Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/95GwfI1F62wDQZsUH8Ii8aem9QE.roa
File: 95GwfI1F62wDQZsUH8Ii8aem9QE.roa (raw, json)
Hash identifier: UVl0Js8bLVu1JYy0gfD9taCFmqbkMIwuHn+OfJl59Q4=
Subject key identifier: F7:91:B0:7C:8D:45:EB:6C:03:41:9B:14:1F:C2:22:F1:A7:A6:F5:01
Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Certificate serial: 1945
Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/95GwfI1F62wDQZsUH8Ii8aem9QE.roa
Signing time: Tue 03 Sep 2024 08:16:51 +0000
ROA not before: Tue 03 Sep 2024 08:16:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 135373
IP address blocks: 112.73.0.0/19 maxlen: 24
112.73.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 01:55:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6469 (0x1945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Validity
Not Before: Sep 3 08:16:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F791B07C8D45EB6C03419B141FC222F1A7A6F501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:60:da:51:a9:d5:93:b6:6f:8c:5a:d1:62:91:
71:8a:c8:ac:a7:36:ef:27:a8:f4:5c:f0:33:72:b3:
04:9e:1c:69:58:63:9e:3b:39:46:d4:57:f4:07:2f:
87:ff:ee:a6:e5:5c:88:58:2e:9e:98:06:ef:17:48:
24:33:ac:71:ba:02:b7:94:9f:6d:8e:b0:2c:18:54:
6c:f9:f3:c5:e8:6d:c0:bd:94:56:1b:ef:6c:58:95:
ae:da:7b:d3:3c:d7:c7:70:6d:cc:b1:cf:31:6d:d6:
f9:92:15:33:62:a1:8a:f6:f3:7e:ae:a6:f0:fe:e4:
6e:8d:4c:2e:4b:b6:67:7c:e7:7f:d7:33:00:ff:b1:
f8:76:0b:31:a7:c2:a6:71:ba:02:5d:e3:f1:5e:1a:
1b:31:dd:19:3f:e1:74:ca:cf:3d:4f:37:7a:88:c0:
4f:ce:4b:03:81:0c:ce:8f:3d:9b:c0:95:5a:47:74:
f9:67:9f:61:7b:55:d3:68:54:49:3d:ab:c3:19:4a:
30:de:ff:06:1c:cc:1d:14:68:85:47:9a:8b:cf:79:
2a:0d:54:39:01:83:c6:78:39:1b:a7:f1:98:ad:f5:
c0:0b:85:a5:59:40:c0:df:a2:cf:95:44:ad:ac:e1:
10:2d:2a:06:60:ee:9e:33:47:36:61:b7:8b:99:0f:
a1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:91:B0:7C:8D:45:EB:6C:03:41:9B:14:1F:C2:22:F1:A7:A6:F5:01
X509v3 Authority Key Identifier:
keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/95GwfI1F62wDQZsUH8Ii8aem9QE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.73.0.0/18
Signature Algorithm: sha256WithRSAEncryption
c2:1c:78:1d:45:73:8c:c1:e3:e0:09:19:23:ba:1b:13:05:93:
4a:61:b3:2d:6b:53:cb:d8:c1:b7:1c:a6:dc:9d:d2:50:b0:fa:
0a:83:78:5a:7b:90:ae:3e:e7:14:1d:e5:12:d2:8b:ec:12:e7:
ce:0b:b2:87:d0:ef:f8:28:9a:89:de:42:87:34:15:ba:5a:89:
f7:93:4a:79:91:5a:19:b0:f2:e0:97:b2:1d:74:cf:13:e2:f4:
c7:a7:cb:37:11:63:fe:b4:08:c1:4b:2f:b2:e1:c5:5b:f7:d5:
81:d4:f7:71:ba:3c:b7:20:af:14:77:9c:41:b6:07:08:4c:9a:
5d:e9:f9:2b:d4:24:d6:97:a9:17:4d:0a:a8:32:8c:96:e5:07:
ef:d2:bb:2c:b6:5d:e7:33:7a:55:81:31:e1:a1:78:95:49:c7:
ea:ff:3e:02:99:98:57:97:c0:09:b3:ad:49:b8:b1:1e:33:35:
3c:e0:4e:6a:fc:1c:45:79:92:12:92:8f:e4:d6:0e:fc:67:8f:
7e:74:89:27:75:29:75:54:c5:3e:e1:8d:48:62:b9:46:47:29:
33:ac:20:e2:5b:50:65:6e:65:f8:9f:bc:89:83:8f:71:e6:4c:
9b:c9:f2:a8:85:4d:7b:97:e7:a2:ad:8f:ba:ce:06:95:d4:a3:
4b:7b:80:78
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG
M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yNDA5MDMw
ODE2NTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY3OTFCMDdDOEQ0NUVC
NkMwMzQxOUIxNDFGQzIyMkYxQTdBNkY1MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2YNpRqdWTtm+MWtFikXGKyKynNu8nqPRc8DNyswSeHGlYY547
OUbUV/QHL4f/7qblXIhYLp6YBu8XSCQzrHG6AreUn22OsCwYVGz588XobcC9lFYb
72xYla7ae9M818dwbcyxzzFt1vmSFTNioYr2836upvD+5G6NTC5Ltmd853/XMwD/
sfh2CzGnwqZxugJd4/FeGhsx3Rk/4XTKzz1PN3qIwE/OSwOBDM6PPZvAlVpHdPln
n2F7VdNoVEk9q8MZSjDe/wYczB0UaIVHmovPeSoNVDkBg8Z4ORun8Zit9cALhaVZ
QMDfos+VRK2s4RAtKgZg7p4zRzZht4uZD6G9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU95GwfI1F62wDQZsUH8Ii8aem9QEwHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox
Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy
L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyLzk1R3dmSTFGNjJ3RFFa
c1VIOElpOGFlbTlRRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAZwSQAwDQYJKoZIhvcNAQELBQADggEBAMIceB1Fc4zB4+AJGSO6GxMFk0phsy1r
U8vYwbccptyd0lCw+gqDeFp7kK4+5xQd5RLSi+wS584LsofQ7/gomoneQoc0Fbpa
ifeTSnmRWhmw8uCXsh10zxPi9MenyzcRY/60CMFLL7LhxVv31YHU93G6PLcgrxR3
nEG2BwhMml3p+SvUJNaXqRdNCqgyjJblB+/Suyy2XeczelWBMeGheJVJx+r/PgKZ
mFeXwAmzrUm4sR4zNTzgTmr8HEV5khKSj+TWDvxnj350iSd1KXVUxT7hjUhiuUZH
KTOsIOJbUGVuZfifvImDj3HmTJvJ8qiFTXuX56Ktj7rOBpXUo0t7gHg=
-----END CERTIFICATE-----
Generated at Fri Sep 6 03:19:25 2024 by rpki-client on console-fra.rpki-client.org