Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3246/zTotVqhcImLMx3suZ15tN86eeDM.roa
File: zTotVqhcImLMx3suZ15tN86eeDM.roa (raw, json)
Hash identifier: taSYjmBN+0RqZ6j3Mw3yPU3Lf3FTjQNrAepRBiO8OOU=
Subject key identifier: CD:3A:2D:56:A8:5C:22:62:CC:C7:7B:2E:67:5E:6D:37:CE:9E:78:33
Certificate issuer: /CN=2CB67186E296C89E1F34779ED66A077F7E050CCB
Certificate serial: 01AB
Authority key identifier: 2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/zTotVqhcImLMx3suZ15tN86eeDM.roa
Signing time: Wed 28 Feb 2024 04:46:09 +0000
ROA not before: Wed 28 Feb 2024 04:46:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 211392
IP address blocks: 210.87.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 09:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427 (0x1ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2CB67186E296C89E1F34779ED66A077F7E050CCB
Validity
Not Before: Feb 28 04:46:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CD3A2D56A85C2262CCC77B2E675E6D37CE9E7833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0d:8b:f6:e9:57:32:2c:53:3e:28:97:3a:1a:
59:ea:84:ed:ca:0a:d4:71:45:c8:f8:04:ba:70:74:
59:ad:8b:60:c7:81:2e:5d:64:20:7f:d0:5e:6d:87:
98:cd:af:cb:e8:16:ca:d0:ae:06:40:a1:6e:06:e7:
f8:78:0d:95:5f:1b:b1:a9:8c:ca:1c:52:07:a9:47:
71:01:17:f0:86:d9:ee:f2:d5:e6:6b:c4:f9:56:0f:
42:d3:5b:1f:47:44:1c:71:92:14:d5:3d:92:87:b8:
12:f6:4c:dc:d6:c4:0c:a3:82:bf:7f:ec:cf:a5:b6:
da:a8:3e:cc:0e:fb:90:54:42:ab:fd:1b:8b:f7:5a:
f3:0b:f0:85:bc:70:7e:6f:c0:92:d8:d2:86:2e:62:
0d:bf:c9:d4:f8:73:5c:c4:2e:66:f0:34:d2:71:c1:
5f:71:03:8d:25:67:15:2a:a5:a2:6f:2f:a2:c0:f0:
95:1c:34:c4:27:df:6a:e3:ab:c2:de:cf:3a:0c:3a:
81:72:a3:12:8e:d2:1d:5b:f3:0b:8d:86:7d:6a:46:
4f:87:c5:17:71:4f:2d:e8:cb:45:96:65:84:30:71:
4c:e2:11:db:7b:02:7f:8b:25:f7:aa:71:39:35:fa:
2c:6a:4c:07:f6:77:0c:f0:21:9c:be:4a:e2:ba:2a:
c6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3A:2D:56:A8:5C:22:62:CC:C7:7B:2E:67:5E:6D:37:CE:9E:78:33
X509v3 Authority Key Identifier:
keyid:2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/zTotVqhcImLMx3suZ15tN86eeDM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.87.72.0/23
Signature Algorithm: sha256WithRSAEncryption
72:84:e1:8a:7d:06:66:a8:23:e5:1c:91:a8:c3:64:e7:92:a5:
df:c6:6c:60:07:fe:08:c0:59:6f:e9:21:22:68:ab:01:6b:cd:
70:bc:d4:e6:7d:20:4c:76:40:31:82:89:ad:e3:34:19:e9:b8:
5b:84:90:03:1d:14:65:dc:b4:4f:19:5e:be:f2:ac:ba:95:79:
7e:12:b4:65:6e:fb:0a:7a:de:3e:4c:44:dd:35:fd:57:da:6d:
06:39:e0:b0:dc:22:c6:39:bb:7f:fc:e8:48:ab:1d:d1:bc:e1:
cf:ee:83:e8:c3:f3:8a:b2:98:2b:d5:21:ab:4a:01:90:63:82:
75:17:c4:7f:17:31:36:7d:5d:d1:fa:f3:2d:fe:0d:45:97:4b:
c5:21:ba:d5:b7:cc:c4:a0:1e:7c:70:e0:c2:74:dd:07:f5:a7:
30:81:78:33:60:b0:2b:cf:24:78:c6:1e:32:23:5a:6d:18:8d:
d2:46:03:b3:76:e9:a4:75:49:9c:88:13:16:bb:ae:b5:4c:61:
20:43:c7:c1:0e:7c:0b:84:b6:bb:7b:0e:6d:44:72:9a:a8:8e:
4b:b7:c7:6a:7f:0f:39:21:58:d5:9e:d6:34:92:23:6f:e3:45:
21:cb:5d:e2:c9:d1:e7:56:60:ec:a9:13:21:f5:56:e5:46:8e:
24:bf:53:00
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNC
NjcxODZFMjk2Qzg5RTFGMzQ3NzlFRDY2QTA3N0Y3RTA1MENDQjAeFw0yNDAyMjgw
NDQ2MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENEM0EyRDU2QTg1QzIy
NjJDQ0M3N0IyRTY3NUU2RDM3Q0U5RTc4MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuDYv26VcyLFM+KJc6GlnqhO3KCtRxRcj4BLpwdFmti2DHgS5d
ZCB/0F5th5jNr8voFsrQrgZAoW4G5/h4DZVfG7GpjMocUgepR3EBF/CG2e7y1eZr
xPlWD0LTWx9HRBxxkhTVPZKHuBL2TNzWxAyjgr9/7M+lttqoPswO+5BUQqv9G4v3
WvML8IW8cH5vwJLY0oYuYg2/ydT4c1zELmbwNNJxwV9xA40lZxUqpaJvL6LA8JUc
NMQn32rjq8LezzoMOoFyoxKO0h1b8wuNhn1qRk+HxRdxTy3oy0WWZYQwcUziEdt7
An+LJfeqcTk1+ixqTAf2dwzwIZy+SuK6KsblAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUzTotVqhcImLMx3suZ15tN86eeDMwHwYDVR0jBBgwFoAULLZxhuKWyJ4fNHee
1moHf34FDMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI0
Ni9MTFp4aHVLV3lKNGZOSGVlMW1vSGYzNEZETXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xMWnhodUtXeUo0Zk5IZWUxbW9IZjM0RkRNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNDYvelRvdFZxaGNJbUxN
eDNzdVoxNXROODZlZURNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAdJXSDANBgkqhkiG9w0BAQsFAAOCAQEAcoThin0GZqgj5RyRqMNk55Kl38Zs
YAf+CMBZb+khImirAWvNcLzU5n0gTHZAMYKJreM0Gem4W4SQAx0UZdy0TxlevvKs
upV5fhK0ZW77CnrePkxE3TX9V9ptBjngsNwixjm7f/zoSKsd0bzhz+6D6MPzirKY
K9Uhq0oBkGOCdRfEfxcxNn1d0frzLf4NRZdLxSG61bfMxKAefHDgwnTdB/WnMIF4
M2CwK88keMYeMiNabRiN0kYDs3bppHVJnIgTFruutUxhIEPHwQ58C4S2u3sObURy
mqiOS7fHan8POSFY1Z7WNJIjb+NFIctd4snR51Zg7KkTIfVW5UaOJL9TAA==
-----END CERTIFICATE-----
Generated at Fri May 24 12:54:21 2024 by rpki-client on console-fra.rpki-client.org