Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/BLcwhEFnUu5cnpAhaDLZ3PVqdTk.roa
File: BLcwhEFnUu5cnpAhaDLZ3PVqdTk.roa (raw, json)
Hash identifier: BQijg1pC2GMpevbUvYC6G/jVVePhjcQtokQ1sqNyiUs=
Subject key identifier: 04:B7:30:84:41:67:52:EE:5C:9E:90:21:68:32:D9:DC:F5:6A:75:39
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 19B2
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/BLcwhEFnUu5cnpAhaDLZ3PVqdTk.roa
Signing time: Wed 13 Mar 2024 01:24:02 +0000
ROA not before: Wed 13 Mar 2024 01:24:02 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 24424
IP address blocks: 2401:3800::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 May 2024 02:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6578 (0x19b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: Mar 13 01:24:02 2024 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=04B73084416752EE5C9E90216832D9DCF56A7539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:20:a2:25:0f:56:cd:81:81:5e:30:ae:9c:a0:
7d:8c:a4:29:0c:b9:5b:25:b6:d7:2c:26:a8:27:b5:
42:ac:5d:fc:57:c2:30:73:34:7e:01:ad:c2:6c:4f:
73:65:ad:4b:ac:d7:06:29:00:88:25:b2:9c:b7:c4:
7e:c4:6b:e2:33:d9:5e:59:d7:0c:19:26:df:7c:22:
ab:41:82:dd:6b:d0:2c:25:b2:b2:0e:c9:f0:90:cc:
d0:42:50:a8:77:78:ae:f8:0f:84:fd:c2:92:f7:f1:
75:38:77:5f:08:d0:d8:3d:e9:50:5d:07:9d:41:47:
20:5a:65:1c:57:42:a1:0f:62:91:d6:d9:2d:23:76:
48:7c:06:71:0e:22:77:13:a9:73:48:7b:f5:c6:89:
be:6c:25:9e:fa:8c:8a:63:00:80:1c:25:81:eb:5a:
45:f8:e0:f3:cc:c1:2f:02:93:34:93:a3:84:8b:d8:
0d:f7:17:3f:00:8c:65:cf:49:1e:65:bc:d0:47:8e:
07:c9:aa:c5:84:49:37:0d:60:9f:6c:20:0e:a5:f3:
7c:74:f5:1e:eb:bc:99:2e:84:7d:86:e3:be:37:b9:
72:19:cb:6e:c0:44:47:ef:86:66:43:da:1f:c2:1f:
bc:83:74:8e:c5:b1:e7:3b:44:ac:e0:97:43:6a:f7:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B7:30:84:41:67:52:EE:5C:9E:90:21:68:32:D9:DC:F5:6A:75:39
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/BLcwhEFnUu5cnpAhaDLZ3PVqdTk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3800::/32
Signature Algorithm: sha256WithRSAEncryption
9e:f8:11:23:90:bf:07:57:35:2b:56:1d:b4:ec:40:bc:51:bd:
00:4c:de:ff:0c:05:96:4b:28:8b:b3:83:d7:0d:1d:49:76:ac:
c7:eb:7e:ed:36:6d:e4:b0:5d:5c:ee:c8:f7:c6:ce:87:e4:b4:
05:69:cf:27:fe:5c:6e:21:39:8d:01:a9:7a:ad:09:e2:4f:69:
10:e8:cf:92:5c:5e:9e:a1:fd:3d:9f:0a:40:7f:34:b4:a4:e0:
81:bb:b7:e8:6f:21:81:0e:92:09:dd:6e:9a:d8:cf:19:4c:1d:
a1:59:76:dc:07:b6:f4:2c:b1:d6:03:2f:cf:55:e7:c9:16:4f:
3e:a6:ae:72:21:89:2f:52:9d:bd:53:32:22:25:1d:6c:4f:77:
c8:46:a1:65:a7:6a:aa:33:e5:2d:b6:9e:89:30:e0:31:10:cf:
d0:34:f2:d5:23:fe:ab:79:17:99:22:69:ae:b4:16:6a:65:af:
0a:dd:01:76:73:b8:68:81:8c:0d:f2:7a:3f:a3:78:ef:c4:62:
f6:45:6d:90:7f:76:06:28:42:10:aa:32:30:ae:00:d3:ef:4b:
cf:4f:0a:67:fb:66:c6:76:7e:6f:be:2d:65:df:a8:a6:16:91:
22:2f:c8:78:2e:c7:f9:2a:ef:50:aa:48:bf:69:bb:00:04:6c:
80:54:3c:7b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICGbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNDAzMTMw
MTI0MDJaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDA0QjczMDg0NDE2NzUy
RUU1QzlFOTAyMTY4MzJEOURDRjU2QTc1MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDIKIlD1bNgYFeMK6coH2MpCkMuVslttcsJqgntUKsXfxXwjBz
NH4BrcJsT3NlrUus1wYpAIglspy3xH7Ea+Iz2V5Z1wwZJt98IqtBgt1r0CwlsrIO
yfCQzNBCUKh3eK74D4T9wpL38XU4d18I0Ng96VBdB51BRyBaZRxXQqEPYpHW2S0j
dkh8BnEOIncTqXNIe/XGib5sJZ76jIpjAIAcJYHrWkX44PPMwS8CkzSTo4SL2A33
Fz8AjGXPSR5lvNBHjgfJqsWESTcNYJ9sIA6l83x09R7rvJkuhH2G4743uXIZy27A
REfvhmZD2h/CH7yDdI7Fsec7RKzgl0Nq91iHAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUBLcwhEFnUu5cnpAhaDLZ3PVqdTkwHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL0JMY3doRUZuVXU1Y25w
QWhhRExaM1BWcWRUay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkATgAMA0GCSqGSIb3DQEBCwUAA4IBAQCe+BEjkL8HVzUrVh207EC8Ub0ATN7/
DAWWSyiLs4PXDR1JdqzH637tNm3ksF1c7sj3xs6H5LQFac8n/lxuITmNAal6rQni
T2kQ6M+SXF6eof09nwpAfzS0pOCBu7fobyGBDpIJ3W6a2M8ZTB2hWXbcB7b0LLHW
Ay/PVefJFk8+pq5yIYkvUp29UzIiJR1sT3fIRqFlp2qqM+Uttp6JMOAxEM/QNPLV
I/6reReZImmutBZqZa8K3QF2c7hogYwN8no/o3jvxGL2RW2Qf3YGKEIQqjIwrgDT
70vPTwpn+2bGdn5vvi1l36imFpEiL8h4Lsf5Ku9Qqki/absABGyAVDx7
-----END CERTIFICATE-----
Generated at Fri May 24 04:47:34 2024 by rpki-client on console-ams.rpki-client.org