Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/OW8TZElW7C1OnuJq74BFStexiw4.roa
File: OW8TZElW7C1OnuJq74BFStexiw4.roa (raw, json)
Hash identifier: rJ+3X3RWIk4YnFNPh4JOyCqf+2LTr5NeYhkdLcfORJk=
Subject key identifier: 39:6F:13:64:49:56:EC:2D:4E:9E:E2:6A:EF:80:45:4A:D7:B1:8B:0E
Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434
Certificate serial: 0D5D
Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/OW8TZElW7C1OnuJq74BFStexiw4.roa
Signing time: Tue 02 Jan 2024 06:19:06 +0000
ROA not before: Tue 02 Jan 2024 06:19:06 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 37963
IP address blocks: 47.112.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3421 (0xd5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434
Validity
Not Before: Jan 2 06:19:06 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=396F13644956EC2D4E9EE26AEF80454AD7B18B0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:f9:4e:19:4e:e9:b6:e6:7f:da:dd:cd:16:
4e:d2:f7:da:21:e4:9c:ed:15:34:db:e9:7f:36:39:
a5:74:44:29:ea:b5:eb:fc:ca:44:c7:43:e9:78:29:
08:70:84:42:2a:69:7f:9d:05:9e:2d:4c:b1:36:91:
8a:0b:95:8e:17:a0:9a:26:5d:ea:7d:96:d7:8c:49:
50:0e:57:7a:59:56:63:63:6d:92:43:cd:8c:94:3e:
8f:4e:d9:cb:5f:e2:3d:a7:30:1d:ca:72:71:6a:6d:
13:4f:ba:48:4e:c2:37:cd:3a:e3:3e:c4:61:da:73:
2e:a4:03:10:18:eb:29:cb:a1:b4:18:e6:fc:a5:18:
6f:c4:d0:0f:a2:e2:3e:66:cb:c7:30:d6:b0:cb:7e:
b7:e0:9b:87:d3:2d:1d:e9:3c:71:22:99:10:a1:c5:
5c:9f:52:01:08:71:4b:35:3c:63:fc:06:a4:77:26:
88:a9:09:40:1a:c2:75:c2:5a:49:4c:15:b4:28:6d:
07:d5:f8:6f:ac:fe:cc:ab:8f:4c:8b:89:67:75:27:
bc:d5:e5:07:37:02:82:70:11:68:9d:d1:ee:a1:50:
c4:2c:f6:e2:42:c1:4d:6d:a3:01:c9:e5:44:ea:be:
30:b2:69:c6:aa:52:af:75:a7:2f:8d:be:3c:b4:25:
41:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6F:13:64:49:56:EC:2D:4E:9E:E2:6A:EF:80:45:4A:D7:B1:8B:0E
X509v3 Authority Key Identifier:
keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/OW8TZElW7C1OnuJq74BFStexiw4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
47.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
27:af:57:fa:d9:d3:e0:62:dd:66:7e:63:e0:f3:c6:35:95:11:
11:55:56:9f:55:05:68:3e:73:af:80:8c:50:1d:c4:e8:29:34:
d6:08:e9:fe:5b:62:9d:3c:c1:cf:2a:20:d7:8e:b9:68:88:30:
55:c2:aa:f4:b3:c8:65:ce:f9:9b:df:57:0b:4d:4e:b9:da:21:
51:40:d4:bf:c0:84:bc:1a:e1:51:9e:ad:c6:c4:be:07:63:f2:
42:af:32:54:b1:f5:a4:a8:88:83:99:06:a3:41:57:a1:77:3f:
04:12:d3:25:b7:95:54:bc:8c:db:03:37:da:af:c9:25:39:38:
c0:42:43:91:45:1c:a2:00:79:3e:24:60:1d:e9:23:f4:71:73:
25:1a:67:eb:e5:7d:f4:af:62:04:4f:76:f6:28:fa:c3:17:85:
1e:f3:8a:e9:24:ae:0e:9c:ae:84:60:eb:d4:95:7a:d9:ca:bb:
08:af:97:1c:80:98:69:f2:ca:3e:f1:2e:3c:5c:52:39:a7:c2:
fc:b3:e2:80:e1:5f:14:3b:a4:cc:b9:d9:02:77:fb:89:85:61:
17:7b:26:9a:10:7c:48:8a:b8:bd:f9:9e:f5:aa:b0:a0:b8:af:
3c:18:4c:2d:a3:5e:5d:a2:ad:5d:56:c2:80:d2:59:3d:74:de:
1a:d7:02:35
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw
QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNDAxMDIw
NjE5MDZaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDM5NkYxMzY0NDk1NkVD
MkQ0RTlFRTI2QUVGODA0NTRBRDdCMThCMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAEPlOGU7ptuZ/2t3NFk7S99oh5JztFTTb6X82OaV0RCnqtev8
ykTHQ+l4KQhwhEIqaX+dBZ4tTLE2kYoLlY4XoJomXep9lteMSVAOV3pZVmNjbZJD
zYyUPo9O2ctf4j2nMB3KcnFqbRNPukhOwjfNOuM+xGHacy6kAxAY6ynLobQY5vyl
GG/E0A+i4j5my8cw1rDLfrfgm4fTLR3pPHEimRChxVyfUgEIcUs1PGP8BqR3Joip
CUAawnXCWklMFbQobQfV+G+s/syrj0yLiWd1J7zV5Qc3AoJwEWid0e6hUMQs9uJC
wU1towHJ5UTqvjCyacaqUq91py+Nvjy0JUEZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOW8TZElW7C1OnuJq74BFStexiw4wHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/
uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L09XOFRaRWxXN0MxT251
SnE3NEJGU3RleGl3NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwEvcDANBgkqhkiG9w0BAQsFAAOCAQEAJ69X+tnT4GLdZn5j4PPGNZUREVVWn1UF
aD5zr4CMUB3E6Ck01gjp/ltinTzBzyog1465aIgwVcKq9LPIZc75m99XC01Oudoh
UUDUv8CEvBrhUZ6txsS+B2PyQq8yVLH1pKiIg5kGo0FXoXc/BBLTJbeVVLyM2wM3
2q/JJTk4wEJDkUUcogB5PiRgHekj9HFzJRpn6+V99K9iBE929ij6wxeFHvOK6SSu
DpyuhGDr1JV62cq7CK+XHICYafLKPvEuPFxSOafC/LPigOFfFDukzLnZAnf7iYVh
F3smmhB8SIq4vfme9aqwoLivPBhMLaNeXaKtXVbCgNJZPXTeGtcCNQ==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:53:40 2024 by rpki-client on console-ams.rpki-client.org