Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3252/zYNJmM5XkDvtUwKVwM8L66gG9B4.roa
File: zYNJmM5XkDvtUwKVwM8L66gG9B4.roa (raw, json)
Hash identifier: xkrSz3XXvXay09mscxThOFHsu7pw5K3GtLsmtx1BZLo=
Subject key identifier: CD:83:49:98:CE:57:90:3B:ED:53:02:95:C0:CF:0B:EB:A8:06:F4:1E
Certificate issuer: /CN=E6CF46C8583654CB69E2DFC3AE83DDC145E4932A
Certificate serial: 03
Authority key identifier: E6:CF:46:C8:58:36:54:CB:69:E2:DF:C3:AE:83:DD:C1:45:E4:93:2A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5s9GyFg2VMtp4t_DroPdwUXkkyo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/zYNJmM5XkDvtUwKVwM8L66gG9B4.roa
Signing time: Tue 02 Jan 2024 04:24:11 +0000
ROA not before: Tue 02 Jan 2024 04:24:11 +0000
ROA not after: Wed 01 Jan 2025 02:06:08 +0000
asID: 63538
IP address blocks: 157.10.34.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Jan 2024 07:47:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E6CF46C8583654CB69E2DFC3AE83DDC145E4932A
Validity
Not Before: Jan 2 04:24:11 2024 GMT
Not After : Jan 1 02:06:08 2025 GMT
Subject: CN=CD834998CE57903BED530295C0CF0BEBA806F41E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6c:4b:58:b8:ec:67:89:3c:3c:24:a0:5f:b7:
35:93:af:b9:d0:1e:32:3e:1e:07:a9:cd:2d:bc:a0:
dd:fc:db:0e:07:73:90:ee:fa:ec:29:ac:01:24:5a:
86:41:4e:d9:19:9f:33:fd:5d:a7:20:93:e4:9a:d4:
21:7a:ca:e3:0b:d4:91:b7:b7:5f:29:08:5b:49:09:
4c:29:54:0e:c2:11:11:0f:75:0f:cf:dc:d0:54:a5:
68:5e:95:91:9d:67:29:d2:64:53:b5:7d:7d:3b:3a:
e9:a9:97:28:0b:be:38:59:1f:7e:9d:a1:ee:63:5d:
e9:78:0e:c1:e3:e9:76:1f:5f:46:71:31:3c:27:d8:
ad:a4:6b:3a:36:2a:30:ec:fd:af:d7:a1:f7:0c:63:
33:07:34:a2:e6:17:48:34:fd:24:19:9b:cb:e5:31:
25:5f:39:70:d8:9a:20:3c:9f:87:6b:ac:94:0c:53:
84:e8:10:98:43:e9:1e:be:2a:19:c2:87:0b:03:a6:
6a:b2:b7:88:f0:47:cc:ce:bf:e6:e6:cf:ae:68:f5:
f1:77:19:dd:1c:3d:69:e3:73:ab:00:40:99:49:2f:
74:66:30:c8:af:b4:98:64:5f:65:fe:75:27:f8:5b:
8f:fb:be:1c:fb:2a:e7:5e:7e:2d:8a:58:34:b9:81:
66:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:83:49:98:CE:57:90:3B:ED:53:02:95:C0:CF:0B:EB:A8:06:F4:1E
X509v3 Authority Key Identifier:
keyid:E6:CF:46:C8:58:36:54:CB:69:E2:DF:C3:AE:83:DD:C1:45:E4:93:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/5s9GyFg2VMtp4t_DroPdwUXkkyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5s9GyFg2VMtp4t_DroPdwUXkkyo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/zYNJmM5XkDvtUwKVwM8L66gG9B4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.34.0/24
Signature Algorithm: sha256WithRSAEncryption
01:88:aa:d3:fb:70:36:9f:de:33:51:27:42:1b:15:63:60:9c:
48:25:00:bf:47:c2:f2:55:63:75:0c:b1:f3:bc:a8:d9:fe:b3:
b4:f9:82:fe:ea:e4:73:2c:48:b2:ca:40:03:e7:f4:41:aa:fe:
2d:91:a2:70:98:73:2a:35:8d:36:e8:f0:aa:46:74:af:ea:59:
70:91:7d:8e:74:ae:7f:11:69:13:cc:25:67:c6:db:d0:9d:32:
aa:14:08:3c:78:1c:72:7a:21:f4:e3:cd:dd:c0:f5:bc:f7:dc:
33:96:35:c1:9f:43:4c:a8:5c:8e:cb:e7:5c:ef:1d:68:cb:d1:
79:cc:f0:55:00:0f:e8:fe:0f:d7:b2:18:f9:c0:35:2c:fa:07:
f0:1a:69:9f:a6:d9:99:e8:eb:03:7f:a0:29:59:db:6f:e5:fc:
68:0b:5e:ef:3d:e0:65:4d:61:c4:bc:b7:de:cd:52:a4:b8:cc:
a5:d7:67:92:1f:f7:e5:42:81:48:1f:55:fa:3d:82:ad:c7:96:
27:6a:68:18:4c:f6:cc:11:59:81:60:d6:21:79:c6:2a:e9:24:
55:e7:00:8a:bd:db:d0:28:9a:47:df:82:7c:05:f2:0c:16:f3:
77:52:91:2a:ea:be:2f:16:76:a5:5f:f7:92:a9:65:c9:2f:63:
20:f0:33:e6
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFNkNG
NDZDODU4MzY1NENCNjlFMkRGQzNBRTgzRERDMTQ1RTQ5MzJBMB4XDTI0MDEwMjA0
MjQxMVoXDTI1MDEwMTAyMDYwOFowMzExMC8GA1UEAxMoQ0Q4MzQ5OThDRTU3OTAz
QkVENTMwMjk1QzBDRjBCRUJBODA2RjQxRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJpsS1i47GeJPDwkoF+3NZOvudAeMj4eB6nNLbyg3fzbDgdzkO76
7CmsASRahkFO2RmfM/1dpyCT5JrUIXrK4wvUkbe3XykIW0kJTClUDsIREQ91D8/c
0FSlaF6VkZ1nKdJkU7V9fTs66amXKAu+OFkffp2h7mNd6XgOwePpdh9fRnExPCfY
raRrOjYqMOz9r9eh9wxjMwc0ouYXSDT9JBmby+UxJV85cNiaIDyfh2uslAxThOgQ
mEPpHr4qGcKHCwOmarK3iPBHzM6/5ubPrmj18XcZ3Rw9aeNzqwBAmUkvdGYwyK+0
mGRfZf51J/hbj/u+HPsq515+LYpYNLmBZj0CAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBTNg0mYzleQO+1TApXAzwvrqAb0HjAfBgNVHSMEGDAWgBTmz0bIWDZUy2ni38Ou
g93BReSTKjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMjUy
LzVzOUd5RmcyVk10cDR0X0Ryb1Bkd1VYa2t5by5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNXM5R3lGZzJWTXRwNHRfRHJvUGR3VVhra3lvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1Mi96WU5KbU01WGtEdnRV
d0tWd004TDY2Z0c5QjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAnQoiMA0GCSqGSIb3DQEBCwUAA4IBAQABiKrT+3A2n94zUSdCGxVjYJxIJQC/
R8LyVWN1DLHzvKjZ/rO0+YL+6uRzLEiyykAD5/RBqv4tkaJwmHMqNY026PCqRnSv
6llwkX2OdK5/EWkTzCVnxtvQnTKqFAg8eBxyeiH0483dwPW899wzljXBn0NMqFyO
y+dc7x1oy9F5zPBVAA/o/g/Xshj5wDUs+gfwGmmfptmZ6OsDf6ApWdtv5fxoC17v
PeBlTWHEvLfezVKkuMyl12eSH/flQoFIH1X6PYKtx5YnamgYTPbMEVmBYNYhecYq
6SRV5wCKvdvQKJpH34J8BfIMFvN3UpEq6r4vFnalX/eSqWXJL2Mg8DPm
-----END CERTIFICATE-----
Generated at Thu Jan 18 10:25:27 2024 by rpki-client on console-fra.rpki-client.org