Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/ocK-ORxKYmf2DtvUYrIetxn855Q.roa
File: ocK-ORxKYmf2DtvUYrIetxn855Q.roa (raw, json)
Hash identifier: KDxi1ZiFF9WnBu8/Kavjv7oD6T1J3cDFDiRF4nc6IOU=
Subject key identifier: A1:C2:BE:39:1C:4A:62:67:F6:0E:DB:D4:62:B2:1E:B7:19:FC:E7:94
Certificate issuer: /CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Certificate serial: 0D38
Authority key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/ocK-ORxKYmf2DtvUYrIetxn855Q.roa
Signing time: Tue 02 Jan 2024 06:18:13 +0000
ROA not before: Tue 02 Jan 2024 06:18:13 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 37963
IP address blocks: 110.75.0.0/17 maxlen: 17
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:18:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3384 (0xd38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Validity
Not Before: Jan 2 06:18:13 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=A1C2BE391C4A6267F60EDBD462B21EB719FCE794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2d:1c:e9:d8:30:83:2a:aa:3c:88:9e:99:75:
3b:1e:f5:0a:2d:9b:0b:bb:1b:5f:87:7d:64:a1:8b:
35:0b:66:ee:41:ff:49:51:f8:93:77:59:44:be:21:
5b:fb:07:b3:8a:1c:38:d2:6b:af:0f:9e:11:8c:d5:
9e:8b:04:0e:57:ed:9c:18:f5:95:70:da:ed:94:f1:
1c:6c:0d:da:2f:99:64:fc:b6:ad:2e:c6:77:76:af:
7f:49:83:68:1c:61:1d:1b:92:36:0a:48:94:90:98:
6d:42:2f:7c:5d:e3:08:8f:11:60:97:95:36:30:ec:
d9:b5:15:bf:c2:c4:79:41:1c:c8:14:88:26:35:53:
e6:9a:49:01:d8:8f:6e:4e:ae:72:b8:9e:2c:8d:e9:
d0:b1:bb:18:6b:69:e0:3f:4d:af:f1:ae:a4:80:23:
e4:25:47:ba:52:9d:41:81:ff:a2:ab:b5:5b:9e:6d:
65:70:41:60:bd:03:f4:f1:0c:75:b5:9c:e3:a1:2c:
ff:9c:e8:15:24:c9:f8:5d:07:e0:76:ae:f3:ef:92:
22:1a:a4:7d:89:1c:2e:5d:41:16:c3:0f:bf:63:4c:
ca:25:50:d5:bf:c9:cc:33:8f:26:af:67:b0:be:1e:
10:59:ab:ab:31:80:00:9e:fd:8b:d3:dd:57:68:93:
0e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C2:BE:39:1C:4A:62:67:F6:0E:DB:D4:62:B2:1E:B7:19:FC:E7:94
X509v3 Authority Key Identifier:
keyid:85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/ocK-ORxKYmf2DtvUYrIetxn855Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.75.0.0/17
Signature Algorithm: sha256WithRSAEncryption
00:6a:45:a0:2d:75:da:7b:31:67:02:64:d7:e2:07:42:05:62:
4e:38:60:f3:fd:69:05:b2:2d:50:88:a8:9c:b7:f7:ad:ae:cc:
d2:4c:b8:8b:e0:e7:5e:6f:e7:0a:9e:9f:a6:04:0e:c2:64:eb:
1f:71:b9:7a:ed:89:c5:2d:ce:8c:a2:cc:98:2f:61:53:29:38:
3b:39:da:a3:37:43:23:6a:0f:35:be:e3:41:41:01:ad:f2:c5:
ca:ad:06:a2:d2:3b:12:95:88:a9:cd:19:c0:5b:29:2d:f2:d9:
eb:24:ac:9d:e4:56:85:e2:a2:31:b7:96:7d:fb:65:6e:ef:2a:
4b:5d:2b:cc:69:11:f5:50:35:4c:4d:86:2a:1f:61:8d:ea:03:
20:38:8a:56:78:c0:79:a9:19:0f:5d:f2:c4:66:14:10:2c:4e:
a0:85:e4:7c:21:1c:bb:92:3e:99:7f:3e:22:c0:d8:b3:e7:00:
21:c9:f7:d0:dc:ca:21:97:66:fa:1c:01:d2:98:30:ff:88:e9:
8c:e4:f1:35:e7:d4:9c:48:81:68:c4:f6:61:63:34:a6:ff:f6:
6d:83:83:4a:d6:b2:17:46:63:d2:aa:2b:06:5a:05:4d:80:2a:
51:e1:32:3a:8d:11:8d:97:99:51:7d:04:ac:15:30:de:eb:57:
50:a4:8b:a1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU2
REE4NUY5QThBMjg2QjY1Mjg3MEQ0RTQ3NjM1RkYzRDBFOTJBRTAeFw0yNDAxMDIw
NjE4MTNaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKEExQzJCRTM5MUM0QTYy
NjdGNjBFREJENDYyQjIxRUI3MTlGQ0U3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWLRzp2DCDKqo8iJ6ZdTse9Qotmwu7G1+HfWShizULZu5B/0lR
+JN3WUS+IVv7B7OKHDjSa68PnhGM1Z6LBA5X7ZwY9ZVw2u2U8RxsDdovmWT8tq0u
xnd2r39Jg2gcYR0bkjYKSJSQmG1CL3xd4wiPEWCXlTYw7Nm1Fb/CxHlBHMgUiCY1
U+aaSQHYj25OrnK4niyN6dCxuxhraeA/Ta/xrqSAI+QlR7pSnUGB/6KrtVuebWVw
QWC9A/TxDHW1nOOhLP+c6BUkyfhdB+B2rvPvkiIapH2JHC5dQRbDD79jTMolUNW/
ycwzjyavZ7C+HhBZq6sxgACe/YvT3Vdokw7tAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUocK+ORxKYmf2DtvUYrIetxn855QwHwYDVR0jBBgwFoAUhW2oX5qKKGtlKHDU
5HY1/z0Okq4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx
L2hXMm9YNXFLS0d0bEtIRFU1SFkxX3owT2txNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL29jSy1PUnhLWW1mMkR0
dlVZcklldHhuODU1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAduSwAwDQYJKoZIhvcNAQELBQADggEBAABqRaAtddp7MWcCZNfiB0IFYk44YPP9
aQWyLVCIqJy3962uzNJMuIvg515v5wqen6YEDsJk6x9xuXrticUtzoyizJgvYVMp
ODs52qM3QyNqDzW+40FBAa3yxcqtBqLSOxKViKnNGcBbKS3y2eskrJ3kVoXiojG3
ln37ZW7vKktdK8xpEfVQNUxNhiofYY3qAyA4ilZ4wHmpGQ9d8sRmFBAsTqCF5Hwh
HLuSPpl/PiLA2LPnACHJ99DcyiGXZvocAdKYMP+I6Yzk8TXn1JxIgWjE9mFjNKb/
9m2Dg0rWshdGY9KqKwZaBU2AKlHhMjqNEY2XmVF9BKwVMN7rV1Cki6E=
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:46:28 2024 by rpki-client on console-fra.rpki-client.org