:99:78:aa:57:2a:02:6a:
5b:1e:99:a2:36:e0:6b:79:41:13:0d:ce:a7:de:25:da:a2:03:
38:eb:33:fb:b6:8f:6a:33:dd:52:28:c2:11:0d:41:d0:b9:8c:
a5:74:d3:dc:4d:bc:d5:35:63:47:6d:0b:85:ef:35:97:cc:8c:
05:40:7d:42:11:33:47:28:9d:b7:da:11:a4:87:54:0a:77:ac:
48:7c:57:b0:b9:cf:75:1f:bf:f2:53:5c:f9:0e:b1:a6:a8:e2:
35:83:cb:a2:33:a4:02:7f:fb:be:87:f1:3b:8a:be:51:c7:f3:
9e:30:11:b9:01:51:a6:5c:f4:8d:5c:df:a2:1e:0e:fe:e0:48:
6c:59:14:71:42:98:f2:8e:5a:81:1f:5d:d9:b9:18:bd:43:8e:
08:01:5d:fc:70:d9:b7:a6:50:a2:bd:ec:4d:f4:d0:c5:e9:83:
48:95:a3:b9
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICD+swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yMzA5MjAw
NjMxMDBaFw0yNDA5MTcwODA2NTdaMDMxMTAvBgNVBAMTKDA1NjBBOTEzQ0VERkFB
RDlGMTBBM0ZBQjc2QjZFMUVDOUI0RjM1NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7oWzIloAr4BtE0+j1kvCL0WZFeoxdAmqIcTYf7bCRbsivnPaa
+MEHq2SGCoR5vQ4kfeuQ+7EV9WgRI6uDWGKnCxyqmPtmFR6JoJpsITYdvOdRz5ob
TNStG4RyB4cb9PZmKQPlt1zrw/SjLHCEXePabIybiF83B0YZMr3MBe7IWeYAUbba
tn97k4XGMARHW+gB5VAucATO6czgXgKpqRiGTyZP+xK+MzQlQyoQytidrINuelSL
1d+sZbWcHAu95Q03TgHjFdAlPUz2DqvK4baecm6sM7Rjp7CgKM17KTPnwC8D/Rip
P+o6fqZXJqFc7BGwobJfiDRDZqajLWiQ9sJfAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUBWCpE87fqtnxCj+rdrbh7JtPNVQwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvQldDcEU4N2ZxdG54
Q2otcmRyYmg3SnRQTlZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBACjCJAH1z3sLc5AKTguD9eJ4w8gS
hXeBOBD7Vu3zZWJuM59YvyO+43aKIIK0J6xYQCw7HKwFSPE9CtrdGY2y2TYFd0bs
t8GK2fzJXCFeudexORA5mXiqVyoCalsemaI24Gt5QRMNzqfeJdqiAzjrM/u2j2oz
3VIowhENQdC5jKV009xNvNU1Y0dtC4XvNZfMjAVAfUIRM0conbfaEaSHVAp3rEh8
V7C5z3Ufv/JTXPkOsaao4jWDy6IzpAJ/+76H8TuKvlHH854wEbkBUaZc9I1c36Ie
Dv7gSGxZFHFCmPKOWoEfXdm5GL1DjggBXfxw2bemUKK97E300MXpg0iVo7k=
-----END CERTIFICATE-----
Generated at Tue Sep 3 09:41:53 2024 by rpki-client on console-fra.rpki-client.org