Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/sp-vzytnokQZhS81RR9mAioxSxg.roa
File: sp-vzytnokQZhS81RR9mAioxSxg.roa (raw, json)
Hash identifier: McnNUI5WOsfwoSBusMokTMfvgMy5acEvZakOh8YiuWs=
Subject key identifier: B2:9F:AF:CF:2B:67:A2:44:19:85:2F:35:45:1F:66:02:2A:31:4B:18
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 13F2
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/sp-vzytnokQZhS81RR9mAioxSxg.roa
Signing time: Fri 19 May 2023 05:55:24 +0000
ROA not before: Fri 19 May 2023 05:55:24 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 24424
IP address blocks: 2401:3800::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:24:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5106 (0x13f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: May 19 05:55:24 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=B29FAFCF2B67A24419852F35451F66022A314B18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:0d:7e:99:e2:08:cd:6a:eb:22:37:94:7d:
ad:6e:c1:43:f7:cb:79:94:a0:ce:a1:eb:84:04:81:
c1:7f:50:00:8d:a4:9a:51:fc:77:ba:a5:88:26:e6:
c3:1f:f4:c7:a9:21:c8:af:8e:f2:f0:5f:60:5b:a9:
be:b5:0a:7d:12:d2:0c:45:5c:87:a0:66:91:24:c9:
7c:59:99:d5:e5:d1:85:82:c5:3f:1c:ae:bc:2f:5b:
b6:25:37:7f:28:1d:8f:2d:18:d0:c5:84:b4:b4:35:
90:93:90:90:11:65:14:60:c8:fd:1f:e6:e9:5a:f9:
83:4e:2b:79:4b:af:0b:1b:3e:ad:09:79:5c:ed:e1:
8b:d7:b7:7f:01:28:1a:7c:e4:bd:b7:39:e8:4c:af:
55:15:09:96:ad:52:54:9f:78:d2:05:05:84:51:85:
27:20:b3:20:0b:9e:40:ff:f1:f4:4d:a0:01:d6:29:
b0:50:5d:4b:3f:32:b5:b2:3b:44:dc:7b:12:79:fb:
38:c8:db:ed:69:5f:18:a4:86:8a:13:f2:af:62:ad:
0f:55:f0:23:44:b4:2f:df:e4:15:98:76:ae:a9:61:
1f:f8:17:da:a5:24:e9:71:4b:72:3b:25:c6:cc:89:
7f:9d:d6:80:f7:d8:d6:85:a3:ca:83:de:16:d2:68:
12:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9F:AF:CF:2B:67:A2:44:19:85:2F:35:45:1F:66:02:2A:31:4B:18
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/sp-vzytnokQZhS81RR9mAioxSxg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3800::/32
Signature Algorithm: sha256WithRSAEncryption
92:2e:fa:36:27:72:d5:da:1e:91:e8:a2:25:ab:b9:46:b0:25:
0b:b1:6f:99:b3:dd:b0:d5:d2:3c:57:73:ba:08:26:4d:07:52:
72:df:fd:93:dd:fc:2d:d5:6a:2a:cb:b7:a0:70:0a:7f:7e:fc:
46:1b:7a:27:f8:e1:ad:75:43:f7:2a:5b:5e:b2:f8:d7:34:93:
4e:7c:72:2a:70:98:62:c7:d0:ac:1b:9e:2d:0c:54:4b:a7:46:
44:fa:ce:39:09:95:e2:fa:77:fe:91:c2:eb:6c:8e:3d:a6:65:
9a:d1:8d:39:4c:5e:af:0d:3e:21:55:de:24:02:c3:3e:14:d7:
53:7d:c2:cb:d1:c8:13:47:20:0e:99:2a:9e:d9:bf:23:ec:ad:
2c:5f:3b:e1:dc:91:59:af:10:c3:a8:7d:e2:c6:84:a5:3f:01:
c5:f0:aa:bb:80:2c:d8:6d:e8:d3:e5:be:d1:be:e9:5d:cc:bc:
4c:2f:44:23:20:cb:8a:1f:2c:6e:e8:90:da:12:0a:67:0d:85:
89:52:e9:71:7f:92:cd:cb:a7:fa:49:72:70:dc:6b:36:4f:ce:
89:8e:49:cd:b3:eb:db:37:a9:08:dc:f3:c9:be:e2:94:21:5b:
a6:8d:f0:dc:54:29:66:40:80:52:ce:a1:0d:32:ca:43:20:e8:
99:55:7a:e6
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICE/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yMzA1MTkw
NTU1MjRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEIyOUZBRkNGMkI2N0Ey
NDQxOTg1MkYzNTQ1MUY2NjAyMkEzMTRCMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR3A1+meIIzWrrIjeUfa1uwUP3y3mUoM6h64QEgcF/UACNpJpR
/He6pYgm5sMf9MepIcivjvLwX2Bbqb61Cn0S0gxFXIegZpEkyXxZmdXl0YWCxT8c
rrwvW7YlN38oHY8tGNDFhLS0NZCTkJARZRRgyP0f5ula+YNOK3lLrwsbPq0JeVzt
4YvXt38BKBp85L23OehMr1UVCZatUlSfeNIFBYRRhScgsyALnkD/8fRNoAHWKbBQ
XUs/MrWyO0TcexJ5+zjI2+1pXxikhooT8q9irQ9V8CNEtC/f5BWYdq6pYR/4F9ql
JOlxS3I7JcbMiX+d1oD32NaFo8qD3hbSaBJfAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUsp+vzytnokQZhS81RR9mAioxSxgwHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL3NwLXZ6eXRub2tRWmhT
ODFSUjltQWlveFN4Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkATgAMA0GCSqGSIb3DQEBCwUAA4IBAQCSLvo2J3LV2h6R6KIlq7lGsCULsW+Z
s92w1dI8V3O6CCZNB1Jy3/2T3fwt1Woqy7egcAp/fvxGG3on+OGtdUP3KltesvjX
NJNOfHIqcJhix9CsG54tDFRLp0ZE+s45CZXi+nf+kcLrbI49pmWa0Y05TF6vDT4h
Vd4kAsM+FNdTfcLL0cgTRyAOmSqe2b8j7K0sXzvh3JFZrxDDqH3ixoSlPwHF8Kq7
gCzYbejT5b7RvuldzLxML0QjIMuKHyxu6JDaEgpnDYWJUulxf5LNy6f6SXJw3Gs2
T86JjknNs+vbN6kI3PPJvuKUIVumjfDcVClmQIBSzqENMspDIOiZVXrm
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org