Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/c5KzsSeESmclR5c_Urp-sjpVPNo.roa
File: c5KzsSeESmclR5c_Urp-sjpVPNo.roa (raw, json)
Hash identifier: lDAIkb9+DlTTtrjr8PbBcaCKrZtE4xGaRBWjFuau+28=
Subject key identifier: 73:92:B3:B1:27:84:4A:67:25:47:97:3F:52:BA:7E:B2:3A:55:3C:DA
Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Certificate serial: 1010
Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/c5KzsSeESmclR5c_Urp-sjpVPNo.roa
Signing time: Fri 19 May 2023 05:53:32 +0000
ROA not before: Fri 19 May 2023 05:53:32 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 4515
IP address blocks: 120.31.164.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4112 (0x1010)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Validity
Not Before: May 19 05:53:32 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=7392B3B127844A672547973F52BA7EB23A553CDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:52:82:5f:f0:2b:79:6c:f9:4b:66:ed:1b:0b:
91:69:40:93:95:9b:84:24:8d:5a:80:a3:8f:24:15:
bf:a2:98:de:11:0a:42:42:94:ce:bd:f7:f4:06:1b:
b3:76:98:89:a9:84:ee:34:e2:d0:8f:24:c7:1f:86:
10:94:e8:39:47:d5:41:76:fe:37:fd:fb:bc:16:43:
60:1f:22:da:24:6e:a5:ec:5b:51:68:2b:de:00:f6:
33:ce:ff:bd:0d:6c:41:18:ff:64:9c:6e:d0:f3:75:
92:09:f2:98:60:b7:fa:e4:44:cf:f1:0b:72:88:e5:
14:21:dc:2a:f4:4d:c2:a9:5b:e6:d7:9a:59:0a:11:
f4:91:06:ce:c9:42:03:3c:9e:86:97:26:e4:b2:3e:
c3:82:5a:65:09:56:6e:8f:87:98:10:75:e5:d8:7a:
d5:37:bc:f4:0d:ab:6f:e1:0d:18:b2:00:d6:8b:e0:
9b:58:3e:1d:90:05:8b:c2:30:62:98:aa:bb:b5:46:
61:68:cf:aa:ba:30:25:97:26:57:f1:05:80:d8:a3:
3f:a0:d8:78:9b:fd:fc:04:c8:c0:76:2e:41:c0:8f:
83:68:f3:d7:e1:9f:a1:d0:bf:b2:a1:06:f4:ea:59:
0d:fb:a6:2b:22:69:b5:98:59:b0:25:ff:b6:0e:42:
c2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:92:B3:B1:27:84:4A:67:25:47:97:3F:52:BA:7E:B2:3A:55:3C:DA
X509v3 Authority Key Identifier:
keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/c5KzsSeESmclR5c_Urp-sjpVPNo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
120.31.164.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:84:d4:78:a6:f9:be:7e:9a:a8:e9:a8:7d:17:a4:a4:6a:fb:
5d:b4:c3:69:7e:8e:ff:34:35:fb:e2:4f:6a:24:f3:ca:0c:16:
1c:40:9d:cf:fd:6b:7c:9f:bf:43:39:81:b8:18:0c:ca:15:bf:
3f:44:0a:5a:7e:4d:e7:67:a3:b2:19:98:87:dc:00:9c:93:14:
40:52:ca:ba:18:09:3d:28:fc:be:82:12:6c:3a:a1:1f:3f:52:
c5:9f:eb:b2:ff:ec:05:73:95:af:30:00:0c:88:50:e9:09:6e:
4b:0c:6b:40:e4:60:8e:ef:01:57:7f:26:34:f5:c1:23:aa:07:
f8:55:4d:0e:f7:be:da:a0:48:f7:06:9f:46:d8:14:ef:b6:7f:
42:6e:4c:af:b5:91:8f:8b:1e:b9:16:16:b4:88:49:e5:8c:a7:
e0:b9:40:0b:1c:32:c9:2a:8f:e5:0e:b5:f1:ad:e2:a3:fd:86:
8f:8d:fe:01:f1:78:18:d6:6c:e6:4a:92:2b:87:12:c7:97:88:
fb:06:fa:ec:95:21:c3:e9:67:1e:1b:6c:a0:4e:c9:81:cf:73:
cf:11:14:4e:f3:10:59:aa:f1:73:41:18:d9:2b:37:05:a1:fc:
c4:3e:09:51:30:85:f2:64:c9:59:3c:71:bb:91:99:ee:9a:4a:
57:5a:fa:24
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEBAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG
M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yMzA1MTkw
NTUzMzJaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDczOTJCM0IxMjc4NDRB
NjcyNTQ3OTczRjUyQkE3RUIyM0E1NTNDREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNUoJf8Ct5bPlLZu0bC5FpQJOVm4QkjVqAo48kFb+imN4RCkJC
lM699/QGG7N2mImphO404tCPJMcfhhCU6DlH1UF2/jf9+7wWQ2AfItokbqXsW1Fo
K94A9jPO/70NbEEY/2ScbtDzdZIJ8phgt/rkRM/xC3KI5RQh3Cr0TcKpW+bXmlkK
EfSRBs7JQgM8noaXJuSyPsOCWmUJVm6Ph5gQdeXYetU3vPQNq2/hDRiyANaL4JtY
Ph2QBYvCMGKYqru1RmFoz6q6MCWXJlfxBYDYoz+g2Hib/fwEyMB2LkHAj4No89fh
n6HQv7KhBvTqWQ37pisiabWYWbAl/7YOQsKFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUc5KzsSeESmclR5c/Urp+sjpVPNowHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox
Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy
L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyL2M1S3pzU2VFU21jbFI1
Y19VcnAtc2pwVlBOby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ4H6QwDQYJKoZIhvcNAQELBQADggEBAJ6E1Him+b5+mqjpqH0XpKRq+120w2l+
jv80NfviT2ok88oMFhxAnc/9a3yfv0M5gbgYDMoVvz9EClp+Tedno7IZmIfcAJyT
FEBSyroYCT0o/L6CEmw6oR8/UsWf67L/7AVzla8wAAyIUOkJbksMa0DkYI7vAVd/
JjT1wSOqB/hVTQ73vtqgSPcGn0bYFO+2f0JuTK+1kY+LHrkWFrSISeWMp+C5QAsc
Mskqj+UOtfGt4qP9ho+N/gHxeBjWbOZKkiuHEseXiPsG+uyVIcPpZx4bbKBOyYHP
c88RFE7zEFmq8XNBGNkrNwWh/MQ+CVEwhfJkyVk8cbuRme6aSlda+iQ=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org