Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/wHnl57lekkBPFwmtlT_rmk39jz8.roa
File: wHnl57lekkBPFwmtlT_rmk39jz8.roa (raw, json)
Hash identifier: 5wQMaD9Wc7Is9XVBMjs//CDhT5O2qNr/rzV8yr6BGSc=
Subject key identifier: C0:79:E5:E7:B9:5E:92:40:4F:17:09:AD:95:3F:EB:9A:4D:FD:8F:3F
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 0F04
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/wHnl57lekkBPFwmtlT_rmk39jz8.roa
Signing time: Mon 18 Mar 2024 06:43:29 +0000
ROA not before: Mon 18 Mar 2024 06:43:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 2914
IP address blocks: 180.223.32.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 07:19:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3844 (0xf04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Mar 18 06:43:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C079E5E7B95E92404F1709AD953FEB9A4DFD8F3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f7:51:7b:07:af:0f:f8:40:c3:c0:f2:2d:9b:
09:ba:22:af:a8:43:c2:56:bf:cc:32:24:26:5e:de:
ff:e1:f0:77:d6:7c:3b:cd:13:bb:0e:b9:4c:a3:78:
af:0a:c8:dc:e7:56:eb:73:a7:8d:3b:a0:fe:b7:0b:
53:1c:2a:ba:db:35:aa:13:98:bf:53:39:ec:85:7d:
fc:ca:96:3d:9b:d5:56:40:be:87:81:23:52:67:cc:
5c:62:68:b5:e8:dc:c1:18:5f:bd:30:64:61:73:d1:
67:e0:d1:c3:cf:08:7b:e2:e0:90:25:01:e5:5f:50:
1c:55:f7:f3:0c:b1:09:41:81:18:6f:15:38:ad:dc:
5b:e9:19:6d:1f:ad:b3:43:bc:38:47:04:8d:bb:71:
55:69:fe:e3:ba:a0:3d:2d:65:ba:3d:b0:8c:da:69:
97:8e:72:57:8d:82:f8:33:76:07:b1:28:9d:4a:a5:
34:05:c2:66:92:44:7b:98:85:7e:79:76:ff:f8:cc:
56:76:83:9c:d1:38:d5:ee:79:66:25:66:ec:c8:d9:
2c:af:3a:4c:70:0c:ff:fb:a6:1b:84:e1:93:34:b5:
d0:a9:33:13:4a:a2:38:4b:0b:56:ae:be:a3:4e:4e:
9a:ee:61:56:38:cb:9c:a6:5d:71:61:7e:b0:45:e3:
7b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:79:E5:E7:B9:5E:92:40:4F:17:09:AD:95:3F:EB:9A:4D:FD:8F:3F
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/wHnl57lekkBPFwmtlT_rmk39jz8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.32.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:95:36:67:7d:06:60:7a:6c:12:3c:56:9a:e8:23:52:67:38:
1e:54:6b:ab:1c:64:2d:92:eb:80:d8:ba:a2:24:d0:cc:2d:cc:
f4:8e:84:10:02:b5:c5:bc:70:37:88:ee:c8:a3:d0:a7:cd:b3:
5c:71:27:75:32:9f:41:7a:32:ab:05:05:ab:f2:59:61:f0:d7:
09:f8:0d:00:07:76:3e:d0:40:de:a6:48:20:b5:3a:1a:7f:59:
ba:49:e6:2e:2d:13:8d:d4:e2:60:8f:0b:e5:17:60:c7:7b:f0:
64:8e:53:98:ce:08:c7:89:a7:f4:29:ac:2b:cf:50:59:3f:f6:
19:01:1c:f5:f5:2a:e3:a0:05:17:bd:43:84:0a:31:b5:f2:0e:
ce:55:18:de:d0:ac:56:c1:62:62:4e:71:6e:5c:36:10:15:8e:
f5:8c:cb:31:2e:b5:2d:b6:4b:35:da:7e:d3:55:ad:8d:2b:2d:
bd:9e:e8:7d:b3:b1:a1:f6:58:c6:08:08:89:98:6a:3b:11:e3:
f1:54:8e:01:ec:7c:46:96:46:49:ee:a5:d0:86:8f:53:a9:6f:
88:64:e4:be:6a:e6:2c:95:14:fe:db:12:7b:34:e9:42:65:e8:
e9:60:26:de:d4:28:93:9e:70:9d:90:8e:78:ea:33:56:00:65:
df:83:a6:b9
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDwQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDAzMTgw
NjQzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwNzlFNUU3Qjk1RTky
NDA0RjE3MDlBRDk1M0ZFQjlBNERGRDhGM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa91F7B68P+EDDwPItmwm6Iq+oQ8JWv8wyJCZe3v/h8HfWfDvN
E7sOuUyjeK8KyNznVutzp407oP63C1McKrrbNaoTmL9TOeyFffzKlj2b1VZAvoeB
I1JnzFxiaLXo3MEYX70wZGFz0Wfg0cPPCHvi4JAlAeVfUBxV9/MMsQlBgRhvFTit
3FvpGW0frbNDvDhHBI27cVVp/uO6oD0tZbo9sIzaaZeOcleNgvgzdgexKJ1KpTQF
wmaSRHuYhX55dv/4zFZ2g5zRONXueWYlZuzI2SyvOkxwDP/7phuE4ZM0tdCpMxNK
ojhLC1auvqNOTpruYVY4y5ymXXFhfrBF43v3AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUwHnl57lekkBPFwmtlT/rmk39jz8wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvd0hubDU3bGVra0JQ
RndtdGxUX3JtazM5ano4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7TfIDANBgkqhkiG9w0BAQsFAAOCAQEAS5U2Z30GYHpsEjxWmugjUmc4HlRr
qxxkLZLrgNi6oiTQzC3M9I6EEAK1xbxwN4juyKPQp82zXHEndTKfQXoyqwUFq/JZ
YfDXCfgNAAd2PtBA3qZIILU6Gn9ZuknmLi0TjdTiYI8L5Rdgx3vwZI5TmM4Ix4mn
9CmsK89QWT/2GQEc9fUq46AFF71DhAoxtfIOzlUY3tCsVsFiYk5xblw2EBWO9YzL
MS61LbZLNdp+01WtjSstvZ7ofbOxofZYxggIiZhqOxHj8VSOAex8RpZGSe6l0IaP
U6lviGTkvmrmLJUU/tsSezTpQmXo6WAm3tQok55wnZCOeOozVgBl34OmuQ==
-----END CERTIFICATE-----
Generated at Mon Mar 18 09:28:09 2024 by rpki-client on console-fra.rpki-client.org