Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/3L8B6p69cwTjKoWED2lfaOS03ew.roa
File: 3L8B6p69cwTjKoWED2lfaOS03ew.roa (raw, json)
Hash identifier: f4HrQiPWCw8nGGFEC8zHz4vPfxeGF41CHWCC7bUzDCY=
Subject key identifier: DC:BF:01:EA:9E:BD:73:04:E3:2A:85:84:0F:69:5F:68:E4:B4:DD:EC
Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Certificate serial: 1011
Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/3L8B6p69cwTjKoWED2lfaOS03ew.roa
Signing time: Fri 19 May 2023 05:53:32 +0000
ROA not before: Fri 19 May 2023 05:53:32 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 134764
IP address blocks: 120.31.164.0/22 maxlen: 23
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4113 (0x1011)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Validity
Not Before: May 19 05:53:32 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=DCBF01EA9EBD7304E32A85840F695F68E4B4DDEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:d7:47:e1:be:ce:c1:f1:4e:7b:93:50:c2:
cb:67:96:3c:62:32:da:a4:ee:ab:66:61:f3:6e:c7:
06:8b:95:1b:af:26:ec:27:0e:4c:8d:18:25:ae:c4:
6a:db:2d:3b:bd:50:30:e2:96:4b:38:25:7c:9f:91:
e3:66:c8:f8:07:2a:ea:8f:78:45:7c:1b:d0:6c:08:
16:d4:9f:bc:65:7f:ac:7a:cd:ae:a3:3f:e9:58:be:
82:63:62:12:02:05:ba:f4:5f:98:b0:9b:e2:ab:8f:
4b:38:2c:6a:c4:db:1d:10:e7:6f:d1:4c:51:b9:46:
f8:93:41:79:cd:40:38:05:7c:42:a5:08:8e:18:35:
05:75:70:f0:d9:44:4c:c4:33:cc:45:a9:c9:04:91:
db:92:41:76:2a:2b:1d:6d:b0:c5:75:ad:fa:04:ba:
e1:36:89:77:75:37:78:40:f8:8d:8e:82:b7:ca:25:
91:e7:af:8e:b9:e6:ad:9e:72:95:72:8b:c1:39:0a:
a6:37:2f:9f:5d:5f:30:83:f2:66:12:3d:c8:d7:da:
d6:dc:19:b9:d6:8f:13:7b:fd:49:be:11:ad:aa:aa:
b0:74:43:95:a4:86:3b:18:3f:5d:50:3d:11:54:b1:
28:e4:5e:b9:45:67:b1:b0:b1:aa:40:2a:c5:5f:be:
c1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BF:01:EA:9E:BD:73:04:E3:2A:85:84:0F:69:5F:68:E4:B4:DD:EC
X509v3 Authority Key Identifier:
keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/3L8B6p69cwTjKoWED2lfaOS03ew.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
120.31.164.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:49:3d:2b:d0:93:10:90:c5:bb:f7:7a:87:2e:5b:0a:db:cf:
36:4b:2e:1a:c9:55:fd:8c:fa:6e:21:95:d3:e9:91:91:94:fa:
83:cb:2e:90:3f:a0:a6:c9:7a:97:a5:d6:2f:f2:c4:35:e1:1f:
c2:88:7a:02:25:ee:ff:d1:92:c5:f8:c5:03:60:4d:c0:3a:e7:
7b:a4:88:07:10:86:85:4c:12:a8:4b:72:fa:67:cc:c3:9e:13:
60:12:87:0b:28:c8:bc:b0:9f:c1:bb:c6:ea:2b:bf:20:30:b0:
f7:9b:98:19:8b:9f:44:41:0d:73:0c:56:8d:77:f3:f7:d4:3f:
ed:27:92:9f:f8:a6:b9:50:41:fb:66:04:b8:de:a3:dd:86:61:
57:cd:31:5a:64:25:5a:f3:ab:e4:35:ab:3e:46:dc:0a:b1:bf:
b3:a0:5e:32:fb:16:d7:c5:ba:c9:c3:0f:0b:20:2b:c3:8e:a9:
00:ff:f0:51:52:78:75:f8:71:7b:f0:f2:46:5e:00:32:7e:87:
34:66:ea:65:20:46:00:dc:b9:be:10:e8:91:b5:6a:99:01:c5:
56:c5:5d:58:0e:bb:33:eb:c9:db:ee:66:7e:d8:d5:91:f5:e2:
08:3a:4b:51:9b:8c:a6:1c:70:2d:65:ec:b1:df:cc:be:9d:c2:
83:95:d3:cb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEBEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG
M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yMzA1MTkw
NTUzMzJaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKERDQkYwMUVBOUVCRDcz
MDRFMzJBODU4NDBGNjk1RjY4RTRCNERERUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwLtdH4b7OwfFOe5NQwstnljxiMtqk7qtmYfNuxwaLlRuvJuwn
DkyNGCWuxGrbLTu9UDDilks4JXyfkeNmyPgHKuqPeEV8G9BsCBbUn7xlf6x6za6j
P+lYvoJjYhICBbr0X5iwm+Krj0s4LGrE2x0Q52/RTFG5RviTQXnNQDgFfEKlCI4Y
NQV1cPDZREzEM8xFqckEkduSQXYqKx1tsMV1rfoEuuE2iXd1N3hA+I2OgrfKJZHn
r4655q2ecpVyi8E5CqY3L59dXzCD8mYSPcjX2tbcGbnWjxN7/Um+Ea2qqrB0Q5Wk
hjsYP11QPRFUsSjkXrlFZ7GwsapAKsVfvsENAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3L8B6p69cwTjKoWED2lfaOS03ewwHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox
Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy
L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyLzNMOEI2cDY5Y3dUaktv
V0VEMmxmYU9TMDNldy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ4H6QwDQYJKoZIhvcNAQELBQADggEBACxJPSvQkxCQxbv3eocuWwrbzzZLLhrJ
Vf2M+m4hldPpkZGU+oPLLpA/oKbJepel1i/yxDXhH8KIegIl7v/RksX4xQNgTcA6
53ukiAcQhoVMEqhLcvpnzMOeE2AShwsoyLywn8G7xuorvyAwsPebmBmLn0RBDXMM
Vo138/fUP+0nkp/4prlQQftmBLjeo92GYVfNMVpkJVrzq+Q1qz5G3Aqxv7OgXjL7
FtfFusnDDwsgK8OOqQD/8FFSeHX4cXvw8kZeADJ+hzRm6mUgRgDcub4Q6JG1apkB
xVbFXVgOuzPrydvuZn7Y1ZH14gg6S1GbjKYccC1l7LHfzL6dwoOV08s=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org