Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/3GihL8qw6COPeR5hNr5zPf9X3Dk.roa
File: 3GihL8qw6COPeR5hNr5zPf9X3Dk.roa (raw, json)
Hash identifier: Gnos0h9yCIOjg3DlsCNhgm+gx67TuQwQ6Kj/231ennQ=
Subject key identifier: DC:68:A1:2F:CA:B0:E8:23:8F:79:1E:61:36:BE:73:3D:FF:57:DC:39
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 04C5
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3GihL8qw6COPeR5hNr5zPf9X3Dk.roa
Signing time: Mon 11 Sep 2023 13:06:42 +0000
ROA not before: Mon 11 Sep 2023 13:06:42 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 34549
IP address blocks: 123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/23 maxlen: 24
210.79.70.0/24 maxlen: 24
210.79.71.0/24 maxlen: 24
210.79.77.0/24 maxlen: 24
210.79.89.0/24 maxlen: 24
210.79.90.0/24 maxlen: 24
210.79.91.0/24 maxlen: 24
210.79.101.0/24 maxlen: 24
210.79.112.0/24 maxlen: 24
210.79.114.0/24 maxlen: 24
210.79.115.0/24 maxlen: 24
211.149.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1221 (0x4c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 11 13:06:42 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=DC68A12FCAB0E8238F791E6136BE733DFF57DC39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:19:f0:d2:87:25:19:93:f9:38:24:7e:bd:a4:
20:98:3d:ac:3b:41:89:e3:44:31:e7:15:9b:6d:c7:
69:b1:c8:2f:e6:64:f4:db:35:6e:c2:fd:56:c2:b8:
f6:c6:44:f2:f9:e7:96:09:2c:e7:f7:02:0c:49:bc:
04:92:79:f0:e0:15:61:17:a3:d6:e3:01:db:58:ac:
ce:ef:fe:01:ff:b3:86:85:57:a1:8d:82:13:b1:d4:
c5:35:67:dd:07:34:b3:59:fc:16:20:8d:94:8e:9e:
17:29:7c:43:83:de:1d:54:98:b4:f1:82:91:26:30:
66:b8:50:93:83:00:22:a0:4d:3d:39:f9:2e:60:4d:
0f:12:22:47:a1:db:18:17:9e:76:83:bc:32:64:3e:
39:4a:2b:41:2c:5f:b3:78:60:cf:93:21:8c:99:84:
f8:7b:f4:0a:67:38:d1:6a:20:98:07:10:54:e9:a2:
68:24:69:ce:24:5f:6f:6d:34:fa:17:8e:f9:68:4e:
e5:eb:dd:23:9c:76:8a:54:08:31:6d:28:18:e4:66:
76:f6:6b:ec:df:9e:4d:95:3c:8f:b0:92:2b:65:24:
d1:90:d9:47:46:9e:2c:0d:08:e9:33:a3:4a:70:82:
64:b3:6a:5f:08:a9:e8:c3:6d:49:4d:ef:de:c1:e1:
4a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:68:A1:2F:CA:B0:E8:23:8F:79:1E:61:36:BE:73:3D:FF:57:DC:39
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3GihL8qw6COPeR5hNr5zPf9X3Dk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.80.0/22
123.98.100.0/22
210.79.68.0/22
210.79.77.0/24
210.79.89.0-210.79.91.255
210.79.101.0/24
210.79.112.0/24
210.79.114.0/23
211.149.32.0/22
Signature Algorithm: sha256WithRSAEncryption
55:2f:cf:d2:0e:15:ac:32:99:35:21:d7:6c:7e:6b:4c:a6:08:
44:23:b5:a5:e1:4b:d6:d2:b9:a1:46:fa:e3:7a:ad:3b:03:3d:
cb:34:52:1c:74:72:1d:ef:66:b3:44:90:68:df:76:80:2d:3e:
d9:ed:ff:35:06:89:ab:7f:41:f6:0d:3f:cb:84:8e:d7:ff:af:
d7:c7:e6:c2:87:e8:7d:a2:5d:58:bc:23:9f:c9:27:d8:63:19:
61:cd:b8:0a:17:d2:72:92:f4:97:60:ea:1b:18:e1:ef:8b:4b:
ea:b9:b9:61:e3:43:a0:64:25:ac:14:eb:cc:67:5f:4c:f1:b3:
ec:e8:dc:e0:d3:a1:f3:69:cc:9f:f7:d9:7f:9d:1a:de:7b:d0:
f0:3a:b7:2c:4a:ac:b0:9f:fc:a8:23:c9:3b:69:6d:12:ae:9e:
be:71:3e:18:49:b0:89:5f:2a:02:22:fd:b6:0d:42:f0:e8:ab:
57:48:5d:30:1b:b5:bd:d6:aa:26:90:ab:3c:d9:56:8c:2b:aa:
53:17:2f:58:8b:31:b9:e5:3c:6c:9a:60:f6:dc:55:08:24:21:
49:6c:4e:5c:b0:be:0c:20:3f:58:ce:e0:35:a2:45:8e:bf:7a:
21:6b:23:9b:53:76:cc:d9:00:9b:6a:19:c8:0f:65:ee:a9:14:
20:29:38:cc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgICBMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA5MTEx
MzA2NDJaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKERDNjhBMTJGQ0FCMEU4
MjM4Rjc5MUU2MTM2QkU3MzNERkY1N0RDMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqGfDShyUZk/k4JH69pCCYPaw7QYnjRDHnFZttx2mxyC/mZPTb
NW7C/VbCuPbGRPL555YJLOf3AgxJvASSefDgFWEXo9bjAdtYrM7v/gH/s4aFV6GN
ghOx1MU1Z90HNLNZ/BYgjZSOnhcpfEOD3h1UmLTxgpEmMGa4UJODACKgTT05+S5g
TQ8SIkeh2xgXnnaDvDJkPjlKK0EsX7N4YM+TIYyZhPh79ApnONFqIJgHEFTpomgk
ac4kX29tNPoXjvloTuXr3SOcdopUCDFtKBjkZnb2a+zfnk2VPI+wkitlJNGQ2UdG
niwNCOkzo0pwgmSzal8IqejDbUlN797B4UqTAgMBAAGjggIpMIICJTAdBgNVHQ4E
FgQU3GihL8qw6COPeR5hNr5zPf9X3DkwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzNHaWhMOHF3NkNPUGVS
NWhOcjV6UGY5WDNEay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4D
BAJ7YlADBAJ7YmQDBALST0QDBADST00wDAMEANJPWQMEAtJPWAMEANJPZQMEANJP
cAMEAdJPcgMEAtOVIDANBgkqhkiG9w0BAQsFAAOCAQEAVS/P0g4VrDKZNSHXbH5r
TKYIRCO1peFL1tK5oUb643qtOwM9yzRSHHRyHe9ms0SQaN92gC0+2e3/NQaJq39B
9g0/y4SO1/+v18fmwofofaJdWLwjn8kn2GMZYc24ChfScpL0l2DqGxjh74tL6rm5
YeNDoGQlrBTrzGdfTPGz7Ojc4NOh82nMn/fZf50a3nvQ8Dq3LEqssJ/8qCPJO2lt
Eq6evnE+GEmwiV8qAiL9tg1C8OirV0hdMBu1vdaqJpCrPNlWjCuqUxcvWIsxueU8
bJpg9txVCCQhSWxOXLC+DCA/WM7gNaJFjr96IWsjm1N2zNkAm2oZyA9l7qkUICk4
zA==
-----END CERTIFICATE-----
Generated at Tue Sep 12 11:11:56 2023 by rpki-client on console-ams.rpki-client.org