Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/44uLu_PIJe9NSV-55JonLOV6MB0.roa
File: 44uLu_PIJe9NSV-55JonLOV6MB0.roa (raw, json)
Hash identifier: uDpdBdy+frxEiLNJi8nw1cUhOZG5PeuvKA3D/GOgvbQ=
Subject key identifier: E3:8B:8B:BB:F3:C8:25:EF:4D:49:5F:B9:E4:9A:27:2C:E5:7A:30:1D
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 08D1
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/44uLu_PIJe9NSV-55JonLOV6MB0.roa
Signing time: Wed 13 Mar 2024 06:56:29 +0000
ROA not before: Wed 13 Mar 2024 06:56:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.4.0/22 maxlen: 24
123.98.16.0/22 maxlen: 24
123.98.24.0/22 maxlen: 24
123.98.36.0/22 maxlen: 24
123.98.52.0/22 maxlen: 24
123.98.92.0/22 maxlen: 24
211.149.76.0/22 maxlen: 24
211.149.80.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 07:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2257 (0x8d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Mar 13 06:56:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E38B8BBBF3C825EF4D495FB9E49A272CE57A301D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a6:51:2f:ef:c9:0f:1e:0d:8f:97:bd:85:cf:
b0:39:78:12:71:6e:ce:ca:57:ef:0f:f0:64:54:62:
61:f2:cd:9f:0d:88:49:f6:f4:78:d7:50:28:11:ad:
51:bb:98:e9:f0:d6:7e:49:53:5d:57:7b:ba:95:d2:
05:ca:5d:34:84:12:4b:5c:98:62:ed:ad:44:d1:6e:
08:40:1a:64:72:29:a5:30:37:86:c9:58:0d:d8:80:
61:79:10:57:4c:05:1e:52:ef:1b:26:8a:58:f7:8b:
b2:8f:25:51:4d:5b:9f:82:e5:fb:0a:06:b0:f6:a3:
45:a6:20:f3:15:c5:1e:ff:1c:b4:73:63:22:cd:96:
5a:46:bf:5c:72:b8:ff:ee:c4:e0:36:8b:9f:51:22:
f6:9d:20:19:42:f9:2d:bf:e1:46:81:a4:2d:ba:b5:
86:40:f2:77:fd:fd:45:84:44:ed:aa:a4:0f:37:c5:
0c:09:22:51:c4:42:fa:cc:c3:1b:97:ad:8b:cd:16:
db:b9:f4:20:65:60:00:2a:23:12:6f:7a:43:cc:8f:
0a:57:9f:33:ea:8d:ca:5d:21:77:18:89:91:bd:39:
b5:ec:f0:1d:d2:0e:cc:99:29:b9:35:4e:32:33:33:
2e:bc:0a:98:01:ec:9e:dd:cd:d3:b1:55:f3:7a:b1:
51:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:8B:8B:BB:F3:C8:25:EF:4D:49:5F:B9:E4:9A:27:2C:E5:7A:30:1D
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/44uLu_PIJe9NSV-55JonLOV6MB0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.4.0/22
123.98.16.0/22
123.98.24.0/22
123.98.36.0/22
123.98.52.0/22
123.98.92.0/22
211.149.76.0-211.149.83.255
211.149.88.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:81:83:e7:a6:93:92:f4:d5:32:d4:97:f4:22:e4:a1:0e:8d:
87:a9:14:52:7a:72:92:a3:ee:04:37:88:a0:e9:f5:47:4d:2a:
6e:e4:57:20:23:95:2b:79:27:0b:63:be:15:d9:43:e5:7c:60:
85:6a:ae:ff:c4:5b:c4:94:87:30:40:4a:8c:9f:01:8e:98:48:
c9:f6:65:aa:3b:63:99:ad:3e:20:e3:20:f7:1f:9b:49:a5:80:
64:0e:11:a7:a5:65:c4:16:7c:86:5f:89:a7:9a:18:0a:4c:80:
99:33:0e:8f:cf:d6:55:61:e4:3c:3a:59:0a:9f:35:2a:91:ad:
b8:a7:5d:1c:09:13:e4:6f:ad:0e:95:6d:23:cb:a8:7f:01:0a:
75:47:3e:08:ae:a5:4a:ef:a6:ea:78:3c:1b:91:d0:91:3b:ac:
ed:28:7d:db:64:1c:7f:1e:12:f8:f0:f5:69:4c:46:8c:39:9b:
7d:f2:00:c4:83:8f:f4:f4:40:c6:75:2d:83:aa:61:a5:21:72:
10:00:ed:72:c9:71:a6:ba:39:38:00:9d:31:25:f7:00:0d:84:
54:3d:45:86:77:97:f0:82:aa:49:bd:7d:0b:c1:c4:26:b4:ac:
c7:b2:e3:fb:4b:55:63:b4:41:ea:dd:d1:c1:40:9e:05:80:1a:
b6:cf:16:2e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICCNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAzMTMw
NjU2MjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzOEI4QkJCRjNDODI1
RUY0RDQ5NUZCOUU0OUEyNzJDRTU3QTMwMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtplEv78kPHg2Pl72Fz7A5eBJxbs7KV+8P8GRUYmHyzZ8NiEn2
9HjXUCgRrVG7mOnw1n5JU11Xe7qV0gXKXTSEEktcmGLtrUTRbghAGmRyKaUwN4bJ
WA3YgGF5EFdMBR5S7xsmilj3i7KPJVFNW5+C5fsKBrD2o0WmIPMVxR7/HLRzYyLN
llpGv1xyuP/uxOA2i59RIvadIBlC+S2/4UaBpC26tYZA8nf9/UWERO2qpA83xQwJ
IlHEQvrMwxuXrYvNFtu59CBlYAAqIxJvekPMjwpXnzPqjcpdIXcYiZG9ObXs8B3S
DsyZKbk1TjIzMy68CpgB7J7dzdOxVfN6sVGXAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQU44uLu/PIJe9NSV+55JonLOV6MB0wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzQ0dUx1X1BJSmU5TlNW
LTU1Sm9uTE9WNk1CMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgD
BAJ7YgQDBAJ7YhADBAJ7YhgDBAJ7YiQDBAJ7YjQDBAJ7YlwwDAMEAtOVTAMEAtOV
UAMEAtOVWDANBgkqhkiG9w0BAQsFAAOCAQEAtYGD56aTkvTVMtSX9CLkoQ6Nh6kU
UnpykqPuBDeIoOn1R00qbuRXICOVK3knC2O+FdlD5XxghWqu/8RbxJSHMEBKjJ8B
jphIyfZlqjtjma0+IOMg9x+bSaWAZA4Rp6VlxBZ8hl+Jp5oYCkyAmTMOj8/WVWHk
PDpZCp81KpGtuKddHAkT5G+tDpVtI8uofwEKdUc+CK6lSu+m6ng8G5HQkTus7Sh9
22Qcfx4S+PD1aUxGjDmbffIAxIOP9PRAxnUtg6phpSFyEADtcslxpro5OACdMSX3
AA2EVD1FhneX8IKqSb19C8HEJrSsx7Lj+0tVY7RB6t3RwUCeBYAats8WLg==
-----END CERTIFICATE-----
Generated at Thu Mar 21 10:30:37 2024 by rpki-client on console-ams.rpki-client.org