Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/4m_PZiyQr3qDz2Y1lzzrbvIbX0o.roa
File: 4m_PZiyQr3qDz2Y1lzzrbvIbX0o.roa (raw, json)
Hash identifier: h6MsYxVxQgTKvDVRFVLMq6fp+uf3yjWkJLHFfHpjceU=
Subject key identifier: E2:6F:CF:66:2C:90:AF:7A:83:CF:66:35:97:3C:EB:6E:F2:1B:5F:4A
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0B85
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/4m_PZiyQr3qDz2Y1lzzrbvIbX0o.roa
Signing time: Sun 21 Jul 2024 13:32:23 +0000
ROA not before: Sun 21 Jul 2024 13:32:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 2914
IP address blocks: 123.98.0.0/22 maxlen: 24
211.149.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 09:13:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2949 (0xb85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jul 21 13:32:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E26FCF662C90AF7A83CF6635973CEB6EF21B5F4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:18:5e:64:09:b4:27:4d:bb:19:de:86:2f:b6:
e2:11:fc:28:d9:89:a6:c2:b4:fe:69:0c:24:7b:ec:
25:61:b3:71:a5:e5:b1:d7:50:55:fd:04:b1:10:1c:
bf:9b:2e:5d:cb:1a:96:18:f0:15:84:b9:d3:61:9c:
bc:97:a7:6a:ba:6b:01:3c:6d:ef:b9:d0:39:46:1c:
21:44:99:dc:32:36:07:aa:de:5c:c6:4a:3d:a6:aa:
64:ed:9b:98:1e:68:c7:fe:8a:70:a6:47:dd:54:27:
20:ca:eb:39:31:fe:fd:19:ab:8d:79:99:d6:6a:4b:
a3:de:f2:f5:bd:45:a1:08:31:db:5c:94:bd:53:3f:
5e:a4:09:28:18:95:ca:78:8a:33:41:42:3d:e2:6c:
e9:ae:52:cc:db:da:65:a8:43:df:27:2d:4b:10:2c:
b9:93:e1:38:b1:8b:ff:c1:69:6b:ed:07:50:0d:42:
6b:ac:40:5c:f1:50:8a:f0:bb:29:2a:6b:16:b4:4e:
45:e6:38:34:12:6c:02:9f:a4:23:ec:60:d2:b5:9c:
45:1e:bc:69:0e:f9:4a:4b:2d:80:ca:38:8b:34:29:
93:b8:95:cc:44:05:94:a1:ee:78:1f:d2:e0:72:da:
b7:83:66:80:41:d2:98:69:9e:7f:aa:16:a4:3f:8f:
cf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6F:CF:66:2C:90:AF:7A:83:CF:66:35:97:3C:EB:6E:F2:1B:5F:4A
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/4m_PZiyQr3qDz2Y1lzzrbvIbX0o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.0.0/22
211.149.32.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:cb:cb:54:2b:c8:e9:eb:b1:56:34:44:09:65:65:4c:89:58:
94:e1:7c:b7:75:ef:13:99:49:c7:e4:6b:df:85:2c:bb:b0:d7:
b6:b3:bd:5e:30:22:0b:61:20:1e:51:a7:bf:85:19:c8:92:1f:
ad:96:db:19:0c:fa:5b:c4:26:07:fa:1e:81:6e:50:8d:0c:e5:
db:94:e6:e2:45:8c:b5:fa:75:9c:8e:62:97:be:b6:36:c6:28:
90:45:55:38:d8:fc:3d:2a:07:f1:3d:98:56:ca:1a:f5:b7:01:
73:66:ea:7e:63:26:09:d3:ab:a5:de:89:38:98:40:39:8f:73:
8b:88:22:6f:07:2c:f1:04:0b:79:85:72:1a:9d:aa:e0:a8:29:
6d:bd:36:23:a4:c8:0a:b9:60:9c:84:aa:cf:d6:e7:4d:3b:5c:
6c:fe:2f:9c:1c:69:ce:b3:1d:cc:5a:1b:16:e3:84:5e:f9:c6:
db:16:3d:2d:81:c6:5a:43:34:38:ba:49:db:8a:1c:78:79:6e:
98:d2:4c:94:d4:14:af:da:aa:4a:e1:3d:95:19:39:d6:dc:f8:
32:09:0e:18:9f:3f:6a:de:a3:56:77:f3:76:9f:29:20:8d:d4:
c9:df:42:a7:4a:bb:7b:4b:b0:d2:f6:15:65:c0:e9:e6:a4:aa:
e1:26:2f:2e
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICC4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA3MjEx
MzMyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUyNkZDRjY2MkM5MEFG
N0E4M0NGNjYzNTk3M0NFQjZFRjIxQjVGNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0GF5kCbQnTbsZ3oYvtuIR/CjZiabCtP5pDCR77CVhs3Gl5bHX
UFX9BLEQHL+bLl3LGpYY8BWEudNhnLyXp2q6awE8be+50DlGHCFEmdwyNgeq3lzG
Sj2mqmTtm5geaMf+inCmR91UJyDK6zkx/v0Zq415mdZqS6Pe8vW9RaEIMdtclL1T
P16kCSgYlcp4ijNBQj3ibOmuUszb2mWoQ98nLUsQLLmT4Tixi//BaWvtB1ANQmus
QFzxUIrwuykqaxa0TkXmODQSbAKfpCPsYNK1nEUevGkO+UpLLYDKOIs0KZO4lcxE
BZSh7ngf0uBy2reDZoBB0phpnn+qFqQ/j8+BAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQU4m/PZiyQr3qDz2Y1lzzrbvIbX0owHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzRtX1BaaXlRcjNxRHoy
WTFsenpyYnZJYlgwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BAJ7YgADBALTlSAwDQYJKoZIhvcNAQELBQADggEBAJzLy1QryOnrsVY0RAllZUyJ
WJThfLd17xOZScfka9+FLLuw17azvV4wIgthIB5Rp7+FGciSH62W2xkM+lvEJgf6
HoFuUI0M5duU5uJFjLX6dZyOYpe+tjbGKJBFVTjY/D0qB/E9mFbKGvW3AXNm6n5j
JgnTq6XeiTiYQDmPc4uIIm8HLPEEC3mFchqdquCoKW29NiOkyAq5YJyEqs/W5007
XGz+L5wcac6zHcxaGxbjhF75xtsWPS2BxlpDNDi6SduKHHh5bpjSTJTUFK/aqkrh
PZUZOdbc+DIJDhifP2reo1Z383afKSCN1MnfQqdKu3tLsNL2FWXA6eakquEmLy4=
-----END CERTIFICATE-----
Generated at Wed Jul 24 12:11:37 2024 by rpki-client on console-fra.rpki-client.org