Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/FYlN2oDbepOpvq2WkJWSnMsPvms.roa
File: FYlN2oDbepOpvq2WkJWSnMsPvms.roa (raw, json)
Hash identifier: cdcPZqsEOSxQjQGft6Vwhp0uZZTNWd2aB6iVGDncuzA=
Subject key identifier: 15:89:4D:DA:80:DB:7A:93:A9:BE:AD:96:90:95:92:9C:CB:0F:BE:6B
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 19B3
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/FYlN2oDbepOpvq2WkJWSnMsPvms.roa
Signing time: Wed 13 Mar 2024 01:24:02 +0000
ROA not before: Wed 13 Mar 2024 01:24:02 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 24424
IP address blocks: 203.208.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 02:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6579 (0x19b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: Mar 13 01:24:02 2024 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=15894DDA80DB7A93A9BEAD969095929CCB0FBE6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:ed:19:e3:c4:81:1b:0b:5d:d4:7b:50:c2:
1a:eb:ac:d0:e3:53:c8:0b:eb:5f:6d:d5:71:dd:52:
b5:15:4f:47:c1:ba:d1:0a:6c:4f:95:67:12:cb:ba:
16:74:af:84:b9:57:2b:3c:14:b3:73:e2:fb:bd:6d:
32:27:1e:41:c7:f4:5b:15:a3:db:a9:86:03:19:d5:
1c:d9:e2:be:ba:f8:46:1c:4e:93:2c:b7:83:ab:5c:
33:9f:2c:b1:66:d2:00:0d:9f:2f:f2:d2:eb:f0:6a:
1d:0e:72:ef:c8:59:40:b8:1a:d8:f3:3b:50:99:e1:
82:f2:09:4e:d5:ee:9a:b2:bd:58:ab:56:43:27:56:
67:37:d3:b0:69:e6:43:07:f2:6e:91:ba:c7:5d:c8:
94:77:9c:58:46:d8:15:74:e2:d9:87:cb:5e:1d:31:
59:8a:3f:30:4c:cf:f9:6f:13:75:61:1b:c1:50:55:
c9:e0:9f:fd:18:fb:b3:2a:ba:85:48:5e:b5:44:a5:
88:1c:3f:3b:9f:31:3b:69:b6:a9:2a:70:f6:4f:26:
39:68:74:ee:e8:ce:22:4b:4f:85:81:0b:62:fd:66:
17:aa:d0:b2:4a:f6:93:39:7f:50:c3:5a:55:03:7a:
83:e8:ef:ff:ed:a4:a4:9a:d7:ae:d1:6b:10:91:68:
4b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:89:4D:DA:80:DB:7A:93:A9:BE:AD:96:90:95:92:9C:CB:0F:BE:6B
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/FYlN2oDbepOpvq2WkJWSnMsPvms.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
07:cd:a0:64:56:03:b9:a8:55:77:98:93:db:dd:f3:67:9e:93:
ec:3f:ad:2c:bd:67:cd:42:a1:5c:79:89:44:bf:ee:2a:81:64:
1e:87:3c:43:b5:28:69:8c:17:62:a4:33:0c:0f:83:7b:e7:8c:
93:54:77:46:f4:44:52:2a:95:30:ec:54:49:9a:35:ca:80:c2:
4b:f9:8f:6e:16:ca:26:8b:24:28:a2:93:f4:80:46:3c:de:7e:
4a:7b:cb:c9:6f:b9:dc:ef:2a:db:32:82:6d:fd:70:30:6e:ba:
86:bf:c6:da:f2:a2:82:0b:ec:24:10:f6:4d:42:08:da:62:3b:
33:66:81:04:3b:42:47:ad:a3:38:4e:19:3d:ec:3b:1d:c4:3a:
23:79:3f:aa:bf:ba:7d:b8:60:d3:f1:80:72:cf:b5:59:08:27:
1a:0b:29:26:7f:10:50:4c:c0:12:6e:f6:22:2a:72:0e:e1:a1:
20:8c:fc:3f:13:85:09:34:6f:a8:d9:a8:b6:c8:a5:af:32:b7:
97:64:cc:f6:57:d0:4d:c4:cf:86:d3:8b:b2:e8:3f:b0:24:b3:
fa:7f:3c:4f:fc:e9:8b:ec:fd:54:79:36:11:38:c0:eb:ef:74:
91:16:ab:57:30:b9:60:70:02:b4:31:73:56:ca:e3:ed:84:c0:
07:09:54:44
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNDAzMTMw
MTI0MDJaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDE1ODk0RERBODBEQjdB
OTNBOUJFQUQ5NjkwOTU5MjlDQ0IwRkJFNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNu+0Z48SBGwtd1HtQwhrrrNDjU8gL619t1XHdUrUVT0fButEK
bE+VZxLLuhZ0r4S5Vys8FLNz4vu9bTInHkHH9FsVo9uphgMZ1RzZ4r66+EYcTpMs
t4OrXDOfLLFm0gANny/y0uvwah0Ocu/IWUC4GtjzO1CZ4YLyCU7V7pqyvVirVkMn
Vmc307Bp5kMH8m6RusddyJR3nFhG2BV04tmHy14dMVmKPzBMz/lvE3VhG8FQVcng
n/0Y+7MquoVIXrVEpYgcPzufMTtptqkqcPZPJjlodO7oziJLT4WBC2L9Zheq0LJK
9pM5f1DDWlUDeoPo7//tpKSa167RaxCRaEtTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFYlN2oDbepOpvq2WkJWSnMsPvmswHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL0ZZbE4yb0RiZXBPcHZx
MldrSldTbk1zUHZtcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAXL0CAwDQYJKoZIhvcNAQELBQADggEBAAfNoGRWA7moVXeYk9vd82eek+w/rSy9
Z81CoVx5iUS/7iqBZB6HPEO1KGmMF2KkMwwPg3vnjJNUd0b0RFIqlTDsVEmaNcqA
wkv5j24WyiaLJCiik/SARjzefkp7y8lvudzvKtsygm39cDBuuoa/xtryooIL7CQQ
9k1CCNpiOzNmgQQ7QketozhOGT3sOx3EOiN5P6q/un24YNPxgHLPtVkIJxoLKSZ/
EFBMwBJu9iIqcg7hoSCM/D8ThQk0b6jZqLbIpa8yt5dkzPZX0E3Ez4bTi7LoP7Ak
s/p/PE/86Yvs/VR5NhE4wOvvdJEWq1cwuWBwArQxc1bK4+2EwAcJVEQ=
-----END CERTIFICATE-----
Generated at Fri May 24 04:47:34 2024 by rpki-client on console-ams.rpki-client.org